[pve-devel] Firewall hooks

[Josef Johansson]

Hi,

Would you like to share the script Harald?

I'm thinking about commiting arptables to Proxmox.


We found that you could actually affect the network if you have root on 
the server.

Not when accessing from the server out, but you can set up an IP on the 
VM and others would be able to reach it.

This should be added when clicking the ip filter option.

On 10/30/18 2:29 PM, Josef Johansson wrote:
> Hi,
>
> Is it possible to add arptable-rules, or are there any current 
> ambitions to do it?
>
> I see that the package is not even installed.
>
> Maybe instead of hooks we could choose what type of layer 2 protocol 
> it should be in the gui even.
>
> /Josef
>
> On 3/23/18 10:13 AM, Tom Weber wrote:
>> Am Donnerstag, den 22.03.2018, 12:28 +0100 schrieb Harald Leithner:
>>> Hi,
>>>
>>> it seams that there are no firewall hooks in pve-firewall is this
>>> correct?
>> IIRC, yes.
>>
>>> I would like to add my own action before, after the firewall
>>> configuration for a VM is stop,started or reloaded.
>> [..]
>>> Is there any point I could attach my own script?
>> when I was dealing with the firewall code cleanups last year, I had
>> ideas like this in the back of my head. Or at least ideas that would
>> make implementing such hooks easier.
>> My plans to further work on this still exist - free time doesn't
>> currently :(
>>
>>    Tom
>>
>>
>> _______________________________________________
>> pve-devel mailing list
>> pve-devel at pve.proxmox.com
>> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
-- 
Med vänliga hälsningar
Josef Johansson