How to enable/disable a VM's firewall from the command line?

[justinclift]

This is probably a simple brain-o on my part, but I'm not seeing a qm option (or other command line tool) for enabling/disabling the firewall for a VM.

(Note, I'm not asking how to add the ,firewall=1 option to a network interface at VM creation time nor afterwards. That's documented in the qm man page.)

What I'm asking is how to toggle the Firewall setting on an individual VM, as would be done in the web interface here:



Is there a simple cli command for this, or will I need to start generating and modifying the /etc/pve/firewall/<VMID>.fw files directly, or something else?

 

[fluxX04]

This can be done though the PVE API with a PUT request to:
https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}/qemu/{vmid}/firewall/options

You can also use the API on the command line, so for use case this should do it (can't see your vm id or node name, so replace thoose with your values)

# firewall enable
pvesh set /nodes/HOSTNAME/qemu/VMID/firewall/options -enable true

# firewall disable
pvesh set /nodes/HOSTNAME/qemu/VMID/firewall/options -enable false

Greetz

 

[justinclift]

Awesome, that seems workable. Thanks heaps @fluxX04.