Revision history [back]

click to hide/show revision 1
initial version

Egress-only rule for entire subnet

Is it possible to create a neutron router that will drop all incoming connections to a certain subnet (but allow outgoing)? I do not have Neutron FWaaS installed and I would like to avoid creating a whole separate instance (e.g. a PfSense or Quagga VM) because my needs are relatively simple. I would also like to avoid individually assigning an egress-only security rule to every VM in the subnet.