neutron_fwaas.conf¶
default_fwg_rules¶
-
ingress_action¶ - Type
string
- Default
deny
Firewall group rule action allow or deny or reject for ingress. Default is deny.
-
ingress_source_ipv4_address¶ - Type
string
- Default
<None>
IPv4 source address for ingress (address or address/netmask). Default is None.
-
ingress_source_ipv6_address¶ - Type
string
- Default
<None>
IPv6 source address for ingress (address or address/netmask). Default is None.
-
ingress_source_port¶ - Type
string
- Default
<None>
Source port number or range (min:max) for ingress. Default is None.
-
ingress_destination_ipv4_address¶ - Type
string
- Default
<None>
IPv4 destination address for ingress (address or address/netmask). Default is None.
-
ingress_destination_ipv6_address¶ - Type
string
- Default
<None>
IPv6 destination address for ingress (address or address/netmask). Default is deny.
-
ingress_destination_port¶ - Type
string
- Default
<None>
Destination port number or range (min:max) for ingress. Default is None.
-
egress_action¶ - Type
string
- Default
allow
Firewall group rule action allow or deny or reject for egress. Default is allow.
-
egress_source_ipv4_address¶ - Type
string
- Default
<None>
IPv4 source address for egress (address or address/netmask). Default is None.
-
egress_source_ipv6_address¶ - Type
string
- Default
<None>
IPv6 source address for egress (address or address/netmask). Default is deny.
-
egress_source_port¶ - Type
string
- Default
<None>
Source port number or range (min:max) for egress. Default is None.
-
egress_destination_ipv4_address¶ - Type
string
- Default
<None>
IPv4 destination address for egress (address or address/netmask). Default is deny.
-
egress_destination_ipv6_address¶ - Type
string
- Default
<None>
IPv6 destination address for egress (address or address/netmask). Default is deny.
-
egress_destination_port¶ - Type
string
- Default
<None>
Destination port number or range (min:max) for egress. Default is None.
- Type
boolean
- Default
false
Firewall group rule shared. Default is False.
-
protocol¶ - Type
string
- Default
<None>
Network protocols (tcp, udp, …). Default is None.
-
enabled¶ - Type
boolean
- Default
true
Firewall group rule enabled. Default is True.
quotas¶
-
quota_firewall¶ - Type
integer
- Default
10
Number of firewalls allowed per tenant. A negative value means unlimited.
-
quota_firewall_policy¶ - Type
integer
- Default
10
Number of firewall policies allowed per tenant. A negative value means unlimited.
-
quota_firewall_rule¶ - Type
integer
- Default
100
Number of firewall rules allowed per tenant. A negative value means unlimited.
service_providers¶
-
service_provider¶ - Type
multi-valued
- Default
''
Defines providers for advanced services using the format: <service_type>:<name>:<driver>[:default]
