-
Committer:
YAMAMOTO Takashi
-
Author(s):
Joe Mills
-
Date:
2015-09-07 14:01:38 UTC
-
Revision ID:
git-v1:ffb587c9405934a564f108c76af7111336983732
Add port-security extension support
This patch enables the port-security neutron extension in midonet.
It also adds the changes required for the port-security database
management.
This neutron extension adds a new field to the PORT object:
port_security_enabled. This field is a boolean which will
have the following effects on a port depending on its value:
TRUE: Allow the creation of anti-spoof protection (including
allowed-address-pairs) and security groups on this port.
FALSE: Block the creation of allowed address pairs and
security groups on this port, and do not create any
anti-spoof protection for this port. Setting
port_security_enabled to False will fail if there are
security groups or allowed address pairs associated with
the port. Also, associating security groups or allowed
address groups with a port will fail if port_security_enabled
is set to false.
Change-Id: I49ace9cc437601353d6a90f8d6eca8a20ebf3dc6
Signed-off-by: Joe Mills <joe@midokura.com>
(cherry-picked from 61e3af412bb426695544025d0537f7792356b77b)