[pve-devel] pve-firewall : enable|disable firewall at interface level

Alexandre DERUMIER aderumier at odiso.com
Mon Apr 28 17:22:29 CEST 2014





	

Alexandre Derumier 
Ingénieur système et stockage 


Fixe : 03 20 68 90 88 
Fax : 03 20 68 90 81 


45 Bvd du Général Leclerc 59100 Roubaix 
12 rue Marivaux 75002 Paris 


MonSiteEstLent.com - Blog dédié à la webperformance et la gestion de pics de trafic 

----- Mail original ----- 

De: "Dietmar Maurer" <dietmar at proxmox.com> 
À: "Alexandre DERUMIER" <aderumier at odiso.com>, "pve-devel" <pve-devel at pve.proxmox.com> 
Envoyé: Lundi 28 Avril 2014 16:49:55 
Objet: RE: [pve-devel] pve-firewall : enable|disable firewall at interface level 

> we can have vms with public interface (need firewall), and private interface 
> (dedicatedvlan without firewall). 
> 
> I would like to be able to enable/disable firewall in vmid.conf, in network 
> interface config,instead globally for the whole vm in vmid.fw. 
> 
> I have some database doing a lot of connections for example, and I don't want 
> extra firewall lookup/conntrack from theses interfaces 
> 
> 
> What do you think about it ? 

I thought about having a flag per VM , but we can also add it to network interface config ( OK for me). 


More information about the pve-devel mailing list