Hi, in the middle of a weekend migration i realized that the 'Razor'
Macro is broken and basically disables ALL firewalling for a Container,
at least when used in a Security Group.
Looking at Firewall.pm
..
'RNDC' => [
"BIND remote management protocol",
{ action => 'PARAM', proto => 'tcp', dport => '953' },
],
'Razor' => [
"Razor Antispam System",
{ action => 'ACCEPT', proto => 'tcp', dport => '2703' },
],
'Rdate' => [
"Remote time retrieval (rdate)",
{ action => 'PARAM', proto => 'tcp', dport => '37' },
],
..
The Problem seems obvious (might have even missed that one myself when
I was working on this some time ago).
As mentioned, I'm in the middle of a bigger migration so just a short
notice and no patch (fix seems obvious)...
I consider this serious because it silently disables ALL firewalling
(at least for me). Even though Razor Macro probably isn't used often.
Regards,
Tom
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
