pve-firewall <COMMAND> [ARGS] [OPTIONS]
pve-firewall compile
Compile and print firewall rules. This is useful for testing.
pve-firewall help [OPTIONS]
Get help about specified command.
--extra-args
<array>
--verbose
<boolean>
pve-firewall localnet
Print information about local network.
pve-firewall restart
Restart the Proxmox VE firewall service.
pve-firewall simulate [OPTIONS]
Simulate firewall rules. This does not simulate kernel routing table. Instead, this simply assumes that routing from source zone to destination zone is possible.
--dest
<string>
--dport
<integer>
--from
(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)
(default = outside
)
--protocol
(tcp|udp)
(default = tcp
)
--source
<string>
--sport
<integer>
--to
(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)
(default = host
)
--verbose
<boolean>
(default = 0
)
pve-firewall start [OPTIONS]
Start the Proxmox VE firewall service.
--debug
<boolean>
(default = 0
)
pve-firewall status
Get firewall status.
pve-firewall stop
Stop firewall. This removes all Proxmox VE related iptable rules. The host is unprotected afterwards.