[PVE-User] Bond0 device for Net interface

Alessandro Briosi ab1 at metalitnord.com
Mon Oct 10 08:30:13 CEST 2011

Il 09/10/2011 17:07, Inderjit Singh ha scritto:
> Hello ,
> We are using shorewall with Proxmox. Issue is *net to FW* traffic not 
> working but *dmz to FW* is working fine. Our requirement is all 
> traffic goes to *Net to FW* . Please provide suggestions.

Imho the rule

net all DROP
must be put after the
net log REJECT

Otherwise it's applied before.

I'd also enable logging in every rule so you get in the logs where the 
packet is blocked.

My 2 cents,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pve.proxmox.com/pipermail/pve-user/attachments/20111010/ff29d3b7/attachment-0014.html>

More information about the pve-user mailing list