NAME

pve-firewall - PVE Firewall Daemon

SYNOPSIS

 pve-firewall <COMMAND> [ARGS] [OPTIONS]

 pve-firewall help [<cmd>] [OPTIONS]
 
   Get help about specified command.
 
   <cmd>      string
 
             Command name
 
   -verbose   boolean
 
             Verbose output format.
 
 


 pve-firewall compile 
 
   Compile and print firewall rules. This is useful for testing.
 
 

 pve-firewall localnet 
 
   Print information about local network.
 
 

 pve-firewall restart 
 
   Restart the Proxmox VE firewall service.
 
 

 pve-firewall simulate  [OPTIONS]
 
   Simulate firewall rules. This does not simulate kernel 'routing' table.
   Instead, this simply assumes that routing from source zone to destination
   zone is possible.
 
   -dest      string
 
             Destination IP address.
 
   -dport     integer
 
             Destination port.
 
   -from      (host|outside|vm\d+|ct\d+|vmbr\d+/\S+)   (default=outside)
 
             Source zone.
 
   -protocol  (tcp|udp)  (default=tcp)
 
             Protocol.
 
   -source    string
 
             Source IP address.
 
   -sport     integer
 
             Source port.
 
   -to       (host|outside|vm\d+|ct\d+|vmbr\d+/\S+)   (default=host)
 
             Destination zone.
 
   -verbose   boolean   (default=0)
 
             Verbose output.
 
 

 pve-firewall start  [OPTIONS]
 
   Start the Proxmox VE firewall service.
 
   -debug     boolean   (default=0)
 
             Debug mode - stay in foreground
 
 

 pve-firewall status 
 
   Get firewall status.
 
 

 pve-firewall stop 
 
   Stop firewall. This removes all Proxmox VE related iptable rules. The
   host is unprotected afterwards.
 
 

DESCRIPTION

This service updates iptables rules periodically.

COPYRIGHT AND DISCLAIMER

Copyright (C) 2007-2015 Proxmox Server Solutions GmbH

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License along with this program. If not, see http://www.gnu.org/licenses/.