cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-676) Firewall / ACL support for ipv6
Date Fri, 27 Jan 2017 00:14:25 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-676?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15840731#comment-15840731
] 

ASF subversion and git services commented on CLOUDSTACK-676:
------------------------------------------------------------

Commit 115d6d5dc774715b0d17238dc8e8d9f02017c690 in cloudstack's branch refs/heads/master from
[~widodh]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=115d6d5 ]

CLOUDSTACK-676: IPv6 In -and Egress filtering for Basic Networking

This commit implements Ingress and Egress filtering for IPv6 in
Basic Networking.

It allows for opening and closing ports just as can be done with IPv4.

Rules have to be specified twice, once for IPv4 and once for IPv6, for
example:

- 22 until 22: 0.0.0.0/0
- 22 until 22: ::/0

Egress filtering works the same as with IPv4. When no rule is applied all
traffic is allowed. Otherwise only the specified traffic (with DNS being
the exception) is allowed.

Signed-off-by: Wido den Hollander <wido@widodh.nl>


> Firewall / ACL support for ipv6
> -------------------------------
>
>                 Key: CLOUDSTACK-676
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-676
>             Project: CloudStack
>          Issue Type: Sub-task
>      Security Level: Public(Anyone can view this level - this is the default.) 
>            Reporter: Chiradeep Vittal
>            Assignee: Wido den Hollander
>             Fix For: Future
>
>
> An ability to specify a firewall / ACL rule set for a subnet which has instances with
ipv6 addresses. The implementation can be at the VR level, at the hypervisor level or in an
external firewall



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message