Hi all,
I don't understand how ebtables work on PVE firewall and I don't find good documentation about that.
I've enabled firewall on my VMs and LXC containers, but it seems that it's only filtering Layer3 packets (iptables, I guess). And what I'd like to do is to filter protocols operating at Layer2 such as ARP or VRRP... Or at least only log them. So, I've activated ebtables in the datacenter section but, I don't find anything more to do... Shall I have to create my own ebtables rules directly on the nodes ?
Or is there a special syntax to insert into cluster.fw or vms.fw files ?
Any clue or help would be appreciated. I've read the documentation but I could not find any good article about that
Thank you
best regards
Julien
I don't understand how ebtables work on PVE firewall and I don't find good documentation about that.
I've enabled firewall on my VMs and LXC containers, but it seems that it's only filtering Layer3 packets (iptables, I guess). And what I'd like to do is to filter protocols operating at Layer2 such as ARP or VRRP... Or at least only log them. So, I've activated ebtables in the datacenter section but, I don't find anything more to do... Shall I have to create my own ebtables rules directly on the nodes ?
Or is there a special syntax to insert into cluster.fw or vms.fw files ?
Any clue or help would be appreciated. I've read the documentation but I could not find any good article about that
Thank you
best regards
Julien