Sample neutron_fwaas.conf¶
This sample configuration can also be viewed in the raw format.
[DEFAULT]
[default_fwg_rules]
#
# From neutron.fwaas
#
# Firewall group rule action allow or deny or reject for ingress. Default is
# deny. (string value)
#ingress_action = deny
# IPv4 source address for ingress (address or address/netmask). Default is
# None. (string value)
#ingress_source_ipv4_address = <None>
# IPv6 source address for ingress (address or address/netmask). Default is
# None. (string value)
#ingress_source_ipv6_address = <None>
# Source port number or range (min:max) for ingress. Default is None. (string
# value)
#ingress_source_port = <None>
# IPv4 destination address for ingress (address or address/netmask). Default is
# None. (string value)
#ingress_destination_ipv4_address = <None>
# IPv6 destination address for ingress (address or address/netmask). Default is
# deny. (string value)
#ingress_destination_ipv6_address = <None>
# Destination port number or range (min:max) for ingress. Default is None.
# (string value)
#ingress_destination_port = <None>
# Firewall group rule action allow or deny or reject for egress. Default is
# allow. (string value)
#egress_action = allow
# IPv4 source address for egress (address or address/netmask). Default is None.
# (string value)
#egress_source_ipv4_address = <None>
# IPv6 source address for egress (address or address/netmask). Default is deny.
# (string value)
#egress_source_ipv6_address = <None>
# Source port number or range (min:max) for egress. Default is None. (string
# value)
#egress_source_port = <None>
# IPv4 destination address for egress (address or address/netmask). Default is
# deny. (string value)
#egress_destination_ipv4_address = <None>
# IPv6 destination address for egress (address or address/netmask). Default is
# deny. (string value)
#egress_destination_ipv6_address = <None>
# Destination port number or range (min:max) for egress. Default is None.
# (string value)
#egress_destination_port = <None>
# Firewall group rule shared. Default is False. (boolean value)
#shared = false
# Network protocols (tcp, udp, ...). Default is None. (string value)
#protocol = <None>
# Firewall group rule enabled. Default is True. (boolean value)
#enabled = true
[quotas]
#
# From neutron.fwaas
#
# Number of firewall groups allowed per tenant. A negative value means
# unlimited. (integer value)
#quota_firewall_group = 10
# Number of firewall policies allowed per tenant. A negative value means
# unlimited. (integer value)
#quota_firewall_policy = 10
# Number of firewall rules allowed per tenant. A negative value means
# unlimited. (integer value)
#quota_firewall_rule = 100
[service_providers]
#
# From neutron.fwaas
#
# Defines providers for advanced services using the format:
# <service_type>:<name>:<driver>[:default] (multi valued)
#service_provider =