[SOLVED] Firewall Default Rules Not Present

May 18, 2019
231
15
38
Varies
According to the wiki, proxmox comes with some default rules. But
Code:
iptables -L -xvn
shows:

Code:
Chain INPUT (policy ACCEPT 77651 packets, 15630208 bytes)
    pkts      bytes target     prot opt in     out     source               destination
   68754 13978100 f2b-proxmox  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 443,80,8006
     152    11215 f2b-sshd   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 22

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 51598 packets, 22823092 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain f2b-proxmox (1 references)
    pkts      bytes target     prot opt in     out     source               destination
   68754 13978100 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain f2b-sshd (1 references)
    pkts      bytes target     prot opt in     out     source               destination
     152    11215 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Plus the GUI shows nothing, both at datacenter and node level (I only have 1 node).

A) Should the GUI show the default rules?
B) How do I reset to the default rules?
C) Are the default rules not applied because I installed Debian Stretch first, then Proxmox? Or did installing fail2ban mess it up?
 
It's all default. At DC level, no, node level, yes:
F8tnbA6.png
 
A) Should the GUI show the default rules?
I think not all rules are present, but you will find some default policys under "DC -> Firewall -> Options". I've checked my own Cluster and cant really find default rules, only the Setup Option - maybe thats all what PVE set in default, but im not 100% sure.
 
  • Like
Reactions: Proxygen