Monitor Changes Made on PVE Firewall

jackylian

New Member
Sep 2, 2019
3
0
1
40
Hi, I am using Proxmox VE 5.4 and like to monitor events on the configuration made to Proxmox Firewall.
I have enabled whatever logging options I can find, but still unable to identify such events.

From the captured HTTP traffic, the configuration changes on PVE firewall will incur a POST to /api2/extjs/XXX/firewall URL.
However, I am unable to find such logs and need help to capture such events.

Any advice is greatly appreciated :)
 
Hi,
the firewall daemon will periodically check the config files for changes and generate the new rulesets from these, if there were any changes. So you could set up some script watching the files in /etc/pve/firewall/ and /etc/pve/nodes/nodename/host.fw
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!