[pve-devel] [PATCH proxmox-firewall] firewall: properly handle REJECT rules
Stefan Hanreich
s.hanreich at proxmox.com
Tue Apr 23 18:27:50 CEST 2024
On 4/23/24 18:02, Stefan Hanreich wrote:
> Currently we generated DROP statements for all rules involving REJECT.
> We only need to generate DROP when in the postrouting chain of tables
> with type bridge, since REJECT is disallowed there. Otherwise we jump
> into the do-reject chain which properly handles rejects for different
> protocol types.
>
> Signed-off-by: Stefan Hanreich <s.hanreich at proxmox.com>
Forgot trailer:
Reported-By: Stefan Sterz <s.sterz at proxmox.com>
More information about the pve-devel
mailing list