Although almost all firewall configurations can be performed through the Proxmox GUI, sometimes it may be necessary to perform certain tasks through a CLI. In this section, we are going to see some commands that can be used to manage the Proxmox firewall.
Log in to the Proxmox node using SSH, or directly from a console, as a root or with any other administrative privilege.
Here are some of the CLI commands to manage the Proxmox VE firewall:
To start a firewall service:
# pve-firewall start
To stop a firewall service:
# pve-firewall stop
To check the status of a firewall service:
# pve-firewall status
To view the generated
iptables
rules:# iptables-save
To edit a cluster-specific firewall:
# nano /etc/pve/firewall/cluster.fw
To edit a host-specific firewall:
# nano /etc/pve/nodes/<node_name>/host.fw
To edit a VM-specific firewall:
# nano /etc/pve/firewall/<vm_id>.fw