防火墙组仍处于活动状态。入口和出口策略和端口不绑定。删除时。 打印
"Failed to delete firewall group with name or ID '616078ba-31aa-446b-be1f-ec61c00a7026': Firewall group 616078ba-31aa-446b-be1f-ec61c00a7026 is still active.
Neutron server returns request_ids: ['req-1c45109b-73a1-46ef-acbd-32a2a2208a55']"
+-------------------+-------------------------------------------------------------+
| Field | Value |
+-------------------+-------------------------------------------------------------+
| Description | firewall1 |
| Egress Policy ID | None |
| ID | 616078ba-31aa-446b-be1f-ec61c00a7026 |
| Ingress Policy ID | None |
| Name | <> |
| Ports | [] |
| Project | 1ea0524ba7294c459d9403baaf6efa26 |
| Shared | False |
| State | DOWN |
| Status | ACTIVE |
| project_id | 1ea0524ba7294c459d9403baaf6efa26 |
+-------------------+-------------------------------------------------------------+
流量配置:
neutron.conf
service_plugins = log,router,qos,firewall_v2
[service_providers]
service_provider = FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver:default
fwaas_driver.ini
[DEFAULT]
[fwaas]
driver = neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver
enabled = True
agent_version = v2
conntrack_driver = conntrack
firewall_l2_driver = ovs
l3-agent.ini
[agent]
extensions = fwaas_v2