[pve-devel] Creating of a 2nd blacklist with many blocked IPs

Dietmar Maurer dietmar at proxmox.com
Wed Oct 29 10:37:51 CET 2014


> Your blacklist works only on the host, when the pve-firewall for the host is
> activated.
> The same only for containers, when their container is firewall is activated!

You need to add additional properties to the iptables rules then, for example the target ip
of the containers.

> Our 2nd blacklist shull just only active too on containers, where firewalled! And
> this important, why example a support-system-container shull been available
> equal for blocked users to communicate with us, about that they are blocked!
> The websites comes via CDN, so they cant do nothing on servers, but then they
> can use the support-online-chat expl.
> And in other situations, a client with a server will use his server equal without
> firewalled!
> 
> And your concept with the blacklist in only running containers is correct. So how
> we can intigrated?

I am unable to understand above text, sorry.




More information about the pve-devel mailing list