basic bridge iptables implementation
authorAlexandre Derumier <aderumier@odiso.com>
Fri, 7 Feb 2014 15:22:27 +0000 (16:22 +0100)
committerDietmar Maurer <dietmar@proxmox.com>
Thu, 13 Feb 2014 09:36:38 +0000 (10:36 +0100)
commit3a616aa0ae97f3dc0fd3faa0361d5c4e8b3b312f
treeb4b939f78b47790606e686ecf23e6f71b3c7b3d7
parent1b6a0a59ecf373b94fafbfb5466f33ef3438bbd2
basic bridge iptables implementation

./pvefw enabletaprules -netid net0 -vmid 110

./pvefw disabletaprules -netid net0 -vmid 110

sample firewall config file
---------------------------

[IN]

ACCEPT net0 - - tcp 22 -
ACCEPT net0 - - icmp - -
GROUP-securityname1 net0 - - - - -  #apply security group rules
GROUP-securityname2 net0 - - icmp - -  #apply security group rules on icmp only
[OUT]

ACCEPT net0 - - icmp - -
ACCEPT net0 - - tcp 80 -
GROUP-securityname2 net0 - - - - -  #apply security group rules

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
PVE/Firewall.pm
pvefw