How block in ports in proxmox firewall

[powersupport]

Hi,

I am trying to block a port for a VM on proxmox for incoming traffic, but it looks not working, please refer to the rule I created in the attachment.
Anyone can advise on this?

Also, actually, I am looking to block all the ports for incoming traffic except a few(for VM), is it possible? if so, anyone can share the steps here

Thank you

 

[Dunuin]

Did you enable the firewall on datacenter level? If not no VM/host firewall rules will be active.

 

[powersupport]

Yes, the Firewall in the data center is enabled, it is in the screenshot I shared.

Thank you

 

[Dunuin]

Also, actually, I am looking to block all the ports for incoming traffic except a few(for VM), is it possible? if so, anyone can share the steps here

Where do you create those rules? Node firewall rules will only count for the host itself and not for guests. Guest firewall rules will only count for the VM/LXC it was created for but not for the host. Datacenter firewall rules will effect all nodes of a cluster (but not guests).

The datacenters/nodes/guests firewall default incoming policy should be set to drop by default, so every incoming port of your host/guest should be closed by default (except for the hidden anti lockout rules for your host). So easiest would be to keep it that way and just whitelist ports the guest actually needs by creating allow rules for each port the guest needsto be accessed from.

 

[powersupport]

Hi,
>Where do you create those rules
Please have a look at the screenshot attached above.

We are looking to block all the ports for incoming traffic for a VM. We have enabled it in the Datacenter.
No need to block traffic for the Proxmox host, we are only looking to enable firewall rules for virtual machines

Regards,