Hello there.
I would like to know if there is already some module to create a restriction
for IP/MacAddress.
For "low cost" VPS, creating a dedicated vlan, using a /30 network, configuring
a network interface on the firewall, is too expensive.
So i would like to use the whole /24 network, and give one address to each vps;
i also need to forbid any ip change.
The fastest way is to create an ebtables rule, but it will be simpler if on the
VM details i can check a radio button "restrict ip address" and write the ip
address. It will generate on all the nodes, two ebtables rules:
ebtables -A FORWARD -i ${network_device} -s ! ${mac_address} -j DROP
ebtables -A FORWARD -s ${mac_address} -p IPv4 --ip-src ! ${ip_address} -j DROP
It will work (for now) only for IPv4 address, but it can be enough for now.
Regards, Fabrizio
--
---
Fabrizio Cuseo - mailto:f.cu...@panservice.it
Direzione Generale - Panservice InterNetWorking
Servizi Professionali per Internet ed il Networking
Panservice e' associata AIIP - RIPE Local Registry
Phone: +39 0773 410020 - Fax: +39 0773 470219
http://www.panservice.it mailto:i...@panservice.it
Numero verde nazionale: 800 901492
_______________________________________________
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
