- Nov 4, 2019
I'm getting a bunch of BF attacks on my HV's ports. I tried using CSF but it messes up connectivity on the VM level. VMs have their own public facing IPs.
Do you use popular blacklists as well? Might be a little intrusive on the guests? Would the popular blacklists save a lot of headache?We do LFD with fail2ban on each guest, so that it adds a layer to the general firewall on the PVE side (only allow what we want and do virtual DMZ). The PVE firewall itself is "just" the stateless iptables firewall, so it is not and will not be able to do more than that.
You can however insert a new chain/table in INPUT/FORWARDING and do your own stuff.