Configuring a host-specific firewall
Any rules created in the host zone only apply to the node itself where the rule is created and the VMs are in that host node. Rules for one node do not get replicated to the other nodes although the rule files are stored in the Proxmox cluster filesystem. There are no options to create IPSet or Security Groups in the host zone. We can only create firewall rules. The following screenshot shows the Firewall feature for the host node pm4-1 in our example cluster:
Creating host firewall rules
The process of creating new rules for the Host zone is identical to the rule creation process that we have already discussed in the Configuring a datacenter-specific firewall section earlier in this chapter. Besides creating rules from scratch, we can also assign predefined rules in the form of a Security Group to a node. We cannot create a new Security Group under the host firewall menu, but we can assign it some predefined rules. For example, earlier in this chapter...
