Firewall services for OpenStack Neutron.

Go to file

Swaminathan Vasudevan 20fd026116 FWaaS-DVR: FWaaS rules not updated in DVR routers on compute host When a firewall is created after the routers have been deployed, we are supposed to manually do a firewall-update on specific routers where we wanted the firewall policy to be applied in the case of FWaaS-v1. But in the case of DVR routers, we have seen the firewall-update for routers that are deployed in the compute hosts are not getting propagated properly. The reason is the firewall update, firewall delete and firewall create events are not notified to all the respective router hosts. The original code only handles getting the host information from the routers that are scheduled to the l3 agent, but in the case of DVR routers, the routers are only scheduled to the network node l3 agents and the other distributed routers on compute are created based on the service port binding. This bug is applicable only for FWaaS-v1 and the patch should be applied for Rocky release and below, since FWaaS-v1 is not supported in Stein and Train release. This patch fixes the problem described above by taking care of collecting all the hosts involved with DVR routers and notifying them. Change-Id: I7ef193baba9447d0f09cd9544cce9d05a956b920 Closes-Bug: #1845557		2019-10-03 17:50:04 +00:00
devstack	Load neutron_fwaas.conf with '--config-file' for neutron-server	2019-03-10 08:29:39 +00:00
doc	[log] FWaaS L3 Logging driver based iptables	2018-08-09 17:47:47 +07:00
etc	Move remaining policy rules specific to neutron-fwaas	2017-07-10 20:16:23 +00:00
neutron_fwaas	FWaaS-DVR: FWaaS rules not updated in DVR routers on compute host	2019-10-03 17:50:04 +00:00
playbooks/neutron-fwaas-fullstack	OpenDev Migration Patch	2019-04-19 19:49:10 +00:00
releasenotes	Add releasenote for FWaaS v2 logging	2018-08-09 20:06:40 +09:00
tools	Add fullstack testing for neutron-fwaas	2018-05-22 13:12:59 +00:00
.coveragerc	Trivial-fix: Omit 'tests/*' in coverage result	2017-08-09 22:09:29 +09:00
.gitignore	Add Zuul v3 native midonet cross test	2018-01-21 12:11:13 +01:00
.gitreview	OpenDev Migration Patch	2019-04-19 19:49:10 +00:00
.mailmap	Add mailmap entry	2014-05-16 13:40:04 -04:00
.pylintrc	Fix typo in .pylintrc file	2017-02-09 17:19:01 +08:00
.testr.conf	After the services split, get neutron-fwaas Jenkins jobs passing	2014-12-09 00:00:29 -07:00
.zuul.yaml	OpenDev Migration Patch	2019-04-19 19:49:10 +00:00
CONTRIBUTING.rst	Update documentation files for FWaaS	2014-12-15 14:16:57 +00:00
HACKING.rst	Update documentation files for FWaaS	2014-12-15 14:16:57 +00:00
LICENSE	Adding Apache Version 2.0 license file. This is the official license agreement under which Quantum code is available to	2011-08-08 12:31:04 -07:00
README.rst	Add release note in README	2018-07-17 22:34:16 +08:00
TESTING.rst	DevStack plugin for fwaas	2016-06-24 17:03:10 +00:00
babel.cfg	Use babel to generate translation file	2013-01-24 00:20:32 +08:00
lower-constraints.txt	Upper-constrain neutron to stable/rocky	2019-01-17 17:39:49 +01:00
requirements.txt	Upper-constrain neutron to stable/rocky	2019-01-17 17:39:49 +01:00
setup.cfg	[log] FWaaS L3 Logging driver based iptables	2018-08-09 17:47:47 +07:00
setup.py	Updated from global requirements	2017-03-03 22:53:13 +00:00
test-requirements.txt	Check pep8 without ignoring D000	2018-05-30 09:12:27 +00:00
tox.ini	Update UPPER_CONSTRAINTS_FILE for stable/rocky	2018-08-09 21:53:10 +00:00

README.rst

Team and repository tags

Welcome!

This package contains the code for the Neutron Firewall as a Service (FWaaS) service. This package requires Neutron to run.

External Resources:

The homepage for Neutron is: https://launchpad.net/neutron. Use this site for asking for help, and filing bugs. We use a single Launchpad page for all Neutron projects.

Code is available on git.openstack.org at: <https://git.openstack.org/cgit/openstack/neutron-fwaas>.

Please refer to Neutron documentation for more information: Neutron README.rst

Get release notes: Neutron FWaaS Release Notes