Looks like the winner is 3 for devel.
Thanks for the participation.
Regards
René
On 11/13/2017 06:47 PM, Rene Moser wrote:
> Hi Devs
>
> The last days I fought with the ACL egress rule behaviour and I would
> like to make a poll in which direction the fix should go.
>
> Short Version:
>
> We
Ok, good enough for me.
I vote for option 3 as well then.
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
- Original Message -
> From: "Rene Moser"
> To: "dev"
> Sent: Friday, 17 November, 2017 09:22:24
> Subject: Re: POLL: ACL d
adi"
>> To: "dev"
>> Sent: Tuesday, 14 November, 2017 05:12:52
>> Subject: Re: POLL: ACL default egress policy rule in VPC
>
>> Hi Rene,
>>
>> Please look at my inline comments.
>> Let me add some context for the VPC egress/ingress
4. I think Jayapal's reply deserves more attention.
See below.
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
- Original Message -
> From: "Jayapal Uradi"
> To: "dev"
> Sent: Tuesday, 14 November, 2017 05:12:52
> Subject
Option 3, makes sense to me.
-Rohit
From: Paul Angus
Sent: Tuesday, November 14, 2017 4:08:51 PM
To: dev@cloudstack.apache.org
Cc: u...@cloudstack.apache.org
Subject: RE: POLL: ACL default egress policy rule in VPC
3 sounds like a winner.
[I think that (2) is
POLL: ACL default egress policy rule in VPC
3 definitely seems to make the most sense.
From: Rafael Weingärtner
Sent: Monday, November 13, 2017 12:02 PM
To: dev@cloudstack.apache.org
Cc: u...@cloudstack.apache.org
Subject: Re: POLL: ACL default egress policy rule
Hi Rene,
Please look at my inline comments.
Let me add some context for the VPC egress/ingress rules behavior.
Pre 4.5 (subject to correction) the behavior of VPC acl is as follows.
1. Default egress is ALLOW and ingress is DROP.
a. When a rule is added to egress then that particular rule tr
I agree with (3).
To achieve backward compatibility, we need to add an egress rule to allow
ALL on existing ACLs which do not contain any egress rule.
For now almost every one uses integrated network offerings for VPC networks:
DefaultIsolatedNetworkOfferingForVpcNetworks
DefaultIsolatedNetworkOf
3 definitely seems to make the most sense.
From: Rafael Weingärtner
Sent: Monday, November 13, 2017 12:02 PM
To: dev@cloudstack.apache.org
Cc: u...@cloudstack.apache.org
Subject: Re: POLL: ACL default egress policy rule in VPC
3
On Mon, Nov 13, 2017 at 3:51 PM
3
On Mon, Nov 13, 2017 at 3:51 PM, Daan Hoogland
wrote:
> 3 of course ;)
>
> On Mon, Nov 13, 2017 at 6:47 PM, Rene Moser wrote:
>
> > Hi Devs
> >
> > The last days I fought with the ACL egress rule behaviour and I would
> > like to make a poll in which direction the fix should go.
> >
> > Short
Note the typo in the user mailing list email address, don't use reply
all... sry
3 of course ;)
On Mon, Nov 13, 2017 at 6:47 PM, Rene Moser wrote:
> Hi Devs
>
> The last days I fought with the ACL egress rule behaviour and I would
> like to make a poll in which direction the fix should go.
>
> Short Version:
>
> We need to define a better default behaviour for acl default eg
Hi Devs
The last days I fought with the ACL egress rule behaviour and I would
like to make a poll in which direction the fix should go.
Short Version:
We need to define a better default behaviour for acl default egress
rule. I see 3 different options:
1. always add a default deny all egress rul
13 matches
Mail list logo
