https://blueprints.launchpad.net/neutron/+spec/fwaas-reject-rule
Add REJECT into action rule of FWaaS. Action rule of current FWaaS contains only ALLOW/DENY. DENY simply discards the data without a response, but REJECT returns a response. Connection source by this response can be judged to be “connection was refused”.
Action rule of current FWaaS contains only ALLOW/DENY. DENY simply discards the data without a response, but REJECT returns a response. Without REJECT feature, end users cannot know whether their accesses are super late or rejected. This REJECT feature will be a good option for FWaaS.
Add REJECT into action rule of FWaaS. Connection source by this response can be judged to be “connection was refused”.
The db schema will be changed as below. * add “reject” into action column in firewall_rules table.
Add REJECT into action rule of FWaaS.
Attribute Name | Type | Access | Default Value | Validation/ Conversion | Description |
---|---|---|---|---|---|
action | string | RW, all | ‘deny’ | ‘allow’, ‘deny’, or ‘reject’ | Action rule |
None.
None.
None.
None.
None.
None.
Another project: * Horizon
None.
None.
The work items include:
None.
Testing will be added to firewall tests.
Scenario tests will be added to validate REJECT action rule of firewall.
Testing will be added to firewall tests.
Admin guide will be updated action rule of FWaaS.
User guide will be updated action rule of FWaaS.
None.
None.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.