Try to understand Proxmox Firewall and IP per MAC

F

FcbInfo

Renowned Member
Dec 21, 2012
107
0
81
Hi there,

I'm very confused about the new proxmox firewall.
I tried to read something about this, but didn't help.

When you enable firewall for cluster, have you enabled firewall for all virtual machines inside of it?
May I have firewall enabled for 1 VM but not for other VMs?

I tried to apply some rules in one of my VMs, but it shows to don't work. I tried to closed port 22 for VM XXX, but the port 22 still open.

Another question is...
Is possible with this new firewall, prevent IP stealing by MAC? If some user try to add an IP to a VM, works only if an administrator permit this IP to be used by this VM MAC address.
 
FcbInfo said:
Hi there,

I'm very confused about the new proxmox firewall.
I tried to read something about this, but didn't help.

When you enable firewall for cluster, have you enabled firewall for all virtual machines inside of it?
May I have firewall enabled for 1 VM but not for other VMs?

I tried to apply some rules in one of my VMs, but it shows to don't work. I tried to closed port 22 for VM XXX, but the port 22 still open.

Another question is...
Is possible with this new firewall, prevent IP stealing by MAC? If some user try to add an IP to a VM, works only if an administrator permit this IP to be used by this VM MAC address.
Click to expand...

If you have direct access to your cluster and VM's why not just disable root login on each VM?? Proxmox firewall is pretty tricky to figure out especially if your using more than one IP. However it is definitely possible... Have you activated firewall on the VNIC? After i did that the first time all VM's where automatically dropping everything, and i had to set all the appropriate allow rules.
 
You must log in or register to reply here.
Top Bottom