Host running 5.0-32 suddenly shuts down when iptable rules set

[cehrig]

Hi everybody,

i just set up a standalone Proxmox VE 5.0-32 host and installed an iptables rule set to secure everything, that should not get exposed to the internet:

Chain INPUT (policy DROP 8 packets, 442 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 127.0.0.1 0.0.0.0/0
88 7768 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
1 910 ACCEPT all -- * * <my static inet IP> 0.0.0.0/0

Where port 80 and 443 getting DNAT'ed to a VM:

Chain PREROUTING (policy ACCEPT 81 packets, 4446 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- vmbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 to:10.0.0.10
0 0 DNAT tcp -- vmbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:10.0.0.10

I have configured vmbr1 on the host to use the IP 10.0.0.1, to run my VMs in bridged mode.

However, after a certain amount of time the Host just reboots. No Erros, No Logs, Nothing. It is reproducible as soon as the above rule set is applied.

My first guess was, that it is related to pvesr.timer, since that was the only thing spawning minutely. But after disabling that service, the problem still occurs.

Any ideas?

 

[cehrig]

Problem solved & It was not related to Proxmox.

My provider (OVH) reboots servers automatically, that have the Monitoring Option enabled & do not respond to ICMP packets.