[SOLVED] How to deactivate the Firewall by console/terminal

[Simposs]

Hello there! Sadly I am one of the donkeys who activated the Proxmox-Ve Firewall on his dedicated Server before adding a rule for the Backend or SSH.
Now I'm searching for a way to disable the Firewall or change it's rules by using a termin.
My hoster allows me to mount the pve LVM (vg0-root I think) in a rescue system so I could possibly change something to make it work again.

I already located the /etc/pve folder but its empty for me... is that possible or did I just mounted a wrong volume?

Best Regards
Simon

 

[Dunuin]

Hello there! Sadly I am one of the donkeys who activated the Proxmox-Ve Firewall on his dedicated Server before adding a rule for the Backend or SSH.

There are hidden anti-lockout-rules in place. As long as you didn't create a custom rule to block port 22, before enabling the firewall, you should still be able to ssh in. See:
https://pve.proxmox.com/wiki/Firewall#pve_firewall_default_rules

Now I'm searching for a way to disable the Firewall or change it's rules by using a termin.
My hoster allows me to mount the pve LVM (vg0-root I think) in a rescue system so I could possibly change something to make it work again.

I already located the /etc/pve folder but its empty for me... is that possible or did I just mounted a wrong volume?

/etc/pve is a special filesystem backed by a SQLite DB. Without the pve cluster service running it won't be mounted and you can't change config files. See: https://pve.proxmox.com/wiki/Proxmox_Cluster_File_System_(pmxcfs)

 

[Simposs]

Thanks for your reply , I just managed to change my Firewall-Settings quick and dirty by adding

* * * * *  root pve-firewall stop

to /etc/crontab.
The hint with the anti-lockout rule came seconds to late but I promise I will try that next time when I made the same mistake again, because who am I to not do the same mistake again and gain

Best regards
Simon