Currently people add firewall rules but forget to activate the firewall on
guest level. This commit adds a warning to the top bar of the firewall panel to
make them aware of this if necessary.
The existence of a rule alone should not yet trigger the warning. Only if it is
enabled but the whole firewall for that level is not.
Signed-off-by: Dominic Jäger <d.jae...@proxmox.com>
---
v2->v3:
- rebased
- squashed both commits to make review easier
- one whitespace error
www/manager6/grid/FirewallRules.js | 43 ++++++++++++++++++++++++++++--
1 file changed, 41 insertions(+), 2 deletions(-)
diff --git a/www/manager6/grid/FirewallRules.js
b/www/manager6/grid/FirewallRules.js
index ec2d1c84..9a9dd286 100644
--- a/www/manager6/grid/FirewallRules.js
+++ b/www/manager6/grid/FirewallRules.js
@@ -483,8 +483,26 @@ Ext.define('PVE.FirewallRules', {
throw "no list_refs_url specified";
}
+ let checkWarning = function () {
+ Proxmox.Utils.API2Request({
+ url: me.base_url.replace('rules', 'options'),
+ method: 'GET',
+ failure: function (response) {
+ Ext.Msg.alert(gettext('Error'), response.htmlStatus);
+ },
+ success: function (response) {
+ let warningRequired = !response.result.data.enable
+ && me.store.findExact('enable', true) >= 0;
+
me.down('displayfield[name=fw-warning]').setVisible(warningRequired)
+ },
+ });
+ };
+
var store = Ext.create('Ext.data.Store',{
- model: 'pve-fw-rule'
+ model: 'pve-fw-rule',
+ listeners: {
+ 'load': checkWarning,
+ },
});
var reload = function() {
@@ -606,12 +624,33 @@ Ext.define('PVE.FirewallRules', {
}
});
+ let getLevel = (id) => {
+ let invalid = 'this';
+ let level = /root/.test(id) ? 'datacenter'
+ : /node/.test(id) ? 'node'
+ : /qemu/.test(id) ? 'VM'
+ : /lxc/.test(id) ? 'container'
+ : invalid;
+ if (level === invalid) { console.warn(`Finding level failed for
${id}`)};
+ return level;
+ };
+ me.warningField = Ext.create('Ext.form.field.Display',{
+ xtype: 'displayfield',
+ userCls: 'pmx-hint',
+ name: 'fw-warning',
+ margin: 'auto 0 0 0', // Avoid field randomly sticking at top
+ value: gettext(`Warning: Firewall still disabled at `
+ + `${getLevel(me.pveSelNode.id)} level! `
+ + `This can be changed in Firewall->Options.`),
+ hidden: true,
+ });
+
var tbar = me.tbar_prefix ? [ me.tbar_prefix ] : [];
tbar.push(me.addBtn, me.copyBtn);
if (me.groupBtn) {
tbar.push(me.groupBtn);
}
- tbar.push(me.removeBtn, me.editBtn);
+ tbar.push(me.removeBtn, me.editBtn, me.warningField);
var render_errors = function(name, value, metaData, record) {
var errors = record.data.errors;
--
2.20.1
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
