https://blog.wgz.sh/tags/firewall/ Recent content in Firewall on wgz.sh Hugo -- 0.153.1 en-us Sun, 26 Apr 2026 20:14:30 -0400 https://blog.wgz.sh/posts/proxmox-firewall/ Sun, 26 Apr 2026 20:14:30 -0400 https://blog.wgz.sh/posts/proxmox-firewall/ <h2 id="intro">Intro</h2> <p>In my homelab I&rsquo;ve been tediously managing firewall rules using <code>ufw</code>, <code>iptables</code>, and <code>fail2ban</code>. While this works well, I believe it&rsquo;s overly complicated for my setup. This led me down the rabbit hole of how to implement firewall rules in Proxmox.</p> <p>Proxmox&rsquo;s firewall is extremely competent, but it can be tricky as well.</p> <p>One thing I learned about Proxmox is that you need to make sure the firewall is enabled in multiple places. You have several layers of firewalling, one for the hosts, one for the VMs, and one for services running in VNETs. These firewall rules are backed by either <code>iptables</code> or the more modern <code>nftables</code> in the case of VNETs.</p> https://blog.wgz.sh/posts/colocating-my-homelab/ Sat, 05 Apr 2025 17:15:21 -0400 https://blog.wgz.sh/posts/colocating-my-homelab/ <p>Hey all,</p> <p>I recently decided to purchase a dedicated server from <a href="https://my.racknerd.com/">RackNerd</a> with the goal of hosting my homelab services remotely.</p> <p>Previously, I ran a high-availability Proxmox cluster out of my one-bedroom apartment in NYC, powered by a few Dell Optiplex 4090s. A few months ago, I moved into a new place and had to decommission that setup.</p> <p>Since my new setup is remote, it presented a few challenges:<br> <em>How am I going to administer my lab? How can I secure it? What services will I host?</em></p>