[pve-devel] [PATCH docs 1/1] firewall: set default value of NDP to 1 for nodes and guests
Stoiko Ivanov
s.ivanov at proxmox.com
Mon Nov 10 19:51:16 CET 2025
Thanks for noticing and providing the patch!
parts of our documentation are generated based on the information we have
in our JSONSchema and API calls (see e.g. gen-pve-firewall-host-opts.pl
for a starting point)
so the change would need to be done in the pve-firewall repo IIRC:
https://git.proxmox.com/?p=pve-firewall.git;a=blob;f=src/PVE/Firewall.pm;h=ec9c9ae9c35ec31e7cd3ca28ac4b5c20fa7e8c39;hb=HEAD#l1404
On Mon, 10 Nov 2025 18:11:24 +0100
Michael Köppl <m.koeppl at proxmox.com> wrote:
> The default value of 0 is wrong, since NDP is allowed by default for
> both iptables and nftables. Update the documentation accordingly.
>
> Signed-off-by: Michael Köppl <m.koeppl at proxmox.com>
> ---
> pve-firewall-host-opts.adoc | 2 +-
> pve-firewall-vm-opts.adoc | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/pve-firewall-host-opts.adoc b/pve-firewall-host-opts.adoc
> index d561d0bf..e5770fbe 100644
> --- a/pve-firewall-host-opts.adoc
> +++ b/pve-firewall-host-opts.adoc
> @@ -18,7 +18,7 @@ Log level for outgoing traffic.
>
> Enable logging of conntrack information.
>
> -`ndp`: `<boolean>` ('default =' `0`)::
> +`ndp`: `<boolean>` ('default =' `1`)::
>
> Enable NDP (Neighbor Discovery Protocol).
>
> diff --git a/pve-firewall-vm-opts.adoc b/pve-firewall-vm-opts.adoc
> index 9f191cf9..653ab4f4 100644
> --- a/pve-firewall-vm-opts.adoc
> +++ b/pve-firewall-vm-opts.adoc
> @@ -22,7 +22,7 @@ Log level for outgoing traffic.
>
> Enable/disable MAC address filter.
>
> -`ndp`: `<boolean>` ('default =' `0`)::
> +`ndp`: `<boolean>` ('default =' `1`)::
>
> Enable NDP (Neighbor Discovery Protocol).
>
More information about the pve-devel
mailing list