mirror of
				git://git.proxmox.com/git/pve-docs.git
				synced 2025-10-26 11:33:10 +03:00 
			
		
		
		
	
		
			
				
	
	
		
			84 lines
		
	
	
		
			1.5 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			84 lines
		
	
	
		
			1.5 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| *pve-firewall* `<COMMAND> [ARGS] [OPTIONS]`
 | |
| 
 | |
| *pve-firewall compile*
 | |
| 
 | |
| Compile and print firewall rules. This is useful for testing.
 | |
| 
 | |
| *pve-firewall help* `[OPTIONS]`
 | |
| 
 | |
| Get help about specified command.
 | |
| 
 | |
| `--extra-args` `<array>` ::
 | |
| 
 | |
| Shows help for a specific command
 | |
| 
 | |
| `--verbose` `<boolean>` ::
 | |
| 
 | |
| Verbose output format.
 | |
| 
 | |
| *pve-firewall localnet*
 | |
| 
 | |
| Print information about local network.
 | |
| 
 | |
| *pve-firewall restart*
 | |
| 
 | |
| Restart the Proxmox VE firewall service.
 | |
| 
 | |
| *pve-firewall simulate* `[OPTIONS]`
 | |
| 
 | |
| Simulate firewall rules. This does not simulates the kernel 'routing'
 | |
| table, but simply assumes that routing from source zone to destination zone
 | |
| is possible.
 | |
| 
 | |
| `--dest` `<string>` ::
 | |
| 
 | |
| Destination IP address.
 | |
| 
 | |
| `--dport` `<integer>` ::
 | |
| 
 | |
| Destination port.
 | |
| 
 | |
| `--from` `(host|outside|vm\d+|ct\d+|([a-zA-Z][a-zA-Z0-9]{0,9})/(\S+))` ('default =' `outside`)::
 | |
| 
 | |
| Source zone.
 | |
| 
 | |
| `--protocol` `(tcp|udp)` ('default =' `tcp`)::
 | |
| 
 | |
| Protocol.
 | |
| 
 | |
| `--source` `<string>` ::
 | |
| 
 | |
| Source IP address.
 | |
| 
 | |
| `--sport` `<integer>` ::
 | |
| 
 | |
| Source port.
 | |
| 
 | |
| `--to` `(host|outside|vm\d+|ct\d+|([a-zA-Z][a-zA-Z0-9]{0,9})/(\S+))` ('default =' `host`)::
 | |
| 
 | |
| Destination zone.
 | |
| 
 | |
| `--verbose` `<boolean>` ('default =' `0`)::
 | |
| 
 | |
| Verbose output.
 | |
| 
 | |
| *pve-firewall start* `[OPTIONS]`
 | |
| 
 | |
| Start the Proxmox VE firewall service.
 | |
| 
 | |
| `--debug` `<boolean>` ('default =' `0`)::
 | |
| 
 | |
| Debug mode - stay in foreground
 | |
| 
 | |
| *pve-firewall status*
 | |
| 
 | |
| Get firewall status.
 | |
| 
 | |
| *pve-firewall stop*
 | |
| 
 | |
| Stop the Proxmox VE firewall service. Note, stopping actively removes all
 | |
| Proxmox VE related iptable rules rendering the host potentially
 | |
| unprotected.
 | |
| 
 | |
| 
 |