pve-docs/pve-firewall.8-synopsis.adoc

84 lines
1.5 KiB
Plaintext

*pve-firewall* `<COMMAND> [ARGS] [OPTIONS]`
*pve-firewall compile*
Compile and print firewall rules. This is useful for testing.
*pve-firewall help* `[OPTIONS]`
Get help about specified command.
`--extra-args` `<array>` ::
Shows help for a specific command
`--verbose` `<boolean>` ::
Verbose output format.
*pve-firewall localnet*
Print information about local network.
*pve-firewall restart*
Restart the Proxmox VE firewall service.
*pve-firewall simulate* `[OPTIONS]`
Simulate firewall rules. This does not simulates the kernel 'routing'
table, but simply assumes that routing from source zone to destination zone
is possible.
`--dest` `<string>` ::
Destination IP address.
`--dport` `<integer>` ::
Destination port.
`--from` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `outside`)::
Source zone.
`--protocol` `(tcp|udp)` ('default =' `tcp`)::
Protocol.
`--source` `<string>` ::
Source IP address.
`--sport` `<integer>` ::
Source port.
`--to` `(host|outside|vm\d+|ct\d+|vmbr\d+/\S+)` ('default =' `host`)::
Destination zone.
`--verbose` `<boolean>` ('default =' `0`)::
Verbose output.
*pve-firewall start* `[OPTIONS]`
Start the Proxmox VE firewall service.
`--debug` `<boolean>` ('default =' `0`)::
Debug mode - stay in foreground
*pve-firewall status*
Get firewall status.
*pve-firewall stop*
Stop the Proxmox VE firewall service. Note, stopping actively removes all
Proxmox VE related iptable rules rendering the host potentially
unprotected.