Proxmox FW dont blocks traffic to vm

P

p27426541

Member
Apr 10, 2022
8
0
6
hey ich habe das problem das wenn ich z.b meine ip blocke für tcp ( https://i.imgur.com/3KHk6AR.png )der ssh port nicht mehr geht,

benutze ich jetzt aber hping3 mit tcp kommt das bei der maschiene an.

wenn ich aber jetzt komplett tcp drop ( https://i.imgur.com/NPCPCoA.png )kommt kein tcp mehr an


ist das bekannt bzw wo liegt mein problem ?







ENGLISH:



hey i have the problem that if i block my ip for tcp ( https://i.imgur.com/3KHk6AR.png )the ssh port does not work anymore,

but if I now use hping3 with tcp it arrives at the machine.


but if I now completely tcp drop ( https://i.imgur.com/NPCPCoA.png )no tcp arrives any more



is this known or where is my problem ?
 
hi,

p27426541 said:
hey i have the problem that if i block my ip for tcp ( https://i.imgur.com/3KHk6AR.png )the ssh port does not work anymore
Click to expand...
which is normal if you block all TCP traffic from your IP address.
p27426541 said:
but if I now use hping3 with tcp it arrives at the machine.
Click to expand...
how exactly do you run hping3 and where do you run it from?

p27426541 said:
but if I now completely tcp drop ( https://i.imgur.com/NPCPCoA.png )no tcp arrives any more
Click to expand...
that's also normal...

p27426541 said:
is this known or where is my problem ?
Click to expand...
not sure what's the question here?

are you editing the VM firewall rules?
 
p27426541 said:
ICMP is still answered even though I drop incoming and outgoing.
Click to expand...
please post the commands you're using to test this.

i've asked you some questions in my first post on this thread, please also answer those if you want help.

for debugging your firewall rules you can use iptables-save command to see the chains.

also check our documentation section about the firewall [0]

hope this helps

[0]: https://pve.proxmox.com/pve-docs/pve-admin-guide.html#pve_firewall_default_rules
 
You must log in or register to reply here.
Top Bottom