Proxmox ve Firewall

gerdnl

Member
Oct 21, 2013
114
0
16
im trying to understand for the firewall works in proxmox interface
for example how do i deny all traffic at start and then allow certain rules.
couldnt find how it works in the interfaces


what i want is:

deny all traffic, accept for port 80,22
 
for example this doesnt block icmp from that ip

Schermafbeelding 2015-01-31 om 00.55.59.png

got firewalled enabled on the interface and in firewall options
 
Hi,

i have the same Problem. I enable the Firewall but nothing happens when i try to block something. In the firewall options i have:

enable firewall: yes
enable dhcp: no
mac filter: yes
log_level_in: info
log_level_out: info
input policy: drop --> but nothing drops
output policy: accept

Thank you very much in advance for your answer,
Christian
 
does it have to be enable in datacenter/firewall/options for the vm firewall to work?
 
Hi,

nothing happens. i activated the firewall in /datacenter/firewall/options, in node/firewall/options and in vm/firewall/options. the input policy of ervery option is drop. there is no effect. is there any other option to activate or insert for the firewall to work?

when u add a rule it takes some time to become active
i waited 5 hours :confused:

kind regards
christian
 
I assume you enabled Firewall on node. Open console of node and run:
Code:
# pve-firewall status
If you see:
Code:
Status: disabled/running
you have to create file /etc/pve/firewall/cluster.fw with content:
Code:
[OPTIONS]
# enable firewall
enable: 1
Of course it's documented on http://pve.proxmox.com/wiki/Proxmox_VE_Firewall but it also relates to non-cluster configuration. After:
Code:
# pve-firewall stop
# pve-firewall start
# pve-firewall status
You should see:
Code:
Status: enabled/running
 
Hello,

to all other proxmoxer with this problem. To fix the problem (for all people who cannot read as i :D ):

klick to the VM-->Hardware-->Network Device. Now you have to activate the Firewall. After this steps the other configuration in the datacenter/nodes/vm have effect.

good proxmoxing :D

Christian
 
klick to the VM-->Hardware-->Network Device. Now you have to activate the Firewall. After this steps the other configuration in the datacenter/nodes/vm have effect.
You talking about KVM virtualization, we talking about OpenVZ paravirtualization, so your suggestion is not for us.
 
Hi,

here is no fifference between VM and OpenVZ. I have a checkbox "firewall" in OpenVZ paravirtualization in the tab "network". Is this point not checked there is no effect for this OpenVZ.
click on the OpenVZ-Template-->tab "network"-->edit "network device"-->check the point "firewall".
 
Hi,

the template you created. Like this:

proxmox.gif

i hope this picture helps you. After that it works for me like a charme :eek:
 
Hi,

o.k.. Then i dont know, sorry. But i install a testmaschine like your configuration and test it.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!