[openstack-dev] [neutron] - Changing the Neutron default security group rules

Ihar Hrachyshka ihrachys at redhat.com
Thu Mar 3 09:48:36 UTC 2016

Kevin Benton <kevin at benton.pub> wrote:

> * Neutron cannot be trusted to do what it says it's doing with the  
> security groups API so users want to orchestrate firewalls directly on  
> their instances.

If that’s really a reason for someone, then they should just use ’noop'  
firewall_driver. Or port_security port extension if they need more control.


More information about the OpenStack-dev mailing list