[SOLVED] Command firewall VM on proxmox don't work


New Member
May 11, 2017
Hello @all
I have successfully installed proxmox 4.4.I also created a successful connection from VM to Proxmox.
Now I want to create firewall commands for this VM via Web GUI. I'm trying to block ssh with the code provided by the proxmox on the installed VM ( https://pve.proxmox.com/ wiki/ Firewall)
My problem encountered was that the command did not work, I could still ssh into normal despite I have restarted proxmox.
My process does the following:
My network configuration:
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet manual
        # dns-* options are implemented by the resolvconf package, if installed
iface vmbr0 inet manual
        bridge_ports none
        bridge_stp off
        bridge_fd 0

auto vmbr23
iface vmbr23 inet static
        address  103.xxx.xxx.23
        gateway  103.xxx.xxx.1
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0
auto eth1
iface eth1 inet static
        address 10.xxx.xxx.23

post-up echo 1 > /proc/sys/net/ipv4/conf/vmbr23/proxy_arp
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
First, I enabled the firewall at the datacenter:

enable: 1
policy_in: ACCEPT
Then I checked that the proxmox firewall server was enabled and it was enabled.
Next I activate the firewall at vm and add the following code:
root@server:~# cat /etc/pve/firewall/100.fw
policy_in: ACCEPT
enable: 1

IN SSH(ACCEPT) -i net0 
IN SSH(ACCEPT) -i net0 -source # only allow SSH from
IN SSH(ACCEPT) -i net0 -source # accept SSH for ip in range to
Then I proceeded to restart proxmox server, then I checked ssh cann't connect when I use an ip not in the rule but i am still ssh successful. Can you help me pinpoint why the command does not work?


The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!