[pve-devel] pve-firewall : add ipfilter protection
Stefan Priebe - Profihost AG
s.priebe at profihost.ag
Fri Jun 13 15:41:08 CEST 2014
Am 13.06.2014 15:36, schrieb Alexandre DERUMIER:
>>> And you enabled the firewall on that network interface? (stop/restart VM required).
> No vm restart is needed, hopefully ;)
I did a complete shutdown / kill kvm process and a fresh start.
Grüße
> ----- Mail original -----
>
> De: "Dietmar Maurer" <dietmar at proxmox.com>
> À: "Stefan Priebe - Profihost AG" <s.priebe at profihost.ag>, "Alexandre DERUMIER" <aderumier at odiso.com>
> Cc: pve-devel at pve.proxmox.com
> Envoyé: Vendredi 13 Juin 2014 14:54:32
> Objet: RE: [pve-devel] pve-firewall : add ipfilter protection
>
>> OK seems my testing is wrong.
>>
>> What is did:
>>
>> /etc/pve/firewall/2004.fw:
>> [IPSET ipfilter-net0]
>> 10.10.28.5
>>
>> I then enabled the Firewall for this VM.
>
> Also enabled the firewall in cluster.fw?
>
>> The VM has now 10.10.28.4 on net0 - but the VM is still able to make traffic with
>> 10.10.28.4. Anything i did wrong?
>
> And you enabled the firewall on that network interface? (stop/restart VM required).
> Are normal firewall rules working?
>
More information about the pve-devel
mailing list