[pve-devel] firewall custom rules
Alexandre DERUMIER
aderumier at odiso.com
Mon Sep 1 16:41:02 CEST 2014
Hi,
your custom rules will not be flushed.
All the proxmox rules are in a special chain, and we flush only this chain.
----- Mail original -----
De: "VELARTIS Philipp Dürhammer" <p.duerhammer at velartis.at>
À: "Dietmar Maurer" <dietmar at proxmox.com>, "Andrew Thrift" <andrew at networklabs.co.nz>, pve-devel at pve.proxmox.com
Envoyé: Lundi 1 Septembre 2014 16:37:12
Objet: Re: [pve-devel] firewall custom rules
The firewall rules will be flushed if I add them manually or with a script?
Is there any possibility to add this rules to the firewall?
I love the options of the new firewall so far. But y miss the possibility to add custom rules (like this one against brute force for ssh)
-----Ursprüngliche Nachricht-----
Von: Dietmar Maurer [mailto:dietmar at proxmox.com]
Gesendet: Dienstag, 29. Juli 2014 06:30
An: VELARTIS Philipp Dürhammer; Andrew Thrift; pve-devel at pve.proxmox.com
Betreff: RE: firewall custom rules
> Is it possible to have rules like
> [CHAIN] -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set
> --name SSH --rsource -j ACCEPT [CHAIN] -p tcp -m tcp --dport 22 -m
> recent --update -- seconds 400 --hitcount 5 --rttl --name SSH
> --rsource -j DROP
>
> Some way to manually add rules?
No, there is currently no support for the 'recent' module.
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list