[pve-devel] [RFC firewall/manager/network/proxmox{-ve-rs, -firewall} 00/15] add forward chain firewalling for hosts and bridges
Gabriel Goller
g.goller at proxmox.com
Wed Sep 11 17:22:33 CEST 2024
Spent this afternoon testing this series.
Problems I found:
- when creating a rule in a vnet for the first time, I get an error
that a firewall conf file cannot be opened (it's because the
/etc/pve/sdn/firewall folder does not exist and we don't create
folders recursively when opening the file).
- When creating a "forward" rule on a vnet and guest-firewall is
enabled, there are a lot of nftables errors on the syslog.
Everything else works perfectly fine, also using the auto-generated
ipsets in "forward" rules.
More information about the pve-devel
mailing list