]>
Commit | Line | Data |
---|---|---|
1 | *pve-firewall* `<COMMAND> [ARGS] [OPTIONS]` | |
2 | ||
3 | *pve-firewall compile* | |
4 | ||
5 | Compile and print firewall rules. This is useful for testing. | |
6 | ||
7 | *pve-firewall help* `[OPTIONS]` | |
8 | ||
9 | Get help about specified command. | |
10 | ||
11 | `--extra-args` `<array>` :: | |
12 | ||
13 | Shows help for a specific command | |
14 | ||
15 | `--verbose` `<boolean>` :: | |
16 | ||
17 | Verbose output format. | |
18 | ||
19 | *pve-firewall localnet* | |
20 | ||
21 | Print information about local network. | |
22 | ||
23 | *pve-firewall restart* | |
24 | ||
25 | Restart the Proxmox VE firewall service. | |
26 | ||
27 | *pve-firewall simulate* `[OPTIONS]` | |
28 | ||
29 | Simulate firewall rules. This does not simulate kernel 'routing' table. | |
30 | Instead, this simply assumes that routing from source zone to destination | |
31 | zone is possible. | |
32 | ||
33 | `--dest` `<string>` :: | |
34 | ||
35 | Destination IP address. | |
36 | ||
37 | `--dport` `<integer>` :: | |
38 | ||
39 | Destination port. | |
40 | ||
41 | `--from` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `outside`):: | |
42 | ||
43 | Source zone. | |
44 | ||
45 | `--protocol` `(tcp|udp)` ('default =' `tcp`):: | |
46 | ||
47 | Protocol. | |
48 | ||
49 | `--source` `<string>` :: | |
50 | ||
51 | Source IP address. | |
52 | ||
53 | `--sport` `<integer>` :: | |
54 | ||
55 | Source port. | |
56 | ||
57 | `--to` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `host`):: | |
58 | ||
59 | Destination zone. | |
60 | ||
61 | `--verbose` `<boolean>` ('default =' `0`):: | |
62 | ||
63 | Verbose output. | |
64 | ||
65 | *pve-firewall start* `[OPTIONS]` | |
66 | ||
67 | Start the Proxmox VE firewall service. | |
68 | ||
69 | `--debug` `<boolean>` ('default =' `0`):: | |
70 | ||
71 | Debug mode - stay in foreground | |
72 | ||
73 | *pve-firewall status* | |
74 | ||
75 | Get firewall status. | |
76 | ||
77 | *pve-firewall stop* | |
78 | ||
79 | Stop firewall. This removes all Proxmox VE related iptable rules. The host | |
80 | is unprotected afterwards. | |
81 | ||
82 |