*pve-firewall* ` [ARGS] [OPTIONS]` *pve-firewall compile* Compile and print firewall rules. This is useful for testing. *pve-firewall help* `[OPTIONS]` Get help about specified command. `--extra-args` `` :: Shows help for a specific command `--verbose` `` :: Verbose output format. *pve-firewall localnet* Print information about local network. *pve-firewall restart* Restart the Proxmox VE firewall service. *pve-firewall simulate* `[OPTIONS]` Simulate firewall rules. This does not simulate kernel 'routing' table. Instead, this simply assumes that routing from source zone to destination zone is possible. `--dest` `` :: Destination IP address. `--dport` `` :: Destination port. `--from` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `outside`):: Source zone. `--protocol` `(tcp|udp)` ('default =' `tcp`):: Protocol. `--source` `` :: Source IP address. `--sport` `` :: Source port. `--to` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `host`):: Destination zone. `--verbose` `` ('default =' `0`):: Verbose output. *pve-firewall start* `[OPTIONS]` Start the Proxmox VE firewall service. `--debug` `` ('default =' `0`):: Debug mode - stay in foreground *pve-firewall status* Get firewall status. *pve-firewall stop* Stop firewall. This removes all Proxmox VE related iptable rules. The host is unprotected afterwards.