neutron

[fwaas][rfe] support list type of port_range for firewall rule

Bug #2028660 reported by Liu Xie on 2023-07-25

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	Expired	Wishlist	Unassigned

Bug Description

In some cases, customers want to specify a port list for 'source_port'(or destination_port) when create a firewall rule.
Currently the api of firewall_rule could not meet the demand. So we want to define a new api which could support it.

eg. api :
"firewall_rule":{
    "name": "test_rule",
    "protocol": "tcp",
    "source_port": ["22","23","30:80"]
}

anyone has other ideas?

Tags:

Liu Xie (liushy) on 2023-07-26

tags:

added: fwaas

Bence Romsics (bence-romsics) on 2023-07-26

Changed in neutron:
importance:	Undecided → Wishlist

Revision history for this message

Bence Romsics (bence-romsics) wrote on 2023-07-26:

Hi,

To me this feature idea makes perfect sense. However the usual process is to discuss and approve each RFE on the drivers meeting. Since out PTL is on vacation on this week, I believe the next chance to discuss this will be on the 4th of August:

https://wiki.openstack.org/wiki/Meetings/NeutronDrivers

Please look out for the drivers meeting schedule and agenda on the mailing list and attend the next meeting.

tags:

added: rfe

Revision history for this message

Rodolfo Alonso (rodolfo-alonso-hernandez) wrote on 2023-09-29:

Hello Liu:

Please check the comments made during the Neutron drivers meeting today [1]. You can now create several FW rules with the expected values ("22","23","30:80"). That will require 3 rules instead of one. So the current API can fulfil your requirements.

If you explicitly need this new API, please present it during the next drivers meeting. If you can't attend, please update this LP bug and present a Neutron spec.

Regards.

[1]https://meetings.opendev.org/meetings/neutron_drivers/2023/neutron_drivers.2023-09-29-14.00.log.html