Search results

Any update on this, my rules are still not working! Pretty common rules Allow fd88::1 Allow 10.88.88.1 Reject fd88::/64 Reject 10.88.88.0/24 It used to work in iptables but not in nftables. Pinging out from VM correctly blocks IPv4 ping but not IPv6 ping. Cannot connect to any VMs that has the...

It used to work with iptables but not with the new nftables. I am not sure about creating new rules in nftables.

I have a similar problem https://forum.proxmox.com/threads/blocking-lan-access-for-vms-does-not-work-accept-ping-using-nftables.145748/ Pretty common and basic firewall rule. Allow gateway and block LAN, IPv4 is somewhat working IPv6 not at all.

Same rules worked fine with iptables. Now I cannot connect to any of the VMs using SSH. Pinging fd88::7 should be blocked from VMs but is allowing outbound connection while pinging 10.88.88.7 correctly blocks outgoing ping. I allowed IPv6 and IPv4 router gateway in the rules. cat...

Looks like I need ct state established,related accept in my VM config. chain guest-100-in { jump allow-dhcp-in jump allow-ndp-in ether type arp accept jump group-block-lan-in jump after-vm-in...

I could not get the new firewall to work, disabled it for now. Looks like IPv4 is somewhat working and IPv6 rules are not working at all for VMs.

I used to block private range 10.0.0.0 from the firewall and allowed the gateway and it worked but now after upgrading and enabling nftables I can ping VMs but they will not connect using any other port (SSH, HTTPS). Once I disable outbound rule blocking 10.0.0.0 I can connect to all the VMs in...

How do I enable the nftables and start playing with it, I just upgraded to 8.2 Update: Found it in Datacenter > Node > Firewall > Options > nftables > enable.

Why dont you change port in proxmox interfaces file. post-up iptables -t nat -A PREROUTING -p tcp -d 192.168.1.10 --dport 443 -j REDIRECT --to-ports 8006 https://saudiqbal.github.io/Proxmox/proxmox-IPv6-interface-setup-DHCPv6-or-static.html

I have the same setup as yours but mine is blocked, maybe try fc00::/7 instead of fd00::/8

If you want to block all local IPv6 use fd00::/8 and REJECT

I am already doing it with my Proxmox https://www.reddit.com/r/Proxmox/comments/rm2bw4/firewall_how_to_block_all_traffic_to_local_network/ See the screenshot in that post.

Yes, it worked

You are right about using iface vmbr0 inet6 auto in your interface file and you have to accept RA net.ipv6.conf.vmbr0.accept_ra=2 in your sysctl.conf file I wrote a blog post for using IPv6 in Proxmox. https://saudiqbal.github.io/Proxmox/proxmox-IPv6-interface-setup-DHCPv6-or-static.html

Is it possible to get Gotify and Email notifications with just a summary instead of every detail in notifications. For example New software packages available with a full table of updates. Backup notifications includes all the progress percentage from 0% to 100% Long list of progress. Just a...

I have the same problem with gotify. I used the command above and see if it works.

Why not make your partner in North America a dedicated support instead of calling them partners, this will work with enterprise customers. I am just a home user and saw ProxMox losing big paying customers on reddit and other forums.

https://www.reddit.com/r/Proxmox/comments/19fjyqf/any_official_word_from_proxmox_since_vmware/ This is why ProxMox need North America support ASAP before companies move to another solution, they will never come back once they go elsewhere. Proxmox have to move fast.

In that thread "and is closing that gap in the Americas too" is a news but ProxMox should not wait too long, time is now for 24/7 American support before any missed opportunity and missed customers for ProxMox.

It is all over the social media and people are discussing on reddit about moving to ProxMox. Most of the discussion I saw are about no 24/7 support for enterprise customers and limited to Austrian time and some discussion about backups. Does Proxmox team monitors these messages and doing...