[PVE-User] pve-firewall and NAT

Yannick Palanque yannick.ml at palanque.name
Thu Mar 10 20:01:14 CET 2016


À 2016-03-10T11:15:09+0100,
Jonas Borgström <jonas at borgstrom.se> écrivit :

> The only workaround I've found so far(from some proxmox forum) is:
> $ iptables -t raw -A PREROUTING -i fwbr+ -j CT --zone 1
> But that only works if I manually run it _after_ the firewall and the
> container has been started, it does not work if I add it as a post-up
> command to /etc/network/interfaces.

I have this very iptables rule in interface's post-up rules and it
works... but I have issues with ARP as I told on
I use this ugly hack (static ARP for GW) and it seems to work well...


More information about the pve-user mailing list