[pve-devel] applied: [PATCH firewall] fix Razor macro

Thomas Lamprecht t.lamprecht at proxmox.com
Sat Mar 30 17:42:41 CET 2019


'ACCEPT' was plain wrong here and broken and disables ALL firewalling
for a Container, at least when used in a Security Group.

fixes 857f62c833a604eb8399467a94d325c1994367eb
Signed-off-by: Thomas Lamprecht <t.lamprecht at proxmox.com>
Reported-by: Tom Weber <pve at junkyard.4t2.com>
---
 src/PVE/Firewall.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index f294d36..ba1cb5f 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -423,7 +423,7 @@ my $pve_fw_macros = {
     ],
     'Razor' => [
 	"Razor Antispam System",
-	{ action => 'ACCEPT', proto => 'tcp', dport => '2703' },
+	{ action => 'PARAM', proto => 'tcp', dport => '2703' },
     ],
     'Rdate' => [
 	"Remote time retrieval (rdate)",
-- 
2.20.1





More information about the pve-devel mailing list