Bug 2773
As I'm not using the pve-firewall, I've stopped and it's ok.
# pve-firewall stop
Thanks.
On 29/05/2020 16:59, Stoiko Ivanov wrote:
Hi,
Thanks for reporting this!
I managed to reproduce the issue - it seems the code currently does not
account for the policy of an ebtables chain (see [0])
Please open a bug report over at https://bugzilla.proxmox.com
as a mitigation until this is fixed you could add a final rule which drops
all packets to your ruleset:
```
ebtables -A test -j DROP
```
kind regards,
stoiko
[0]
https://git.proxmox.com/?p=pve-firewall.git;a=blob;f=src/PVE/Firewall.pm;h=a2105e5410590b30305bd6941ddcc8bfe40159da;hb=HEAD#l4166
On Fri, 29 May 2020 15:46:26 +0200
José Manuel Giner <j...@ginernet.com> wrote:
Seems it's a bug "fixed", but is still here:
https://git.proxmox.com/?p=pve-firewall.git;a=commit;h=84025e9943d236414fbd869b89cb2e8e17af3208
On 29/05/2020 14:24, José Manuel Giner wrote:
Any info?
On 28/05/2020 18:07, José Manuel Giner wrote:
Hello,
when I create a ebtables chain in a HN with DROP policy, after some
seconds is automatically modified to ACCEPT
ebtables -N test
ebtables -P test DROP
some seconds later:
#ebtables -L
Bridge chain: test, entries: 0, policy: ACCEPT
I've tried to disable "ebtables" on the datacenter, but nothing seems
to affect.
Any idea?
Thanks!
--
José Manuel Giner
https://ginernet.com
_______________________________________________
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user