Neutron FWaaS Address Objects
There is a requirement to be able to capture a group of addresses (IP, MAC, or hostnames) in a single object. This group may be statically or dynamically created and can be referenced in a firewall_rule's source or destination fields.
The base extension resource will have provision for static IP object which is either a CIDR or a neutron subnet or a list/range of IP addresses.
Subsequent attribute extensions will add support for MAC addresses and host names, and the ability to flag a particular object as "dynamic" (such that the values for this object can be dynamically populated).
Blueprint information
- Status:
- Complete
- Approver:
- Mark McClain
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- Brian Torres-Gil
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
-
Unknown
- Milestone target:
- None
- Started by
- Completed by
- Armando Migliaccio
Related branches
Related bugs
Sprints
Whiteboard
Nov-13-2015(armax): If someone is interested in pursuing it, this must be re-submitted according to guidelines defined in [1], especially in light of fwaas v2 proposal.
[1] http://
-----------------
