host firewall support
authorAlexandre Derumier <aderumier@odiso.com>
Fri, 7 Feb 2014 15:22:30 +0000 (16:22 +0100)
committerDietmar Maurer <dietmar@proxmox.com>
Thu, 13 Feb 2014 09:56:53 +0000 (10:56 +0100)
commit0bd5f13736bfe072a529ce08f43e27c31df03c50
treee0010cc0fde576986507afc1c3fdb7bd7c51d19f
parentd6de1dc216e21fe6d4214d9ea7187ae6bf177bea
host firewall support

defaults rules:

/etc/pve/local/host.fw

[IN]

ACCEPT - - - tcp 24007 -   #glusterfs
ACCEPT - - - icmp - -
ACCEPT - - - tcp 22 -
ACCEPT - - - tcp 8006 - #pveproxy
ACCEPT - - - tcp 3128 -  #spiceproxy
ACCEPT - - - tcp 6789 -  #ceph mon
ACCEPT - - - tcp 5900:5910 - #vnc consoles
ACCEPT - - - udp 53 -

[OUT]

ACCEPT - - - icmp - -
ACCEPT - - - tcp 24007 - #glusterfs
ACCEPT - - - tcp 6789 - #ceph mon
ACCEPT - - - tcp 22 -
ACCEPT - - - udp 53 -

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
PVE/Firewall.pm
pvefw