Can a LXC container have a fully working firewall with a private network IP?

S

Skyrider

Active Member
May 11, 2020
55
1
28
38
Seeing I only have a single IP address, I've created a private network for my LXC containers using masquerading. Does this mean I have to set all firewall rules from the host to be effective on all and or specific containers?

From what I recall on my non-prox server (soon to be merged with prox), All of the firewall rules I've added inside a container had no effect. I was forced to set up the nginx reverse proxy on the main host so I was able to use fail2ban rules as having fail2ban inside a lxc container was pointless if the rules weren't working.

I assume this is also the case on proxmox?
 
Last edited:
To add as additional info. The network file is using masquerade and raw prerouting fwbr+ with CT zone 1.

The datacenter and main node firewall is working as it should. But all firewall rules I apply to the containers doesn't.
 
Don't wish to triple post, but this was made almost 4/5 days ago.. Really no one knows?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom