mirror of
git://git.proxmox.com/git/pve-docs.git
synced 2025-01-06 13:17:48 +03:00
84 lines
1.5 KiB
Plaintext
84 lines
1.5 KiB
Plaintext
*pve-firewall* `<COMMAND> [ARGS] [OPTIONS]`
|
|
|
|
*pve-firewall compile*
|
|
|
|
Compile and print firewall rules. This is useful for testing.
|
|
|
|
*pve-firewall help* `[OPTIONS]`
|
|
|
|
Get help about specified command.
|
|
|
|
`--extra-args` `<array>` ::
|
|
|
|
Shows help for a specific command
|
|
|
|
`--verbose` `<boolean>` ::
|
|
|
|
Verbose output format.
|
|
|
|
*pve-firewall localnet*
|
|
|
|
Print information about local network.
|
|
|
|
*pve-firewall restart*
|
|
|
|
Restart the Proxmox VE firewall service.
|
|
|
|
*pve-firewall simulate* `[OPTIONS]`
|
|
|
|
Simulate firewall rules. This does not simulates the kernel 'routing'
|
|
table, but simply assumes that routing from source zone to destination zone
|
|
is possible.
|
|
|
|
`--dest` `<string>` ::
|
|
|
|
Destination IP address.
|
|
|
|
`--dport` `<integer>` ::
|
|
|
|
Destination port.
|
|
|
|
`--from` `(host|outside|vm\d+|ct\d+|([a-zA-Z][a-zA-Z0-9]{0,9})/(\S+))` ('default =' `outside`)::
|
|
|
|
Source zone.
|
|
|
|
`--protocol` `(tcp|udp)` ('default =' `tcp`)::
|
|
|
|
Protocol.
|
|
|
|
`--source` `<string>` ::
|
|
|
|
Source IP address.
|
|
|
|
`--sport` `<integer>` ::
|
|
|
|
Source port.
|
|
|
|
`--to` `(host|outside|vm\d+|ct\d+|([a-zA-Z][a-zA-Z0-9]{0,9})/(\S+))` ('default =' `host`)::
|
|
|
|
Destination zone.
|
|
|
|
`--verbose` `<boolean>` ('default =' `0`)::
|
|
|
|
Verbose output.
|
|
|
|
*pve-firewall start* `[OPTIONS]`
|
|
|
|
Start the Proxmox VE firewall service.
|
|
|
|
`--debug` `<boolean>` ('default =' `0`)::
|
|
|
|
Debug mode - stay in foreground
|
|
|
|
*pve-firewall status*
|
|
|
|
Get firewall status.
|
|
|
|
*pve-firewall stop*
|
|
|
|
Stop the Proxmox VE firewall service. Note, stopping actively removes all
|
|
Proxmox VE related iptable rules rendering the host potentially
|
|
unprotected.
|
|
|
|
|