That did the trick:
[OPTIONS]
enable: 1
I thought by enabling the firewall via the gui will be enough but it seems that needs to add the above on every file.
Is that the normal behaviour?
Thanks a lot
but I have as mentioned above in vm 101 the rules to drop everything, all ports but I can still connect. Firewall is enabled on VM and Datacenter.
I want a rule to block everything/all traffic apart from the ports that I will exclude. in out DROP seems to do nothing in VM 101...
Just an update, I've enabled firewall via cluster.fw and now the status show it running:
root@proxmox1:~# pve-firewall status
Status: enabled/running
I have however on a VM the following rules:
root@proxmox1:/etc/pve/firewall# cat 101.fw
[RULES]
OUT DROP
IN DROP
but I can access that VM...
Hi Dietmar,
Thanks for the answer.
root@proxmox1:~# pve-firewall status
Status: disabled/running
root@proxmox1:~# pve-firewall compile
no changes
firewall disabled
I've tried to start the firewall from terminal as per wiki instructions and getting the following error:
root@proxmox1:~# pve-firewall start
ERROR: can't aquire lock '/var/run/pve-firewall.pid.lock' - Resource temporarily unavailable
Thanks a lot for the reply. I've setup in and out to ACCEPT under datacenter tab and then setup in a VM in and out to DROP but I can still access the web server for example on that VM. Do I need to restart somehow the firewall?
Thanks
Hi all,
I've just installed the latest Proxmox (3.3-1) and would like to ask a few questions about the firewall setup as it's not very clear to me.
I have about 10 virtual machines running on server all with static IP and KVM.
On the host if I run ifconfig I'm getting the following...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.