Completed

Configure csf firewall in Proxmox

We have a Proxmox 3.1 server working perfectly (debian) and want to install csf firewall (with its IDS) so we can protect the host node without interfering the traffic of the VMs. We also want to use some features like lock some countries in csf (very easy) to the node and also to the VMs if possible.

We readed that we should add this lines to /etc/csf/[url removed, login to view]:

iptables -A FORWARD -d [url removed, login to view] -j ACCEPT

iptables -A FORWARD -d [url removed, login to view] -j ACCEPT

iptables -A FORWARD -d [url removed, login to view] -j ACCEPT

iptables -A FORWARD -d [url removed, login to view] -j ACCEPT

iptables -A FORWARD -d [url removed, login to view] -j ACCEPT

iptables -A FORWARD -d [url removed, login to view] -j ACCEPT

But when we enable csf connectivity to VMs doesn't work and the ping breaks, this is the network config (IPs are modified):

auto lo

iface lo inet loopback

# device: eth0

auto eth0

iface eth0 inet static

address [url removed, login to view]

netmask [url removed, login to view]

pointopoint [url removed, login to view]

gateway [url removed, login to view]

# for single IPs

auto vmbr0

iface vmbr0 inet static

address [url removed, login to view]

netmask [url removed, login to view]

bridge_ports none

bridge_stp off

bridge_fd 0

up ip route add [url removed, login to view] dev vmbr0

# for a subnet

auto vmbr1

iface vmbr1 inet static

address [url removed, login to view]

netmask [url removed, login to view]

bridge_ports none

bridge_stp off

bridge_fd 0

Virtualization we are using is KVM mainly, the network is routed with subnet..

This is a fast task for an expert.

We will require the list of commants used or a text indicating what has been done, so we can apply this config to another server.

Thanks

Skills: Linux, Script Install, Software Architecture, Web Hosting

See more: proxmox csf firewall, csf proxmox, csf proxmox host, csf proxmox host firewall, proxmox vmbr1, auto vmbr1, proxmox firewall, what is virtualization, kvm virtualization, j software, t sh, loopback, linux firewall, kvm, iptables, firewall, csf, firewall debian, route software, architecture linux server

About the Employer:
( 8 reviews ) Cornella de Llobregat, Spain

Project ID: #5070735

Awarded to:

b4rni

Hi I can do this. I`m experienced linux admin, with 10+ years of experience with linux servers. Best Regards Marek

$35 USD in 1 day
(10 Reviews)
4.4

3 freelancers are bidding on average $133 for this job

rperazzo

I can do this work for you, I am very interested in your project. I am available to begin work on your project tomorrow. Thank you for considering my bid

$130 USD in 3 days
(3 Reviews)
3.3
burgerkill

I have experienced and ready work to do this, please contact me to discuss this project by chatting or skype

$235 USD in 3 days
(1 Review)
2.3