[PVE-User] Proxmox Firewall

Andrew Niemantsverdriet andrew at rocky.edu
Wed Feb 25 21:51:17 CET 2009


Yes, this is used in production and seems to work fairly well.

I drop everything by defualt yes and then open up fully for containers
without a configuration file.

Make sure to read the article especially caveats section. As there are
a few gotchas.

Thanks,
 _
/-\ ndrew

On Wed, Feb 25, 2009 at 12:31 PM, C Internet Services
<info at c-internet.nl> wrote:
> Andrew,
>
> i have seen your changes, good work, i did not look good enough.
>
> you drop everything default and open up the firewall for containers
> that has no configuration right?
>
> Are you are using this one in production?
>
> conrad
>
>
> -----Original message-----
> From: Andrew Niemantsverdriet <andrew at rocky.edu>
> Sent: Wed 25-02-2009 20:03
> To: Conrad Maayen <conrad at maayen.nl>; proxmoxve <pve-user at pve.proxmox.com>;
> Subject: Re: [PVE-User] Proxmox Firewall
>
>> Conrad,
>>
>> Thanks I added a link at the top saying about how it was based off
>> that script, how ever it was modified quite a bit to allow for a per
>> container configuration or a configuration on the host. If you compare
>> the scripts side by side you will see that mine is heavily geared
>> towards Proxmox install and is a little more advanced.
>>
>> Thanks,
>>  _
>> /-\ ndrew
>>
>> On Wed, Feb 25, 2009 at 11:46 AM, C Internet Services
>> <info at c-internet.nl> wrote:
>> > Hi Adnrew,
>> >
>> > maybe it would be kind to mention the source of your article, where are more
>> details explained.
>> > You just replaced eth0 with vmbr0 right?
>> >
>> > http://wiki.openvz.org/Setting_up_an_iptables_firewall
>> >
>> >
>> > gr.
>> > Conrad Maayen
>> >
>> >
>> >
>> > -----Original message-----
>> > From: Andrew Niemantsverdriet <andrew at rocky.edu>
>> > Sent: Wed 25-02-2009 19:36
>> >
>> > To: proxmoxve <pve-user at pve.proxmox.com>;
>> > Subject: [PVE-User] Proxmox Firewall
>> >
>> >> While anxiously awaiting the release of Proxmox VE 2.0 and it's built
>> >> in firewall. I wrote up a quick little article on how to add a
>> >> firewall to your existing Proxmox VE install that I thought I would
>> >> share with the list. It is located here:
>> >> http://montanalinux.org/node/1098 if anybody is interested.
>> >>
>> >>
>> >> --
>> >>  _
>> >> /-\ ndrew Niemantsverdriet
>> >> Academic Computing
>> >> (406) 238-7360
>> >> Rocky Mountain College
>> >> 1511 Poly Dr.
>> >> Billings MT, 59102
>> >> _______________________________________________
>> >> pve-user mailing list
>> >> pve-user at pve.proxmox.com
>> >> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>> >>
>> >>
>> > _______________________________________________
>> > pve-user mailing list
>> > pve-user at pve.proxmox.com
>> > http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>> >
>>
>>
>>
>> --
>>  _
>> /-\ ndrew Niemantsverdriet
>> Academic Computing
>> (406) 238-7360
>> Rocky Mountain College
>> 1511 Poly Dr.
>> Billings MT, 59102
>> _______________________________________________
>> pve-user mailing list
>> pve-user at pve.proxmox.com
>> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>>
>>
>



-- 
 _
/-\ ndrew Niemantsverdriet
Academic Computing
(406) 238-7360
Rocky Mountain College
1511 Poly Dr.
Billings MT, 59102



More information about the pve-user mailing list