[RFE]Add "log" attribute to firewall_policy

Bug #1657071 reported by zhaobo on 2017-01-17
This bug affects 1 person
Affects Status Importance Assigned to Milestone

Bug Description

In general, the firewall we use need the log info about when and why the firewall_policy was deleted or updated.
As users need this info to locate the trouble or illegal operations quickly. Also, for security destination, we need log this kind info.

Maybe the "log" attribute details like:

name type CRUD default
Log bool CRU False

We can create/update fw_policy with this attribute. If it is enable, it will store the fw_policy related log info. It must contain
the operation time, the operation reason. And we could call API to query the details of them.

zhaobo (zhaobo6) on 2017-01-17
Changed in neutron:
assignee: nobody → zhaobo (zhaobo6)
tags: added: fwaas

Do you want https://bugs.launchpad.net/neutron/+bug/1468366 ? If not so, could you elaborate more?

Changed in neutron:
status: New → Incomplete
zhaobo (zhaobo6) wrote :

@Hirofumi Ichihara,
Hi , thank you for comments. I found the spec of that had been delayed into P release. And I saw it will also do the same work towards firewall's LOG. I just show some views about the firewall LOG working here.

Maybe I need contact with the owner of that bug about this bug concerned.. Thanks

zhaobo (zhaobo6) wrote :

The RFE[1] intro the who/when/where/what info is just what we want..:)...

Maybe the field of "log" in fw_policy can be the switch to enable/unable the function.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers