Firewall Management in the CLI
The primary commands associated with FWaaS in the Neutron CLI include:
firewall-createfirewall-deletefirewall-listfirewall-policy-createfirewall-policy-deletefirewall-policy-insert-rulefirewall-policy-listfirewall-policy-remove-rulefirewall-policy-showfirewall-policy-updatefirewall-rule-createfirewall-rule-deletefirewall-rule-listfirewall-rule-showfirewall-rule-updatefirewall-showfirewall-update
Like LBaaS, FWaaS requires a specific workflow to properly implement firewall policies. First, firewall rules must be created. Then, a firewall policy can be created that references firewall rules. Lastly, a firewall is created and associated with a firewall policy. Once a firewall policy is applied, the rules are immediately put in place on the routers associated with the firewall.
Firewall policies can be shared among tenants, which means that whenever a policy is updated, it results in the immediate updating of any firewall associated with the policy.
