Egress-only rule for entire subnet

asked 2017-08-07 11:55:10 -0500

isears gravatar image

Is it possible to create a neutron router that will drop all incoming connections to a certain subnet (but allow outgoing)? I do not have Neutron FWaaS installed and I would like to avoid creating a whole separate instance (e.g. a PfSense or Quagga VM) because my needs are relatively simple. I would also like to avoid individually assigning an egress-only security rule to every VM in the subnet.

edit retag flag offensive close merge delete