yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1595515] [NEW] IpConntrackManager class in ip_conntrack.py should be a singleton to be used by both SG and FWaaS

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: chandan dutta chowdhury <chandanc@xxxxxxxxxxx>
Date: Thu, 23 Jun 2016 12:30:32 -0000
Reply-to: Bug 1595515 <1595515@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

The FWaaS V2 APIs is going to configure security rules at a port level.
It will need to use connection tracking and zone configuration methods
defined in the ip_conntrack.py and iptables_firewall.py in neutron
project.

Some methods in the IptablesFirewallDriver in iptables_firewall needs to
be moved to IpConntrackManager class in ip_conntrack.py. As
IpConntrackManager will be used by both SG and FWaaS V2 APIs and both of
them can be used at the same time, the IpConntrackManager should be a
singleton responsible for allocating and reclaiming zones assigned to
ports.

** Affects: neutron
     Importance: Undecided
     Assignee: chandan dutta chowdhury (chandanc)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => chandan dutta chowdhury (chandanc)

** Description changed:

  The FWaaS V2 APIs is going to configure security rules at a port level.
- It will need to use connection and zone configuration methods defined in
- the ip_conntrack.py and iptables_firewall.py in neutron project.
+ It will need to use connection tracking and zone configuration methods
+ defined in the ip_conntrack.py and iptables_firewall.py in neutron
+ project.
  
  Some methods in the IptablesFirewallDriver in iptables_firewall needs to
  be moved to IpConntrackManager class in ip_conntrack.py. As
  IpConntrackManager will be used by both SG and FWaaS V2 APIs and both of
  them can be used at the same time, the IpConntrackManager should be a
  singleton responsible for allocating and reclaiming zones assigned to
  ports.

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1595515

Title:
  IpConntrackManager class in ip_conntrack.py should be a singleton to
  be used by both SG and FWaaS

Status in neutron:
  New

Bug description:
  The FWaaS V2 APIs is going to configure security rules at a port
  level. It will need to use connection tracking and zone configuration
  methods defined in the ip_conntrack.py and iptables_firewall.py in
  neutron project.

  Some methods in the IptablesFirewallDriver in iptables_firewall needs
  to be moved to IpConntrackManager class in ip_conntrack.py. As
  IpConntrackManager will be used by both SG and FWaaS V2 APIs and both
  of them can be used at the same time, the IpConntrackManager should be
  a singleton responsible for allocating and reclaiming zones assigned
  to ports.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1595515/+subscriptions

Follow ups

[Bug 1595515] Re: IpConntrackManager class in ip_conntrack.py should be a singleton to be used by both SG and FWaaS
From: OpenStack Infra, 2016-11-06