> FORWARD -> proxmoxfw-chain ->jump in tap chain1 > <-return or drop > ->jump in tap chain2 > <-return or drop > > ->ACCEPT > > > don't known if it's better than Above would only handle traffic originated from a VM and skip traffic from outside (eth0)?