Difference between revisions of "GSoC2014/Network/Driver"
< GSoC2014
(Created page with "= Implement an application-level FWaaS driver = {| class="wikitable" |- | Difficulty || |- | Topics || |- | Mentor || |} Intro - Why we need it == Assumed Knowledge == ...") |
(→Implement an application-level FWaaS driver) |
||
(2 intermediate revisions by 2 users not shown) | |||
Line 3: | Line 3: | ||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
− | | Difficulty || | + | | Difficulty || Medium |
|- | |- | ||
− | | Topics || | + | | Topics || drivers, python, networking, fwaas, neutron |
|- | |- | ||
− | | Mentor || | + | | Mentor || Balint Kovacs, Szilard Pfeiffer |
|} | |} | ||
− | + | The FWaaS extension provides OpenStack users with the ability to deploy firewalls to protect their networks. While OpenStack's long term goal for FWaaS is to make it very feature rich, the current reference implementation only allows for basic perimeter firewalling capabilities using IPTables. Implementing an application-level firewall driver for the FWaaS framework will not only enable to users to enforce stricter security policies but also let OpenStack evaluate the API, resource model and usability of this feature on the long term. | |
== Assumed Knowledge == | == Assumed Knowledge == | ||
+ | |||
+ | * Python - basics, class/module management | ||
+ | * Basic comprehension of C/C++ code | ||
+ | * Linux networking - TCP/IP, routing, iptables | ||
+ | * Command Line - a little bit of git, code editing, navigation | ||
== Project Goals == | == Project Goals == | ||
+ | |||
+ | * Provide a [https://wiki.openstack.org/wiki/Neutron/FWaaS Firewall as a Service] (FWaaS) [[Neutron_Plugins_and_Drivers|driver]] for [http://zorp-gpl-tutorial.readthedocs.org/en/latest/intro_zorp.html Zorp] application level firewall that has the same functionality as the Iptables reference [https://github.com/openstack/neutron/blob/master/neutron/services/firewall/drivers/linux/iptables_fwaas.py implementation] | ||
+ | * Provide high code coverage by applying [http://en.wikipedia.org/wiki/Test-driven_development TDD] rules during development | ||
+ | * The resulting code should comply with Clean Code principles | ||
== Project Nice-to-Haves == | == Project Nice-to-Haves == | ||
− | ===== | + | * Provide setup documentation (at least a README) |
+ | * Provide suggestions for further API extension to work with application-level firewalls | ||
+ | |||
+ | ==Students' proposals== | ||
+ | {| class="wikitable" | ||
+ | |- | ||
+ | | Student || Proposal Link | ||
+ | |- | ||
+ | | Dániel Csubák || [[GSoC2014/Student/Daniel_Csubak|https://wiki.openstack.org/wiki/GSoC2014/Student/Daniel_Csubak]] | ||
+ | |} |
Latest revision as of 08:58, 20 March 2014
Contents
Implement an application-level FWaaS driver
Difficulty | Medium |
Topics | drivers, python, networking, fwaas, neutron |
Mentor | Balint Kovacs, Szilard Pfeiffer |
The FWaaS extension provides OpenStack users with the ability to deploy firewalls to protect their networks. While OpenStack's long term goal for FWaaS is to make it very feature rich, the current reference implementation only allows for basic perimeter firewalling capabilities using IPTables. Implementing an application-level firewall driver for the FWaaS framework will not only enable to users to enforce stricter security policies but also let OpenStack evaluate the API, resource model and usability of this feature on the long term.
Assumed Knowledge
- Python - basics, class/module management
- Basic comprehension of C/C++ code
- Linux networking - TCP/IP, routing, iptables
- Command Line - a little bit of git, code editing, navigation
Project Goals
- Provide a Firewall as a Service (FWaaS) driver for Zorp application level firewall that has the same functionality as the Iptables reference implementation
- Provide high code coverage by applying TDD rules during development
- The resulting code should comply with Clean Code principles
Project Nice-to-Haves
- Provide setup documentation (at least a README)
- Provide suggestions for further API extension to work with application-level firewalls
Students' proposals
Student | Proposal Link |
Dániel Csubák | https://wiki.openstack.org/wiki/GSoC2014/Student/Daniel_Csubak |