Return-Path: X-Original-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9363BD269 for ; Tue, 9 Oct 2012 09:15:43 +0000 (UTC) Received: (qmail 83992 invoked by uid 500); 9 Oct 2012 09:15:43 -0000 Delivered-To: apmail-incubator-cloudstack-dev-archive@incubator.apache.org Received: (qmail 83836 invoked by uid 500); 9 Oct 2012 09:15:42 -0000 Mailing-List: contact cloudstack-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cloudstack-dev@incubator.apache.org Delivered-To: mailing list cloudstack-dev@incubator.apache.org Received: (qmail 83818 invoked by uid 99); 9 Oct 2012 09:15:42 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 09 Oct 2012 09:15:42 +0000 X-ASF-Spam-Status: No, hits=-0.1 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of jayapalreddy.uradi@citrix.com designates 203.166.19.134 as permitted sender) Received: from [203.166.19.134] (HELO SMTP.CITRIX.COM.AU) (203.166.19.134) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 09 Oct 2012 09:15:36 +0000 X-IronPort-AV: E=Sophos;i="4.80,560,1344211200"; d="scan'208,217";a="13027420" Received: from banpmailmx01.citrite.net ([10.103.128.73]) by SYDPIPO01.CITRIX.COM.AU with ESMTP/TLS/RC4-MD5; 09 Oct 2012 09:14:29 +0000 Received: from BANPMAILBOX01.citrite.net ([10.103.128.71]) by BANPMAILMX01.citrite.net ([10.103.128.73]) with mapi; Tue, 9 Oct 2012 14:44:27 +0530 From: Jayapal Reddy Uradi To: "cloudstack-dev@incubator.apache.org" Date: Tue, 9 Oct 2012 14:44:23 +0530 Subject: Egress firewall rules for guest network. Thread-Topic: Egress firewall rules for guest network. Thread-Index: Ac2l/GTv7Eb18/eGRZKytO2xrnqhXQ== Message-ID: <67EF18FDCA335F489B366120481AB6C5EE49A4C520@BANPMAILBOX01.citrite.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_67EF18FDCA335F489B366120481AB6C5EE49A4C520BANPMAILBOX01_" MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org --_000_67EF18FDCA335F489B366120481AB6C5EE49A4C520BANPMAILBOX01_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable The egress firewall rules feature will configure the egress rules for gues= t network on VR/External firewall to ALLOW specified traffic to outside and BLOCK the remaining traffic. By default all the traffic is ALLOWED to public network. When you specify = a egress rule only that rule specific traffic is allowed. I have created a functional spec here: https://cwiki.apache.org/confluence/= display/CLOUDSTACK/Egress+firewall+rules+for+guest+network Please review and provide your comments. Thanks, Jayapal --_000_67EF18FDCA335F489B366120481AB6C5EE49A4C520BANPMAILBOX01_--