neutron_fwaas.conf¶
default_fwg_rules¶
- ingress_action¶
- Type:
string
- Default:
deny- Valid Values:
allow, deny, reject
Firewall group rule action allow or deny or reject for ingress.
- ingress_source_ipv4_address¶
- Type:
string
- Default:
<None>
IPv4 source address for ingress (address or address/netmask).
- ingress_source_ipv6_address¶
- Type:
string
- Default:
<None>
IPv6 source address for ingress (address or address/netmask).
- ingress_source_port¶
- Type:
string
- Default:
<None>
Source port number or range (min:max) for ingress.
- ingress_destination_ipv4_address¶
- Type:
string
- Default:
<None>
IPv4 destination address for ingress (address or address/netmask).
- ingress_destination_ipv6_address¶
- Type:
string
- Default:
<None>
IPv6 destination address for ingress (address or address/netmask).
- ingress_destination_port¶
- Type:
string
- Default:
<None>
Destination port number or range (min:max) for ingress.
- egress_action¶
- Type:
string
- Default:
allow- Valid Values:
allow, deny, reject
Firewall group rule action allow or deny or reject for egress.
- egress_source_ipv4_address¶
- Type:
string
- Default:
<None>
IPv4 source address for egress (address or address/netmask).
- egress_source_ipv6_address¶
- Type:
string
- Default:
<None>
IPv6 source address for egress (address or address/netmask).
- egress_source_port¶
- Type:
string
- Default:
<None>
Source port number or range (min:max) for egress.
- egress_destination_ipv4_address¶
- Type:
string
- Default:
<None>
IPv4 destination address for egress (address or address/netmask).
- egress_destination_ipv6_address¶
- Type:
string
- Default:
<None>
IPv6 destination address for egress (address or address/netmask).
- egress_destination_port¶
- Type:
string
- Default:
<None>
Destination port number or range (min:max) for egress.
- Type:
boolean
- Default:
False
Firewall group rule shared.
- protocol¶
- Type:
string
- Default:
<None>
Network protocol(tcp, udp, …).
- enabled¶
- Type:
boolean
- Default:
True
Firewall group rule enabled.
quotas¶
- quota_firewall_group¶
- Type:
integer
- Default:
10
Number of firewall groups allowed per tenant. A negative value means unlimited.
- quota_firewall_policy¶
- Type:
integer
- Default:
10
Number of firewall policies allowed per tenant. A negative value means unlimited.
- quota_firewall_rule¶
- Type:
integer
- Default:
100
Number of firewall rules allowed per tenant. A negative value means unlimited.
service_providers¶
- service_provider¶
- Type:
multi-valued
- Default:
''
Defines providers for advanced services using the format: <service_type>:<name>:<driver>[:default]
