1 *pve-firewall* `<COMMAND> [ARGS] [OPTIONS]`
5 Compile and print firewall rules. This is useful for testing.
7 *pve-firewall help* `[OPTIONS]`
9 Get help about specified command.
11 `--extra-args` `<array>` ::
13 Shows help for a specific command
15 `--verbose` `<boolean>` ::
17 Verbose output format.
19 *pve-firewall localnet*
21 Print information about local network.
23 *pve-firewall restart*
25 Restart the Proxmox VE firewall service.
27 *pve-firewall simulate* `[OPTIONS]`
29 Simulate firewall rules. This does not simulates the kernel 'routing'
30 table, but simply assumes that routing from source zone to destination zone
33 `--dest` `<string>` ::
35 Destination IP address.
37 `--dport` `<integer>` ::
41 `--from` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `outside`)::
45 `--protocol` `(tcp|udp)` ('default =' `tcp`)::
49 `--source` `<string>` ::
53 `--sport` `<integer>` ::
57 `--to` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `host`)::
61 `--verbose` `<boolean>` ('default =' `0`)::
65 *pve-firewall start* `[OPTIONS]`
67 Start the Proxmox VE firewall service.
69 `--debug` `<boolean>` ('default =' `0`)::
71 Debug mode - stay in foreground
79 Stop the Proxmox VE firewall service. Note, stopping actively removes all
80 Proxmox VE related iptable rules rendering the host potentially