How to enable/disable a VM's firewall from the command line?

justinclift

Active Member
Apr 1, 2024
645
163
43
This is probably a simple brain-o on my part, but I'm not seeing a qm option (or other command line tool) for enabling/disabling the firewall for a VM.

(Note, I'm not asking how to add the ,firewall=1 option to a network interface at VM creation time nor afterwards. That's documented in the qm man page.)

What I'm asking is how to toggle the Firewall setting on an individual VM, as would be done in the web interface here:

1717991914408.png

Is there a simple cli command for this, or will I need to start generating and modifying the /etc/pve/firewall/<VMID>.fw files directly, or something else?
 
This can be done though the PVE API with a PUT request to:
https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}/qemu/{vmid}/firewall/options

You can also use the API on the command line, so for use case this should do it (can't see your vm id or node name, so replace thoose with your values)

Code:
# firewall enable
pvesh set /nodes/HOSTNAME/qemu/VMID/firewall/options -enable true

# firewall disable
pvesh set /nodes/HOSTNAME/qemu/VMID/firewall/options -enable false

Greetz
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!