Firewall-as-a-service
FWaaS is an extension for Neutron that provides users with the ability to deploy perimeter firewalls to protect their networks. The FWaaS extension enables you to do the following things:
Apply firewall rules on traffic entering and leaving tenant networks attached to Neutron routers
Create and share firewall policies that hold an ordered collection of the firewall rules
Audit firewall rules and policies
The FWaaS extension introduces the following network resources:
Firewall: This represents a logical firewall resource that a tenant can instantiate and manage. A firewall is associated with one firewall policy.
Firewall policy: This is an ordered collection of firewall rules that can be shared across tenants.
Firewall rule: This represents a collection of attributes, such as layer 4 ports and IP addresses, that define match criteria and perform an action to be taken on the matched data traffic.
Like security group rules, firewalls in Neutron utilize iptables to perform traffic...
