Explain how we could improve existing OnApp functionality, and how it would help you.

Improve KVM VM firewall settings

Would like the improve the KVM firewall features:
1. Firewall Rule Templates
It would be nice if you could create firewall rule templates and apply these templates to a virtual machine's firewall settings. This would make it easy to setup complex rule sets that will be in use for multiple servers. All you would need to do is modify the rule set and apply it to any number of virtual machines automatically. Also, updating the rule set should automatically update the firewall rules for any virtual machine to which it is applied. As part of configuring the firewall rules, it would be great to have the ability to define certain macros that could be applied to a firewall rule. For instance, you could create a macro called "web servers" and add all the IPs to your web server group to this macro. When you create a firewall rule in the wizard, for the source address you could select the "web server" macro from the drop down and it would automatically apply to all of the IP's set in that macro.
2. Egress filtering for the firewall
Create rules for outbound traffic just like inbound traffic.
3. More options for individual firewall rules
3a. Be able to make rule based on the destination IP on the VM.
3b. The ability to have multiple IP sets in one rule with ports, like IP addresses/CIDR/Range with comma separation. Ex for IPs for the rule: 192.168.0.4,192.168.0.10-192.168.0.20,192.168.0.53,192.168.1.0/24.
3c. The ability to drag and drop rules around instead of having to use the arrow buttons.
3d. The ability to add a note (optional) when adding a firewall rule (for easy reference what the rule/IP access is exactly for)
3e. The ability to use INSERT or APPEND when adding firewall rules in the web interface, like an extra column with drop down select box.

6 votes
Sign in Sign in with OnApp
Signed in as (Sign out)

We’ll send you updates on this idea

steven shared this idea  ·   ·  Admin →

0 comments

Sign in Sign in with OnApp
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base