mirror of
https://git.proxmox.com/git/pve-docs
synced 2025-11-04 00:15:20 +00:00
101 lines
1.4 KiB
Plaintext
101 lines
1.4 KiB
Plaintext
*pve-firewall* `<COMMAND> [ARGS] [OPTIONS]`
|
|
|
|
*pve-firewall compile*
|
|
|
|
Compile and print firewall rules. This is useful for testing.
|
|
|
|
|
|
|
|
|
|
*pve-firewall help* `[<cmd>]` `[OPTIONS]`
|
|
|
|
Get help about specified command.
|
|
|
|
`<cmd>` `string` ::
|
|
|
|
Command name
|
|
|
|
`-verbose` `boolean` ::
|
|
|
|
Verbose output format.
|
|
|
|
|
|
|
|
|
|
*pve-firewall localnet*
|
|
|
|
Print information about local network.
|
|
|
|
|
|
|
|
*pve-firewall restart*
|
|
|
|
Restart the Proxmox VE firewall service.
|
|
|
|
|
|
|
|
*pve-firewall simulate* `[OPTIONS]`
|
|
|
|
Simulate firewall rules. This does not simulate kernel 'routing' table.
|
|
Instead, this simply assumes that routing from source zone to destination
|
|
zone is possible.
|
|
|
|
`-dest` `string` ::
|
|
|
|
Destination IP address.
|
|
|
|
`-dport` `integer` ::
|
|
|
|
Destination port.
|
|
|
|
`-from` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` (default=`outside`)::
|
|
|
|
Source zone.
|
|
|
|
`-protocol` `(tcp|udp)` (default=`tcp`)::
|
|
|
|
Protocol.
|
|
|
|
`-source` `string` ::
|
|
|
|
Source IP address.
|
|
|
|
`-sport` `integer` ::
|
|
|
|
Source port.
|
|
|
|
`-to` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` (default=`host`)::
|
|
|
|
Destination zone.
|
|
|
|
`-verbose` `boolean` (default=`0`)::
|
|
|
|
Verbose output.
|
|
|
|
|
|
|
|
*pve-firewall start* `[OPTIONS]`
|
|
|
|
Start the Proxmox VE firewall service.
|
|
|
|
`-debug` `boolean` (default=`0`)::
|
|
|
|
Debug mode - stay in foreground
|
|
|
|
|
|
|
|
*pve-firewall status*
|
|
|
|
Get firewall status.
|
|
|
|
|
|
|
|
*pve-firewall stop*
|
|
|
|
Stop firewall. This removes all Proxmox VE related iptable rules. The host
|
|
is unprotected afterwards.
|
|
|
|
|
|
|
|
|