SSH Firewall rule does not work on server machine

[Serhioromano]

I enabled firewall on Datacenter, node and some VMs. Ping works but strange. If I start ping and disable rule during it pinging, it continues ping. If I stop ping and try again then it is not working. But that is not an issue for me.

I can access my host machine with SSH no matter wat. I enabled Firewall on pve node and have no rules there, but I can access it through ssh. Although if I enable firewall on VM I cannot access it without a rule.

I updated Linux kernel with command

apt install pve-kernel-6.2

Might that be a reason?

 

[LnxBil]

IIRC, the firewall is per default permissive so you have to change the default settings to start blocking. You need to enable the Firewall at datacenter level and also for each VM separately and you also have to change the default policy for input/output settings as you like.

 

[Serhioromano]

IIRC, the firewall is per default permissive so you have to change the default settings to start blocking. You need to enable the Firewall at datacenter level and also for each VM separately and you also have to change the default policy for input/output settings as you like.

I've enabled it in DC level and in node. I also enabled it in some VMs but I do not think I need it to protect access to host machine with PVE over SSH. Adn in DC level firewall input default is drop. But I do not have this rule on node level but have it on VM and DC levels.