[pve-devel] Following tests on PvE 4.0 Jessie

hi, I recreated my POC . I modified the root account in sshd.conf . Cluster creation works : root@pve-ceph1:/home/moula# pvecm status Quorum information -- Date: Sun May 10 06:48:01 2015 Quorum provider: corosync_votequorum Nodes:3 Node ID: 0x

Re: [pve-devel] [PATCH 0/3] Patch to add forward chain control in pve-firewall

> This is very usefull if someone wants to have gusts in different subnets (on > different vlans) and add a firewall between the subnets. Why is it usefull? Please can you be more specific, maybe giving an example? ___ pve-devel mailing list pve-devel@p

[pve-devel] [PATCH] Added the optional ! (invert sense) of IPs/IPset/range in Firewall rules

--- src/PVE/Firewall.pm | 33 +++-- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm index 2bdff20..a3b4ccb 100644 --- a/src/PVE/Firewall.pm +++ b/src/PVE/Firewall.pm @@ -960,6 +960,11 @@ sub compute_ipfilter_ip

[pve-devel] [PATCH 0/1] patch on pve-firewall in order to allow negation

Negation in rules is very usefull in some cases for example in cases. For example: "everithing except my local zone" The patch works with ipsets, alias and IP. Regards, Flav ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi

[pve-devel] [PATCH] Added Firewall Forward rules and policy (needs updated Firewall API)

--- www/manager/grid/FirewallOptions.js | 17 + www/manager/grid/FirewallRules.js |4 ++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/www/manager/grid/FirewallOptions.js b/www/manager/grid/FirewallOptions.js index f94be6c..fcd1600 100644 --- a/www/mana

[pve-devel] [PATCH 2/2] Added GROUP-.*-FORWARD in tracked chains

--- src/PVE/Firewall.pm |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm index 79dac20..2bdff20 100644 --- a/src/PVE/Firewall.pm +++ b/src/PVE/Firewall.pm @@ -1523,7 +1523,7 @@ sub iptables_get_chains { return 1 if $name =~ m/

[pve-devel] [PATCH 1/2] Added Forward chain management

--- src/PVE/API2/Firewall/Cluster.pm |6 +++ src/PVE/API2/Firewall/Host.pm|2 + src/PVE/Firewall.pm | 92 +++--- 3 files changed, 93 insertions(+), 7 deletions(-) diff --git a/src/PVE/API2/Firewall/Cluster.pm b/src/PVE/API2/Firewall/Clust

[pve-devel] [PATCH 0/3] Patch to add forward chain control in pve-firewall

This patch on pve-manager and pve-firewall (on 3.4 stable branch) add the control on FORWARD chain. This is very usefull if someone wants to have gusts in different subnets (on different vlans) and add a firewall between the subnets. Regards, Flav __

[pve-devel] pve-firewall IPv6 patch

Hello, The IPv6 protocol uses a lot for ICMP and multicast in order to allow routing configuration. After different searches I've found that some more ICMPv6 types have to be enabled. After reading post like this : http://pivotallabs.com/configuring-f...6-dhcp-client/ and http://www.cert.ssi.gou