Hello Everyone,
According to the Wiki:
"If you enable the firewall, traffic to all hosts is blocked by default. Only exceptions is WebGUI(8006) and ssh(22) from your local network."
My question is, where are the configuration files for these two rules (WebGUI and SSH)? I checked in: /etc/pve/firewall/cluster.fw but they are not in that file. I also see them listed in: iptables -L:
The reason I ask is because I connect to my LAN using OpenVPN which assigns an IP address in the 10.68.77.0/24 network. I can connect to everything on my 192.168.1.0/24 network through OpenVPN just fine except for Proxmox. So I assume I need to add the 10.68.77.0/24 network to Promxox's firewall but I would like it to be "embeded" like my 192.168.1.0/24 rules are.
According to the Wiki:
"If you enable the firewall, traffic to all hosts is blocked by default. Only exceptions is WebGUI(8006) and ssh(22) from your local network."
My question is, where are the configuration files for these two rules (WebGUI and SSH)? I checked in: /etc/pve/firewall/cluster.fw but they are not in that file. I also see them listed in: iptables -L:
Code:
Chain PVEFW-HOST-IN (1 references)
target prot opt source destination
RETURN tcp -- anywhere anywhere match-set PVEFW-0-management-v4 src tcp dpt:8006
dpts:5900:5999
RETURN tcp -- anywhere anywhere match-set PVEFW-0-management-v4 src tcp dpt:ssh
RETURN udp -- 192.168.1.0/24 192.168.1.0/24 udp dpts:5404:5405
dpts:5404:5405The reason I ask is because I connect to my LAN using OpenVPN which assigns an IP address in the 10.68.77.0/24 network. I can connect to everything on my 192.168.1.0/24 network through OpenVPN just fine except for Proxmox. So I assume I need to add the 10.68.77.0/24 network to Promxox's firewall but I would like it to be "embeded" like my 192.168.1.0/24 rules are.