Hello,
After the pve-firewall bug discovered and reported here : https://bugzilla.proxmox.com/show_bug.cgi?id=602
I installed shorewall as I usually do on my servers (atp-get install shorewall ulogd).
But ulogd and pve-firewall are mutually exclusive in apt packet manager.
So when we try to install shorewall+ulogd, pve-manager and pve-firewall are uninstalled by apt.
(I spent some times to know why proxmox tools diseappered from my PVE installations, I shoud have opened my eyes
So I am trying to get a solution because default iptables logging goes in system logs, what is not acceptable for me. And furthermore, I think I will keep shorewall because I have my habits with it.
I see two potential solutions :
- uninstall pve-firewall and install ulogd : impossible because pve-manager and qemu-server needs pve-firewall (package dependency)
- use pve-firewall as logging target for shorewall/iptables : I don't know if there is possible side effects neither if it will work...
Does anybody have an idea on this problem ?
Thank you,
BR,
G. Husson
After the pve-firewall bug discovered and reported here : https://bugzilla.proxmox.com/show_bug.cgi?id=602
I installed shorewall as I usually do on my servers (atp-get install shorewall ulogd).
But ulogd and pve-firewall are mutually exclusive in apt packet manager.
So when we try to install shorewall+ulogd, pve-manager and pve-firewall are uninstalled by apt.
(I spent some times to know why proxmox tools diseappered from my PVE installations, I shoud have opened my eyes
So I am trying to get a solution because default iptables logging goes in system logs, what is not acceptable for me. And furthermore, I think I will keep shorewall because I have my habits with it.
I see two potential solutions :
- uninstall pve-firewall and install ulogd : impossible because pve-manager and qemu-server needs pve-firewall (package dependency)
- use pve-firewall as logging target for shorewall/iptables : I don't know if there is possible side effects neither if it will work...
Does anybody have an idea on this problem ?
Thank you,
BR,
G. Husson