1 *pve-firewall* `<COMMAND> [ARGS] [OPTIONS]`
5 Compile and print firewall rules. This is useful for testing.
10 *pve-firewall help* `[<cmd>]` `[OPTIONS]`
12 Get help about specified command.
14 `<cmd>`: `<string>` ::
18 `-verbose` `<boolean>` ::
20 Verbose output format.
25 *pve-firewall localnet*
27 Print information about local network.
31 *pve-firewall restart*
33 Restart the Proxmox VE firewall service.
37 *pve-firewall simulate* `[OPTIONS]`
39 Simulate firewall rules. This does not simulate kernel 'routing' table.
40 Instead, this simply assumes that routing from source zone to destination
45 Destination IP address.
47 `-dport` `<integer>` ::
51 `-from` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `outside`)::
55 `-protocol` `(tcp|udp)` ('default =' `tcp`)::
59 `-source` `<string>` ::
63 `-sport` `<integer>` ::
67 `-to` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `host`)::
71 `-verbose` `<boolean>` ('default =' `0`)::
77 *pve-firewall start* `[OPTIONS]`
79 Start the Proxmox VE firewall service.
81 `-debug` `<boolean>` ('default =' `0`)::
83 Debug mode - stay in foreground
95 Stop firewall. This removes all Proxmox VE related iptable rules. The host
96 is unprotected afterwards.