Recent content by flav

  1. PROXMOX VE , can we segment servers if some are in another directly connected network

    Re: PROXMOX VE , can we segment servers if some are in another directly connected net Hello, Your question is not verry clear to me but: if you have 2 LANs, 1 HOST with 2 interfaces, you can separate the VMs on one or another LANs. You can even create internals LANs (Bridges) in the HOST that...
  2. Proxmox Firewall, IPv6 and ICMP

    Hi, After 24h it appears that the routers lost the route. It is due to restriction in DropBroadcast which was blocking neighbourhood packets before autorisation. This patch has to be applied over my last one: --- Firewall.pm.flav20150404 2015-04-05 17:46:34.000000000 +0200 +++ Firewall.pm...
  3. Proxmox Firewall, IPv6 and ICMP

    Hi, After reading RFC4890, I confirm all this kind of packets should not be dropped (read section 4.3.2 and 4.3.3). Regards, Flavius
  4. Proxmox Firewall, IPv6 and ICMP

    Hi, I've got troubles using IPv6 with firewall enabled. After different searches I've found that some more ICMPv6 types have to be enabled. After reading post like this : http://pivotallabs.com/configuring-freebsd-9-1-as-an-ipv6-dhcp-client/ and...
  5. Proxmox 3.4 firewall default rules - local_network

    Just a reminder for the following. The host 1.2.3.4 is in an unsecured 1.2.3.0/24 network. The user controled alias is not taken into account for all the rules. The code without my correction does not reads the local_network alias in enable_host_firewall (it is set by my $localnet =...
  6. Proxmox 3.4 firewall default rules - local_network

    Hello, Yes sure... but not all the network belongs to the cluster and local_network alias should be allowed to user control. What I propose is a patch like this in enable_host_firewall: *** Firewall.pm.orig 2015-03-15 11:26:34.000000000 +0100 --- Firewall.pm 2015-03-15 11:44:33.000000000...
  7. Proxmox 3.4 firewall default rules - local_network

    Hi, I'm setting up a new Proxmox 3.4 cluster/host with pve-firewall. The firewall has some default rules allowing all the host's local network. That network is public. My host IP is 1.2.3.4 on network 1.2.3.0/24 Here are the rules Chain PVEFW-HOST-IN: RETURN udp -- 1.2.3.0/24...
  8. Proxmox Firewall for NAT

    Hi, Issue solved. Do not need to add any rule in raw table. You just need to add a some firewall rules to allow your VM to access your virtual network. eg from 192.168.0.0/24 to some_internal_IP on ICMP
  9. Proxmox Firewall for NAT

    Hi, Looks somehow better... but still not ok: # iptables -t raw -A POSTROUTING -o tap100i0 -j CT --zone 1 iptables: No chain/target/match by that name.
  10. Proxmox Firewall for NAT

    Hello, This is not working for me. Can some one help ? I'm tring to setup a VM with NAT and ProxmoxVE Firewall. My config is: on the host with ProxMox 3.4-1: Upgraded to kernel 3.10: # uname -a Linux XXXX 3.10.0-7-pve #1 SMP Thu Jan 22 11:20:00 CET 2015 x86_64 GNU/Linux...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!