[pve-devel] Firewalling Proxmox with Shorewall

Dietmar Maurer dietmar at proxmox.com
Tue Aug 14 06:30:29 CEST 2012

> Couldn't the be done more simply using ebtables.  Sorry if the has already
> been discussed.
> http://serverfault.com/questions/388544/is-it-possible-to-enable-port-
> isolation-on-linux-bridges

Shorewalls provide much more functionality than ebtables. And we also need
a firewall for routed interfaces.

> This would provide port based isolation on each existing bridge.  This would
> provide true isolation not just ipv4.

shorewall also provide  that feature.

- Dietmar

More information about the pve-devel mailing list