[SOLVED] Firewall blacklist setting

[Kordian]

Hello,
The viki page states, that the only thing to do in order to implement a blacklist of ip's is to enter:
[IPSET blacklist]
77.240.159.182
213.87.123.0/24
into cluster.fw and that is all.
However, doing so results in the gui that a new ipset with the name IPSET blacklist is created. What is missing in the gui is the setting telling what to do with the blacklist.
So, do I have to create the rule in the options, or is creation of ipset with the name "blacklist" enough and the system will somehow automatically recognize it shoult block all those ips?
Ps.: Only few days ago the same viki page stated that the ipset should be named "blacklist". Today it is "IPSET blacklist".
Thank you in advance for clarification.

 

[oguz]

hi,

yes, just activate the firewall and add

[IPSET blacklist]
1.2.3.4

with the IP addresses you want to block in /etc/pve/firewall/cluster.fw. afterwards you can run pve-firewall compile && pve-firewall restart

to check if it's added correctly: ipset list PVEFW-0-blacklist-v4 (if you just run ipset list you will find the names of the sets)

also iptables -xvL | grep blacklist should show it

 

[Kordian]

Thank you very much!

 

[oguz]

great!

you can mark the thread as [SOLVED] so others know what to expect!

 

[Kordian]

Wanted to do it, but did not find out how.

 

[oguz]

top right you will see the three dots. click there and choose "edit thread" and add the [SOLVED] prefix there