Settings and protection management

Available commands​

To get a list of all available AdGuard commands, enter:

adguard-cli --help-all

Enable and disable protection​

Enable protection​

To enable protection, enter:

adguard-cli start

This command attempts to configure a redirection to the proxy.

Disable protection​

To disable protection, enter:

adguard-cli stop

This command not only stops the proxy but also stops the trafic from redirecting to it.

Check protection status​

To view the protection status, enter:

adguard-cli status

Updates​

Check for updates​

To check for updates, enter:

adguard-cli check-update

Update AdGuard for Linux​

To update AdGuard for Linux, enter:

adguard-cli update

Update script output​

To view the update script output, enter:

adguard-cli update -v

Configure AdGuard for Linux​

Use the config command to configure AdGuard for Linux. Subcommands:

• show: Show the current configuration in proxy.yaml

  

• set: Configure an option in proxy.yaml

  • listen_ports.http_proxy: HTTP listening port
  • proxy_mode: Proxy mode (manual or auto)

• get: Get the current status of the above options

Manage filters​

Use the filters command to configure AdGuard for Linux. Subcommands:

• list: List installed filters

  • --all: View all filters

    

• install: Install a filter. Enter the URL of the filter you want to install

• enable: Enable a filter. Enter the name or ID of the filter

  

• disable: Disable a filter. Enter the name or ID of the filter

• update: Update filters

Changing the proxy server listen address in manual proxy mode​

By default, the proxy server listens on 127.0.0.1 — the address of the loopback network interface. There are two ways to make the proxy server listen on a different interface:

1. Run adguard-cli config set listen_address <address> where <address> is the address to listen on.
2. Edit the config file directly:
   • To determine the location of the config file, run adguard-cli config show | grep "Config location".
   • Look for the listen_address key and set its value accordingly. To listen on all available network interfaces, set the listen address to 0.0.0.0 or ::.

If the listen address is set to anything other than 127.0.0.1, then proxy client authentication is required. AdGuard CLI will not start unless proxy authentication is configured:

• When running adguard-cli config set listen_address <address> where <address> is not 127.0.0.1, AdGuard CLI will prompt for a username and password if proxy authentication is not already configured.
• When editing the config file directly, look for the listen_authkey. Set the enabled sub-key to true, and username and password to non-empty values.

Configure outbound proxy​

You can configure outbound_proxy if you want AdGuard CLI to work through another proxy server.

There are two ways to configure it:

1. Configure via URL (recommended)​

Instead of setting each option step by step, you can set all parameters in a single line using a URL:

adguard-cli config set outbound_proxy https://user:pass@host:port

You can also quickly enable or disable outbound_proxy:

adguard-cli config set outbound_proxy false

Or quickly clear the settings:

adguard-cli config set outbound_proxy ""

2. Configure individual parameters​

The ability to adjust specific parameters is also available:

adguard-cli config set outbound_proxy.enabled true
adguard-cli config set outbound_proxy.host localhost
adguard-cli config set outbound_proxy.port 3128
adguard-cli config set outbound_proxy.username user
adguard-cli config set outbound_proxy.password pass

Disable certificate verification for HTTPS proxies:

adguard-cli config set outbound_proxy.trust_any_certificate true

Enable SOCKS5 proxy for UDP traffic:

adguard-cli config set outbound_proxy.udp_through_socks5_enabled true

Checking the current configuration​

To view the current outbound_proxy configuration, enter:

adguard-cli config show outbound_proxy