yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1848131] [NEW] [FWaaS] Support blacklist filtering

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Yang Youseok <1848131@xxxxxxxxxxxxxxxxxx>
Date: Tue, 15 Oct 2019 06:24:57 -0000
Reply-to: Bug 1848131 <1848131@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Currently, FWaaS v1/v2 insert default rule 'deny all' and admin should
add white list to be allowed.

I think in private cloud, whitelist based filtering which by default
'allow all' and add black list to be filtered, also will be necessary.

For our cases, we have some sensitive services (DB[3306] for example) to
be blocked from some projects. By default, what we need is to block the
some ports from somewhere, we just changed default rule 'deny all' to
'allow all'. I will be happily accept if I can take this by config.

Thanks!

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1848131

Title:
  [FWaaS] Support blacklist filtering

Status in neutron:
  New

Bug description:
  Currently, FWaaS v1/v2 insert default rule 'deny all' and admin should
  add white list to be allowed.

  I think in private cloud, whitelist based filtering which by default
  'allow all' and add black list to be filtered, also will be necessary.

  For our cases, we have some sensitive services (DB[3306] for example)
  to be blocked from some projects. By default, what we need is to block
  the some ports from somewhere, we just changed default rule 'deny all'
  to 'allow all'. I will be happily accept if I can take this by config.

  Thanks!

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1848131/+subscriptions

Follow ups

[Bug 1848131] Re: [FWaaS] Support blacklist filtering
From: Hongbin Lu, 2019-10-15