]>
Commit | Line | Data |
---|---|---|
1f554f76 DM |
1 | *pve-firewall* `<COMMAND> [ARGS] [OPTIONS]` |
2 | ||
3 | *pve-firewall compile* | |
4 | ||
5 | Compile and print firewall rules. This is useful for testing. | |
6 | ||
35a75dd3 | 7 | *pve-firewall help* `[OPTIONS]` |
1f554f76 DM |
8 | |
9 | Get help about specified command. | |
10 | ||
35a75dd3 | 11 | `--extra-args` `<array>` :: |
1f554f76 | 12 | |
35a75dd3 | 13 | Shows help for a specific command |
1f554f76 | 14 | |
2489d6df | 15 | `--verbose` `<boolean>` :: |
1f554f76 DM |
16 | |
17 | Verbose output format. | |
18 | ||
1f554f76 DM |
19 | *pve-firewall localnet* |
20 | ||
21 | Print information about local network. | |
22 | ||
1f554f76 DM |
23 | *pve-firewall restart* |
24 | ||
25 | Restart the Proxmox VE firewall service. | |
26 | ||
1f554f76 DM |
27 | *pve-firewall simulate* `[OPTIONS]` |
28 | ||
29 | Simulate firewall rules. This does not simulate kernel 'routing' table. | |
30 | Instead, this simply assumes that routing from source zone to destination | |
31 | zone is possible. | |
32 | ||
2489d6df | 33 | `--dest` `<string>` :: |
1f554f76 DM |
34 | |
35 | Destination IP address. | |
36 | ||
2489d6df | 37 | `--dport` `<integer>` :: |
1f554f76 DM |
38 | |
39 | Destination port. | |
40 | ||
2489d6df | 41 | `--from` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `outside`):: |
1f554f76 DM |
42 | |
43 | Source zone. | |
44 | ||
2489d6df | 45 | `--protocol` `(tcp|udp)` ('default =' `tcp`):: |
1f554f76 DM |
46 | |
47 | Protocol. | |
48 | ||
2489d6df | 49 | `--source` `<string>` :: |
1f554f76 DM |
50 | |
51 | Source IP address. | |
52 | ||
2489d6df | 53 | `--sport` `<integer>` :: |
1f554f76 DM |
54 | |
55 | Source port. | |
56 | ||
2489d6df | 57 | `--to` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `host`):: |
1f554f76 DM |
58 | |
59 | Destination zone. | |
60 | ||
2489d6df | 61 | `--verbose` `<boolean>` ('default =' `0`):: |
1f554f76 DM |
62 | |
63 | Verbose output. | |
64 | ||
1f554f76 DM |
65 | *pve-firewall start* `[OPTIONS]` |
66 | ||
67 | Start the Proxmox VE firewall service. | |
68 | ||
2489d6df | 69 | `--debug` `<boolean>` ('default =' `0`):: |
1f554f76 DM |
70 | |
71 | Debug mode - stay in foreground | |
72 | ||
1f554f76 DM |
73 | *pve-firewall status* |
74 | ||
75 | Get firewall status. | |
76 | ||
1f554f76 DM |
77 | *pve-firewall stop* |
78 | ||
79 | Stop firewall. This removes all Proxmox VE related iptable rules. The host | |
80 | is unprotected afterwards. | |
81 | ||
82 |