[pve-devel] pve-firewall : enable|disable firewall at interface level
Alexandre DERUMIER
aderumier at odiso.com
Mon Apr 28 17:26:11 CEST 2014
>>I thought about having a flag per VM , but we can also add it to network interface config ( OK for me).
so vmid.fw
enable: 1|0
and
net0: virtio0:......., disablefw: 0:1
(default 0, if defined we explicity disable firewall for this net0)
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>, "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Lundi 28 Avril 2014 16:49:55
Objet: RE: [pve-devel] pve-firewall : enable|disable firewall at interface level
> we can have vms with public interface (need firewall), and private interface
> (dedicatedvlan without firewall).
>
> I would like to be able to enable/disable firewall in vmid.conf, in network
> interface config,instead globally for the whole vm in vmid.fw.
>
> I have some database doing a lot of connections for example, and I don't want
> extra firewall lookup/conntrack from theses interfaces
>
>
> What do you think about it ?
I thought about having a flag per VM , but we can also add it to network interface config ( OK for me).
More information about the pve-devel
mailing list