Recent content by Jazz7

Omg almost forgot about the post-up, thanks for reminding me! I agree with you that advise users is better than blocking and forget, but at this time i don't have enough time. I'll consider monitoring in near future. Thanks a lot guletz

AFAIK the only way is to use a different bridge for every VM.

Thanks but i need to block them not log. Anyone knows how to add that rule that a reboot doesn't delete it? Btw, the firewall UI is too limited to let users apply the right custom filters.

Manually adding a rule like this in ebtables FORWARD does the job ebtables -I FORWARD 1 -p IPv4 --ip-src ! $my-legit-dhcp-IP --ip-proto udp --ip-sport 67 -j DROP How can i add such rule using the gui firewall?

Maybe there's a way to isolate each vm network? that'll simplify my work enabling dhcp snooping on the switch and move the dhcp server outside the cluster. Oh, btw the VM are working on a tagged vlan already, the problem is that all vm shares the same vlan.

Can't change this, the design is somewhat forced that way.

Hi, i have a cluster where there's a dhcp server VM used by the VM added into the whole cluster. I need to block rogue dhcp servers inside the cluster (and preventing them offering to the external network too) but let the legit one working. I tried the firewalling but i find hard to understand...

Thanks for the clarification.

Hi, i need some help achieving this: i have currently a cluster, working as intended using vlans. What i need is, if possible, make every VMBR0 linked to the other bridges like they was uplinked. Any idea to do this?