From: Alexandre Derumier <aderumier@odiso.com>
Date: Fri, 7 Feb 2014 15:22:27 +0000 (+0100)
Subject: basic bridge iptables implementation
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;ds=sidebyside;h=3a616aa0ae97f3dc0fd3faa0361d5c4e8b3b312f;hp=3a616aa0ae97f3dc0fd3faa0361d5c4e8b3b312f;p=pve-firewall.git

basic bridge iptables implementation

./pvefw enabletaprules -netid net0 -vmid 110

./pvefw disabletaprules -netid net0 -vmid 110

sample firewall config file
---------------------------

[IN]

ACCEPT net0 - - tcp 22 -
ACCEPT net0 - - icmp - -
GROUP-securityname1 net0 - - - - -  #apply security group rules
GROUP-securityname2 net0 - - icmp - -  #apply security group rules on icmp only
[OUT]

ACCEPT net0 - - icmp - -
ACCEPT net0 - - tcp 80 -
GROUP-securityname2 net0 - - - - -  #apply security group rules

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---