The neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent Module

class neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent.FWaaSL3AgentExtension(host, conf)

Bases: neutron_lib.agent.l3_extension.L3AgentExtension

FWaaS Agent support to be used by Neutron L3 agent.

SUPPORTED_RESOURCE_TYPES = [<class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallGroup'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallPolicy'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallRuleV2'>]
add_router(context, new_router)

On router add, get fw with rules from plugin and update driver.

Handles agent restart, when a router is added, query the plugin to check if this router is in the router list for any firewall. If so install firewall rules on this router.

consume_api(agent_api)
create_firewall(*args, **kwargs)

Handle Rpc from plugin to create a firewall.

delete_firewall(*args, **kwargs)

Handle Rpc from plugin to delete a firewall.

delete_router(context, new_router)

Handles router deletion. There is basically nothing to do for this in the context of FWaaS with an IPTables driver; the namespace will already have been deleted, taking the IPTables rules with it.

initialize(connection, driver_type)
process_services_sync(ctx)
start_rpc_listeners(conf)
update_firewall(*args, **kwargs)

Handle Rpc from plugin to update a firewall.

update_router(context, updated_router)

The update_router method is just a synonym for add_router

class neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent.FWaaSL3PluginApi(topic, host)

Bases: neutron_fwaas.services.firewall.agents.firewall_agent_api.FWaaSPluginApiMixin

Agent side of the FWaaS agent to FWaaS Plugin RPC API.

get_firewalls_for_tenant(context, **kwargs)

Get the Firewalls with rules from the Plugin to send to driver.

get_tenants_with_firewalls(context, **kwargs)

Get all Tenants that have Firewalls configured from plugin.

class neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent.L3WithFWaaS(conf=None)

Bases: neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent.FWaaSL3AgentExtension