nftables

  1. G

    nftables: no stateful rule for output

    Hi, I wanted to try nftables on Proxmox, it seems quite nicely done, bravo! I guess most users don't use any output filters, but if using them in iptables, we get a stateful output rule, allowing to only open INPUT for a given port, and assume that it will go out. Chain PVEFW-HOST-OUT (1...
  2. E

    POLL: Current Firewall Design, what is your ...

    This is a POLL thread in an attempt on covering all the models of firewall and Proxmox to help us better guage the future direction which we all collectively think that Proxmox should be supporting. Assumption must be made here for brevity of your reply: you make uses of Debian 10.6 and Proxmox...
  3. H

    nftables interface not available at boot?

    I'm using nftables to implement firewall rules. I have some rules which I need to apply to vmbr1 and the fwbr interfaces. I create my test config file thus: #!/usr/sbin/nft -f flush ruleset table netdev filterearly { chain ingress { type filter hook ingress device...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!