How block in ports in proxmox firewall

powersupport

powersupport

Well-Known Member
Jan 18, 2020
318
6
58
30
Hi,

I am trying to block a port for a VM on proxmox for incoming traffic, but it looks not working, please refer to the rule I created in the attachment.
Anyone can advise on this?

Also, actually, I am looking to block all the ports for incoming traffic except a few(for VM), is it possible? if so, anyone can share the steps here

Thank you
 

Attachments

  • firewall.png
    firewall.png
    20.1 KB · Views: 137
  • firewall2.png
    firewall2.png
    18.5 KB · Views: 135
Did you enable the firewall on datacenter level? If not no VM/host firewall rules will be active.
 
Yes, the Firewall in the data center is enabled, it is in the screenshot I shared.

Thank you
 
Also, actually, I am looking to block all the ports for incoming traffic except a few(for VM), is it possible? if so, anyone can share the steps here
Click to expand...
Where do you create those rules? Node firewall rules will only count for the host itself and not for guests. Guest firewall rules will only count for the VM/LXC it was created for but not for the host. Datacenter firewall rules will effect all nodes of a cluster (but not guests).

The datacenters/nodes/guests firewall default incoming policy should be set to drop by default, so every incoming port of your host/guest should be closed by default (except for the hidden anti lockout rules for your host). So easiest would be to keep it that way and just whitelist ports the guest actually needs by creating allow rules for each port the guest needsto be accessed from.
 
Last edited:
Hi,
>Where do you create those rules
Please have a look at the screenshot attached above.

We are looking to block all the ports for incoming traffic for a VM. We have enabled it in the Datacenter.
No need to block traffic for the Proxmox host, we are only looking to enable firewall rules for virtual machines

Regards,
 
Last edited:
You must log in or register to reply here.
Top Bottom