Problems configuring Proxmox Firewall

G

gsanz

Member
Apr 5, 2020
11
0
6
42
Hello, I have tried to configure the Proxmox Firewall in a Virtual Machine with Ubuntu 18.04 for blocking the MongoDB external access and ping external access. I follow these steps:
1- Activate Proxmox main machine Firewall
2-Activate VM firewall and Network firewall

When I execute the following commands I have this result:

systemctl status pve-firewall
● pve-firewall.service - Proxmox VE firewall
Loaded: loaded (/lib/systemd/system/pve-firewall.service; enabled; vendor pre
Active: active (running) since Wed 2019-10-30 16:05:13 CET; 5 months 5 days a
Process: 1302 ExecStart=/usr/sbin/pve-firewall start (code=exited, status=0/SU
Main PID: 1344 (pve-firewall)
Tasks: 1 (limit: 9830)
Memory: 26.0M
CPU: 6h 41min 3.176s
CGroup: /system.slice/pve-firewall.service
└─1344 pve-firewall

root@pvpavapark:~# cat /etc/pve/firewall/100.fw
[OPTIONS]

enable: 1

[RULES]

|IN DROP -p tcp -dport 27017 -log nolog
IN Ping(DROP) -log nolog




In the secondary MV the default status of Proxmox is
INPUT POLICY DROP
OUTPUT POLICY ACCEPT

I restart the Virtual Machine and no rules are applicated. Any Idea ?
Thanks
Gorka
 
Hi!

To have exact information, please also post
Code: 
cat /etc/pve/firewall/cluster.fw
cat /etc/pve/nodes/{YOUR_NODE}/host.fw
cat /etc/pve/qemu-server/100.conf | grep net

By "secondary MV" you mean some other virtual machine on your host?

Best
Dominic
 
Hello I am trying to configure Proxmox firewall for blocking ports and have the following results when executing the scripts:

root@ded-une2804:~# cat /etc/pve/firewall/cluster.fw
[OPTIONS]
policy_in: ACCEPT
enable: 1
root@ded-une2804:~# cat /etc/pve/nodes/100/host.fw
cat: /etc/pve/nodes/100/host.fw: No such file or directory
root@ded-une2804:~# cat /etc/pve/qemu-server/100.conf | grep net
net0: virtio=66:54:B1:59:CF:AD,bridge=vmbr0,firewall=1

I configure the proxmox like this:

https://forum.proxmox.com/threads/problems-proxmox-firewall-configuration-ports.79296/

I attached a file for the description of the proxmox machine. Any idea ?
Regards
Gorka
 

Attachments

I have checked my host VM and also has Firewall enabled
 

Attachments

  • datacenter.png
    datacenter.png
    38.2 KB · Views: 5
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom