[pve-devel] pve-firewall: dhcp snooping
Dietmar Maurer
dietmar at proxmox.com
Wed Jun 4 12:15:17 CEST 2014
> > Is something like this possible with the current firewall code?
>
> Not implemented, because we do not have/store a list of IPs.
>
> One option would be to store the list of allowed IP in the VM network config:
>
> net0: e1000=0E:0B:38:B8:B3:21,bridge=vmbr0,firewall=1,ip=192.168.2.3
>
> It is then easy to implement such filter.
Or we simple define an IPset with predefine named, for example 'allowed_ips'.
The we add a filter for that ipset (if it exists).
More information about the pve-devel
mailing list