f3b48bc2f7
This patch extends the listener API to include the new parameter 'allowed_cidrs'. This parameter is a list of IPv4 or IPv6 CIDRs. Leaving this list unset defaults to the traditional behavior of allowing all ingress traffic to the listener. Setting it will deny all traffic but all CIDRs set in the 'allowed_cidrs' list. Note that the API will validate that all CIDRs match the same IP version of the VIP. This may change later as part of work to allow multiple VIPs per LB (Change-Id Id7153dbf33b9616d7af685fcf13ad9a79793c06b). Task: 26210 Story: 2003686 Change-Id: Id2b560df1cde9ce9403afbd593bbaa6cae5f06d6
6 lines
134 B
YAML
6 lines
134 B
YAML
---
|
|
features:
|
|
- |
|
|
Added support to VIP access control list. Users can now limit incoming
|
|
traffic to a set of allowed CIDRs.
|