[PVE-User] Bond0 device for Net interface
Lars Wilke
lw at lwilke.de
Wed Oct 12 15:07:35 CEST 2011
Maybe try the shorewall lists?
* Inderjit Singh wrote:
> Need more suggestions.....
>
> --
> --
> Inderjit Singh
>
>
>
> On 10/10/2011 12:09 PM, Giuliano Natali wrote:
> >Alessandro Briosi wrote:
> >>Il 09/10/2011 17:07, Inderjit Singh ha scritto:
> >>>Hello ,
> >>>
> >>>We are using shorewall with Proxmox. Issue is *net to FW* traffic not
> >>>working but *dmz to FW* is working fine. Our requirement is all
> >>>traffic goes to *Net to FW* . Please provide suggestions.
> >>Imho the rule
> >>
> >>net all DROP
> >>must be put after the
> >>net $FW ACCEPT
> >>net log REJECT
> >>
> >>Otherwise it's applied before.
> >I think the best way to use shorewall is to
> >write a policy like
> >
> >all all DROP info (if you want to see where is the block)
> >
> >and use the rules to enable the traffic between what you want
> >
> >Then test the connection
> >if shorewall blocks a packet you will find a log like this
> >
> >shorewall: dmz2net DROP etc. etc
> >
> >Use this to write the rule
> >
> >My additional cent to alessandro :-)
> >
> >Diaolin
> >
> >_______________________________________________
> >pve-user mailing list
> >pve-user at pve.proxmox.com
> >http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>
>
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
More information about the pve-user
mailing list