Proxmox4 can't enable firewall option in network device

[PaoloVIP]

If i want to enable firewall option in network device, this error it appears, but the bridge was set:

format error (500)

bridge: property is missing and it is not optional


EDIT: Ah, ok. It can be enable only if the lxc was down.

 

[dietmar]

Thats a bug - will try to fix ...

 

[PaoloVIP]

Thats a bug - will try to fix ...

Is there another strange behavior.

The firewall file of an lxc is located in /etc/pve/firewall/<nnn>.fw

If this file contain only

[OPTIONS]

enable: 1

[RULES]

the rules added directly in that file does not become active, also if they are correct. But if there is at least one rule, you can add to that file every other rules you need, and they will become active...

 

[dietmar]

Fix is here:

https://git.proxmox.com/?p=pve-container.git;a=commitdiff;h=a7c080a74bfcddbd138b05b5314bf5622f764d83

I will upload a new package to the repository next week.

 

[dietmar]

the rules added directly in that file does not become active, also if they are correct.

Please can you post such example file which does not work?

 

[PaoloVIP]

Faster than light

 

[PaoloVIP]

100.fw

[OPTIONS]

enable: 1

[RULES]

echo "IN ACCEPT -source 192.168.0.0/24" >> /etc/pve/firewall/100.fw

This rule will not become visible and active. But if you put via proxmox panel at least one rule, then you can add other rules via command line. I don't know if I explained clearly enough...

 

[dietmar]

This rule will not become visible and active.

Works for me. Is there a newline after [RULES]?

 

[PaoloVIP]

Works for me. Is there a newline after [RULES]?

You are right. Simply had not considered that the file of the newly activated firewall doesn't contain the [RULES] section at all. So it works as expected. I apologize for not having checked better.