]>
Commit | Line | Data |
---|---|---|
1f554f76 DM |
1 | *pve-firewall* `<COMMAND> [ARGS] [OPTIONS]` |
2 | ||
3 | *pve-firewall compile* | |
4 | ||
5 | Compile and print firewall rules. This is useful for testing. | |
6 | ||
7 | ||
8 | ||
9 | ||
10 | *pve-firewall help* `[<cmd>]` `[OPTIONS]` | |
11 | ||
12 | Get help about specified command. | |
13 | ||
013dc89f | 14 | `<cmd>`: `<string>` :: |
1f554f76 DM |
15 | |
16 | Command name | |
17 | ||
013dc89f | 18 | `-verbose` `<boolean>` :: |
1f554f76 DM |
19 | |
20 | Verbose output format. | |
21 | ||
22 | ||
23 | ||
24 | ||
25 | *pve-firewall localnet* | |
26 | ||
27 | Print information about local network. | |
28 | ||
29 | ||
30 | ||
31 | *pve-firewall restart* | |
32 | ||
33 | Restart the Proxmox VE firewall service. | |
34 | ||
35 | ||
36 | ||
37 | *pve-firewall simulate* `[OPTIONS]` | |
38 | ||
39 | Simulate firewall rules. This does not simulate kernel 'routing' table. | |
40 | Instead, this simply assumes that routing from source zone to destination | |
41 | zone is possible. | |
42 | ||
013dc89f | 43 | `-dest` `<string>` :: |
1f554f76 DM |
44 | |
45 | Destination IP address. | |
46 | ||
013dc89f | 47 | `-dport` `<integer>` :: |
1f554f76 DM |
48 | |
49 | Destination port. | |
50 | ||
013dc89f | 51 | `-from` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `outside`):: |
1f554f76 DM |
52 | |
53 | Source zone. | |
54 | ||
013dc89f | 55 | `-protocol` `(tcp|udp)` ('default =' `tcp`):: |
1f554f76 DM |
56 | |
57 | Protocol. | |
58 | ||
013dc89f | 59 | `-source` `<string>` :: |
1f554f76 DM |
60 | |
61 | Source IP address. | |
62 | ||
013dc89f | 63 | `-sport` `<integer>` :: |
1f554f76 DM |
64 | |
65 | Source port. | |
66 | ||
013dc89f | 67 | `-to` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `host`):: |
1f554f76 DM |
68 | |
69 | Destination zone. | |
70 | ||
013dc89f | 71 | `-verbose` `<boolean>` ('default =' `0`):: |
1f554f76 DM |
72 | |
73 | Verbose output. | |
74 | ||
75 | ||
76 | ||
77 | *pve-firewall start* `[OPTIONS]` | |
78 | ||
79 | Start the Proxmox VE firewall service. | |
80 | ||
013dc89f | 81 | `-debug` `<boolean>` ('default =' `0`):: |
1f554f76 DM |
82 | |
83 | Debug mode - stay in foreground | |
84 | ||
85 | ||
86 | ||
87 | *pve-firewall status* | |
88 | ||
89 | Get firewall status. | |
90 | ||
91 | ||
92 | ||
93 | *pve-firewall stop* | |
94 | ||
95 | Stop firewall. This removes all Proxmox VE related iptable rules. The host | |
96 | is unprotected afterwards. | |
97 | ||
98 | ||
99 | ||
100 |