Proxmox sends packets back to router - Hetzner

R

Rocky

Member
Aug 12, 2020
8
0
6
30
Hello everyone,

I have a Proxmox server at Hetzner on which a single IP is bridged for a pfSense.
Another /29 subnet is also hanging on it and an IP has now been blocked because it sent packets back to the router.
I turned on the Proxmox firewall at the data center and node level and only enabled certain ports, everything else is DROPed.

The network config looks like this:
Code: 
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

iface lo inet6 loopback

auto enp41s0
iface enp41s0 inet manual

auto enp1s0
iface enp1s0 inet static
        address 192.168.178.1/24
# ZUM PBS direct attached

auto vmbr0
iface vmbr0 inet static
        address 162.55.XXX.52/32
        gateway 162.55.XXX.1
        bridge-ports enp41s0
        bridge-stp off
        bridge-fd 0
        pointopoint 162.55.XXX.1
        up sysctl -w net.ipv4.ip_forward=1
        up sysctl -w net.ipv4.conf.enp41s0.send_redirects=0
# Main IP
# Einzel IP für pfSense WAN
# Subnetz für Virtuelle IPs auf WAN pfSense

auto vmbr1
iface vmbr1 inet manual
        bridge-ports none
        bridge-stp off
        bridge-fd 0
# Bridge für VMs zu pfSense (Intern)

Log von Hetzner:
Code: 
2023-11-17 20:19:13 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
64.226.84.141 136.243.XXX.170 40995    19 (2 packets)
2023-11-17 20:19:13 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
5.161.193.173 136.243.XXX.170 33038    19 (3 packets)
2023-11-17 20:19:13 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
5.78.69.44 136.243.XXX.170 58818    19 (3 packets)
2023-11-17 20:19:13 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
193.176.158.146 136.243.XXX.170 58494    19 (2 packets)
2023-11-17 20:19:13 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
5.127.196.43 136.243.178.173 47862    19 (1 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
104.28.158.25 136.243.XXX.170 60143    19 (4 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
57.128.26.251 136.243.178.173 33628    19 (2 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
198.57.27.73 136.243.XXX.170 48484    19 (3 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
2.147.169.60 136.243.178.173 48713    19 (1 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
5.120.245.78 136.243.XXX.170  6497    19 (2 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
104.28.158.216 136.243.XXX.170 35269    19 (4 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
45.15.177.165 136.243.XXX.170 44651    19 (3 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
135.148.76.178 136.243.XXX.170 12959    19 (5 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
104.28.155.159 136.243.XXX.170 60249    19 (1 packets)
2023-11-17 20:19:14 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
49.13.123.158 136.243.XXX.170 35470    19 (3 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
178.62.54.14 136.243.XXX.170 54417    19 (3 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
91.149.242.231 136.243.XXX.170 47194    19 (2 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
5.122.62.35 136.243.XXX.170 10355    19 (2 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
172.99.190.223 136.243.XXX.170 45868    19 (1 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
5.123.26.240 136.243.XXX.170 30966    19 (1 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
2.147.249.132 136.243.XXX.170 11275    19 (2 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
193.118.51.41 136.243.XXX.170 53241    19 (3 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
89.19.216.18 136.243.XXX.170 33042    19 (1 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
168.119.244.196 136.243.XXX.170 42524    19 (1 packets)
2023-11-17 20:19:15 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
104.28.158.17 136.243.178.173 14498    19 (2 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
5.113.148.218 136.243.XXX.170 29485    19 (2 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
5.122.159.10 136.243.XXX.170 20940    19 (3 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
5.115.72.7 136.243.XXX.170  7755    19 (2 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
46.143.47.234 136.243.178.173 52822    19 (3 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
108.61.211.36 136.243.XXX.170 38136    19 (1 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
2.147.66.131 136.243.178.173 12673    19 (2 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
54.36.189.115 136.243.XXX.170 22042    19 (1 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
49.13.59.165 136.243.XXX.170 51120    19 (4 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
104.28.158.22 136.243.XXX.170 24822    19 (1 packets)
2023-11-17 20:19:16 213.133.117.176 info local3 fpc3 PFE_FW_SYSLOG_ETH_IP:
FW: xe-3/1/18.100 D 0064:0800 a8:a1:59:8b:2a:ac -> b4:8a:5f:36:a4:5e  tcp
46.29.235.85 136.243.XXX.170 54588    19 (1 packets)

How can I prevent this??
What is the reason??

Datacenter FIrewall
View attachment 58297


Node pve Firewall
View attachment 58298

VM pfSense Firewall
View attachment 58299

pfSense WAN Firewall
View attachment 58300

pfSense NAT
View attachment 58301

pfSense Virtuelle IPs
View attachment 58302
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back