firewall

Hello, i have a server with one nic connected to a switch with a /24 source /etc/network/interfaces.d/* auto lo iface lo inet loopback auto eno1 iface eno1 inet manual auto vmbr0 iface vmbr0 inet static address 192.1.24.66 netmask 255.255.255.192 gateway 192.1.24.65...

Hello Everyone, According to the Wiki: "If you enable the firewall, traffic to all hosts is blocked by default. Only exceptions is WebGUI(8006) and ssh(22) from your local network." My question is, where are the configuration files for these two rules (WebGUI and SSH)? I checked in...

Loving Proxmox at the moment. I wondered how good the Proxmox built in firewall was in a securing VMs/LXcs sense compared to virtualizing something like pfSense as either a VM or LXC. I'd appreciate users mileage on this one. I know that pfSense is a dedicated firewall application and so has...

We are a data center with 6 nodes of Proxmox VE and growing. We have customers that come to our website and order their VPS through our WHMCS which is using Proxmox VPS/Cloud module. We already have Cisco ASA Firewall which is handling our NATing and Vlans and everything is going smooth, but we...

Hallo, ich habe Schwierigkeiten, die Firewall zu nutzen. Die Regeln greifen nicht. Kurz zum Setup: Eine Maschine mit ProxMox Virtual Environment 5.1-41 ist installiert. Darauf verschiedene VMs. Eine VM ist eine Windows 10-Maschine. Dort möchte ich den Netzwerkverkehr begrenzen. Zum Testen...

Hello everyone, Just curious what others are doing, but is it best to use Proxmox's firewall that is available in the webgui for each VM or use the VM's firewall available within the OS (e.g. ufw, firewalld, etc...)? I'm on Proxmox 5.2-2 and most of my VM's are a Linux distro (Ubuntu, CentOS...

Hello, I would like to report a problem I just had this morning. Without any human intervention, it seems like the integrated firewall of PVE has started blocking any request even from hosts in the same subnet. Meanwile, every VM was working properly at this time. I was able to gain back access...

Hi, I have 3 Servers with proxmox installed, in one of them I have PFsense, and in that same server I have more VM, I use the following address: Network for users (10.9.109.X) Network for servers (10.9.110.X) WAN To extend the networks of users and servers I use a switch. I direct the...

Proxmox interfaces: hXXps://pastebin.com/0UWvW8QQ LXC container: lxc ip: 10.10.10.2/24 lxc gw: 10.10.10.1 Forwarded ports: iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 8888 -j DNAT --to 10.10.10.2:80 Firewall: Datacenter: FW: on Input: 22->8006->DROP Output: ACCEPT Proxmox: FW: on...

Hello, I use ProxMox 5.2, and I can't activate firewall in containers. I activate firewall check in Network tab in the container. Later in Firewall > Options > I put Input and Output policy in DROP. But doesn't work. I do same in KVM machines, and it works fine. I forgot something?

Deleted

Hi, I'm trying to get suricata working with pve firewall at host level, but it won't work like i want. At the moment both is working but for my opinion in the wrong order. Cause it looks like suricata is acting before the pve firewall which is not right for me causeit only should detect and...

Hi, I have a strange problem and can't find the solution at the moment, so maybe you can give me a hint where i have a problem :) First i want say the firewall is working like expected, only VPN Port is open, all others(like SSH or Proxmox GUI) are only reachable from internal network which is...

This problem exists in V4.4 and V5.1.x ! Host-Firewall is running Network-Card is on Firewall ON General Option for Container - Firewall ON General Option for Container - Firewall Block Traffic incomming ALL Without firewall rule, they come no traffic Then I add a firewall security group -...

Hi there, I've enabled an IPSet "Management" in my Firewall and added some IPs (home office and company). But my homeoffice sometimes changes the IP. Therefore I've configured all other systems, firewalls etc I need access to, to simply use a Domainname instead of the IP. Simply said, I'm...

Hello! I'm using NAT network configuration for my VMs (Proxmox 5.1), and post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1 allows me to use both NAT and PVE firewall for controlling incoming connections on all 3 levels (cluster, node, VM). However, when I add PVE firewall rule...

Dear all, I have a cluster of 6 nodes, two of which having an issue with `pve-firewall status` stuck on "Status: enabled/running (pending changes)". Firewall is enabled on the Datacenter, on the node and on the VMs. I attached the output of `pve-firewall compile`: do you have any idea of...

Hi is it possible to add multiple protocols to an firewall rule for example TCP and UDP? I can´t find any syntax for that. I already tried TCP;UDP TCP/UDP TCP:UDP

Hello, I did a small research relatively ipset filtering for LXC containers and it turns out that using a standard ipfilter-net* set matching IP/interfaces doesn't filter external IPv4 traffic very well, when it is going out from an IP not defined in set. For example we can create interface...

Hi. I use Proxmox 4.3-1 version. early I created iptables firewall and used it on lots of servers. There are some rules and the bottom lines are like that : -A INPUT -j LOG_DROP -A LOG_DROP -j LOG --log-prefix --DROP--: -A LOG_DROP -j DROP It's very easy. I use it on LVM that is on proxmox...