Recent content by CSoellinger

Okay i've found a way... not the best, but it works ;) # Create new chain iptables -N CHECK_IPS # Check all outgoing connections iptables -A CHECK_IPS -s 1.1.1.1 -d 0/0 -m mark ! --mark 4/4 -j NFQUEUE # Check incoming OpenVPN iptables -A CHECK_IPS -p udp -s 0/0 --dport 1194 -m mark ! --mark...

Thanks for the fast reply, but the tutorial from the wiki is about using IPS for an VM. But i want exactly the same for the pve host. Using the same options at cluster.fw file is not possible so i've tried to find another way using a custom iptables rule. Or maybe another person already had the...

Hi, I'm trying to get suricata working with pve firewall at host level, but it won't work like i want. At the moment both is working but for my opinion in the wrong order. Cause it looks like suricata is acting before the pve firewall which is not right for me causeit only should detect and...

Hi, I have a strange problem and can't find the solution at the moment, so maybe you can give me a hint where i have a problem :) First i want say the firewall is working like expected, only VPN Port is open, all others(like SSH or Proxmox GUI) are only reachable from internal network which is...