mirror of
git://git.proxmox.com/git/pve-docs.git
synced 2025-01-10 01:17:51 +03:00
83 lines
1.4 KiB
Plaintext
83 lines
1.4 KiB
Plaintext
*pve-firewall* `<COMMAND> [ARGS] [OPTIONS]`
|
|
|
|
*pve-firewall compile*
|
|
|
|
Compile and print firewall rules. This is useful for testing.
|
|
|
|
*pve-firewall help* `[OPTIONS]`
|
|
|
|
Get help about specified command.
|
|
|
|
`--extra-args` `<array>` ::
|
|
|
|
Shows help for a specific command
|
|
|
|
`--verbose` `<boolean>` ::
|
|
|
|
Verbose output format.
|
|
|
|
*pve-firewall localnet*
|
|
|
|
Print information about local network.
|
|
|
|
*pve-firewall restart*
|
|
|
|
Restart the Proxmox VE firewall service.
|
|
|
|
*pve-firewall simulate* `[OPTIONS]`
|
|
|
|
Simulate firewall rules. This does not simulate kernel 'routing' table.
|
|
Instead, this simply assumes that routing from source zone to destination
|
|
zone is possible.
|
|
|
|
`--dest` `<string>` ::
|
|
|
|
Destination IP address.
|
|
|
|
`--dport` `<integer>` ::
|
|
|
|
Destination port.
|
|
|
|
`--from` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `outside`)::
|
|
|
|
Source zone.
|
|
|
|
`--protocol` `(tcp|udp)` ('default =' `tcp`)::
|
|
|
|
Protocol.
|
|
|
|
`--source` `<string>` ::
|
|
|
|
Source IP address.
|
|
|
|
`--sport` `<integer>` ::
|
|
|
|
Source port.
|
|
|
|
`--to` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `host`)::
|
|
|
|
Destination zone.
|
|
|
|
`--verbose` `<boolean>` ('default =' `0`)::
|
|
|
|
Verbose output.
|
|
|
|
*pve-firewall start* `[OPTIONS]`
|
|
|
|
Start the Proxmox VE firewall service.
|
|
|
|
`--debug` `<boolean>` ('default =' `0`)::
|
|
|
|
Debug mode - stay in foreground
|
|
|
|
*pve-firewall status*
|
|
|
|
Get firewall status.
|
|
|
|
*pve-firewall stop*
|
|
|
|
Stop firewall. This removes all Proxmox VE related iptable rules. The host
|
|
is unprotected afterwards.
|
|
|
|
|