> Can be usefull to do something like this for example > > vm1.FW > GROUP-group1 net0 - - 80 - - > > > vm2.FW > GROUP-group1 net0 - - 22 - - > > > and > [GROUP1] > > ACCEPT 10.0.0.1 - - - - > ACCEPT 10.0.0.2 - - - - > ACCEPT 10.0.0.3 - - - -
I thought a security groupd would also defined thing which should be blocked, for example: [GROUP1] ACCEPT 10.0.0.1 - - - - ACCEPT 10.0.0.2 - - - - ACCEPT 10.0.0.3 - - - - DROP - - udp - So that DROP is simply skipped when you use: vm1.FW GROUP-group1 net0 - - 80 - - That looks quite strange to me? _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
