firewall

Hello, I use the firewall built into Proxmox which is great. On the private network (172.16.10.x ) the firewall works and blocks what is not explicitly opened (Input Policy: DROP, OUTPUT Policy: ACCEPT), but when I use a public IP, the firewall totally ignores the rules and all traffic on the...

Morning, So I would like to compartmentalize my containers in proxmox with the proxmox firewall. Currently in datacenter options I have: firewall=no If I modify this to firewall=yes with firewall options out ACCEPT and in ACCEPT in the firewall tab in the datacenter, is this the same rules as...

Hi everyone. I want to share with everyone my development that simplifies working with NAT in Proxmox. This development allows you to create NAT rules directly from the proxmox WebGUI. I think that you will appreciate my development, because I once faced such a problem and went through this...

I am completely lost with the firewall configuration on two Hetzner nodes, each with proxmox 6.3-1 and pve-firewall 4.1-3. Let's call them node1 and node2. On both nodes Datacenter Firewall is enabled with ebtables=yes, input policy=DROP, Output policy=ACCEPT and no rules. On node 2 there is a...

I'm using nftables to implement firewall rules. I have some rules which I need to apply to vmbr1 and the fwbr interfaces. I create my test config file thus: #!/usr/sbin/nft -f flush ruleset table netdev filterearly { chain ingress { type filter hook ingress device...

I am using proxmox 6.3-3 as main vm host. I am hosting my firewall in it. The problem is when I am doing network bonding on my nas server (bsd) the proxmox host fans ramp up and it is roaring until I shutdown/restart the nas box. So my current desktop I tried same network bonding and same thing...

Hello everyone, I know there are already many threads on this topic, but so far nobody has helped me. My structure looks as follows: Rented root server at Hetner with fixed ipv4 and an additionally booked ipv4. On the Proxmox runs an OPNsense firewall. All VMs hang in the LAN behind the...

Wer kennt das nicht, man will die PVE Kiste securen und erstellt Rules in den iptables. Plötzlich hat man sich selber ausgesperrt. Ärgerlich und kann dann nur noch mittels Rescuemodus behoben werden. Bei grossen Kisten mit vielen VMs ist das nicht sonderlich toll. Habe mir ein Script...

When adding firewall rules via die GUI, does one have to activate the rules from the command line? How are the rules loaded/activated otherwise?

When 10 or more rules are created, the column width for the rule number is not wide enough to display the full number and it cannot be resized the way other columns can. Can this be remedied please?

2020-09-22: SOLVED: #5 2020-09-21: Anybody here (at forums.proxmox.com) have a take on this? https://www.reddit.com/r/linuxadmin/comments/ixeky1/ubuntu_kvm_vps_iptables_ctstate/

Proxmox newbie here. In my PVE server... 1. If the pve-firewall is running (with policy_in: DROP like it says below, why does iptables report no rules (ie: everything is "accepted")? 2. what does 'disabled' mean in pve-firewall status = disabled/running? (systemctl status pve-firewall.service...

I have recently updated a cluster with a few nodes having pretty similar network setup. Each node is connected with a few external networks over ipsec. And just one node behaves crazy (this is really strange). I can't ping any of the networks that are tunneled through the ipsec. Tunnels are...

Hi, can you tell me what ports need to be open on a public IP to reach proxmox virtual environment manager? https, 8006? anything else? Thanks for your help.

Hey, I have a VM with Nginx on it that I'm trying to test with and although everything else is working, I can see in the VM firewall logs within the Proxmox console that all the traffic from the internet is dropped. The port forwarding on my router is fine and working as I can see the traffic...

I decided to try and virtualize pfsense because sometimes you don't have a spare bare metal hardware to dedicate to it or you do but it's just not worth it for the little amount of resources that pfsense needs (in small to medium networks). Everything works fine except for one weird issue that...

I want all my VMs to go through my firewall VM. I know I need to bridge all of them but when I check the network on the host it shows the pve IP I chose during install. Do I need to add a new Linux Bridge for every VM or just use the same vmbr0 for all of them and proxmox will do the rest and...

Hey all, I'm setting up a lab with a Proxmox/ceph 3 node cluster. WAN is being provided by a pfsense VM on a different PVE (running multiple pfsense instances for different uses) where the rules are set to block all traffic in the lab LAN except for a specific range of management IP addresses...

How do you restrict (KVM) VMs to only use their assigned IPv4 and IPv6 addresses? I'm looking for something like filtering IPs by MAC addresses (for ex. via ebtables). Is there support for something like that built into Proxmox? What is the recommend way? I can't be the only one who would need that.

i've seen many posts regarding this topic but thought i'd add one more about pfsense performance under prox. I'm new to proxmox but I think it's been really great solution so far. I had both pfsense and opnsense running to compare the 2. I was super excited when i fired up the vm and ran...