making ruleset generation aware of a match and action
part in iptable rules.
code will generate the same iptables as before! (except for
a few additional spaces between match and action).
---
src/PVE/Firewall.pm | 168 +++-
1 file changed, 99 inserti
See mail Firewall Improvements
Tom Weber (1):
prepare code for more generic firewall logging
src/PVE/Firewall.pm | 168 +++-
1 file changed, 99 insertions(+), 69 deletions(-)
___
pve-devel mailing lis
Hi all,
last week I reported a problem with firewall logging.
After looking deeper into Firewall.pm I have a better understanding of
the problems I first had with using the Firewall as a rather fresh PVE
User:
- the different levels of log_level_in / out don't make sense to me.
Firewall.pm uses t
applied
On Thu, Sep 14, 2017 at 03:19:39PM +0200, Emmanuel Kasper wrote:
> perls 'local' must be either used in front of each $SIG{...}
> assignments or they must be put in a list, else it affects only the
> first variable and the rest are *not* in local context.
>
> In all cases the global signa
perls 'local' must be either used in front of each $SIG{...}
assignments or they must be put in a list, else it affects only the
first variable and the rest are *not* in local context.
In all cases the global signal handlers we overwrote were in cli programs or
forked workers, not in daemons.
---
While poking around QemuServer.pm I noticed a couple of places where we were
using 'local' in a wrong way like Thomas reported.
After checking with grep in /usr/share/perl5/PVE, this should be now fixed
everywhere.
Emmanuel Kasper (1):
do not overwrite global signal handlers
PVE/API2/Qemu.pm
We accessed methods from PVE::Storage here but did not define a
"use PVE::Storage". This thus only worked if modules if the
PVE::Storage module got pulled in by something else, by luck.
Simply including said use statement is not an option because
pve-storage is already dependent from pve-access-con
Using the nodename in $mailto is not correct and can lead to mails not
forwarding in restrictive mail server configurations.
Also changes $mailfrom to 'root' instead of 'root@localhost', which
results in postfix appending the proper FQDN there, too. As a result the
Delivered-to header reads somethi
Checks for dumpdir or tmpdir backups don't apply to stdout, so we can
skip the checks involved in those methods.
---
changes from v1:
* Added an explanation for tmpdir. I'm not sure there's much more we can do.
If the user/admin configures the backup to save a 30G container into 16G
memory he's
Mostly whitespace fixes, a stray semicolon, some style fixes and a
grammar correction
---
PVE/VZDump.pm | 111 --
1 file changed, 53 insertions(+), 58 deletions(-)
diff --git a/PVE/VZDump.pm b/PVE/VZDump.pm
index c6a4b449..844a9449 100644
--
On 09/14/2017 11:15 AM, Philip Abernethy wrote:
On Wed, 2017-09-13 at 08:11 +0200, Thomas Lamprecht wrote:
On 09/08/2017 02:56 PM, Philip Abernethy wrote:
Using the nodename is not correct and can lead to mails not
forwarding
in restrictive mail server configurations.
---
src/PVE/HA/Env/PVE2
On Wed, 2017-09-13 at 08:11 +0200, Thomas Lamprecht wrote:
> On 09/08/2017 02:56 PM, Philip Abernethy wrote:
> > Using the nodename is not correct and can lead to mails not
> > forwarding
> > in restrictive mail server configurations.
> > ---
> > src/PVE/HA/Env/PVE2.pm | 4 ++--
> > 1 file chang
On 09/14/2017 10:18 AM, Fabian Grünbichler wrote:
On Thu, Sep 14, 2017 at 10:00:39AM +0200, Thomas Lamprecht wrote:
Signed-off-by: Thomas Lamprecht
---
data/PVE/Corosync.pm | 39 ---
1 file changed, 16 insertions(+), 23 deletions(-)
diff --git a/data/PVE/
On Thu, Sep 14, 2017 at 10:00:39AM +0200, Thomas Lamprecht wrote:
> Signed-off-by: Thomas Lamprecht
> ---
> data/PVE/Corosync.pm | 39 ---
> 1 file changed, 16 insertions(+), 23 deletions(-)
>
> diff --git a/data/PVE/Corosync.pm b/data/PVE/Corosync.pm
> index
Seem they have bumped dpdk version in ovs 2.8 :(
http://docs.openvswitch.org/en/latest/faq/releases/
Open vSwitchDPDK
2.2.x 1.6
2.3.x 1.6
2.4.x 2.0
2.5.x 2.2
2.6.x 16.07.2
2.7.x 16.11.2
2.8.x 17.05.1
17.05 Available in ubuntu artful. https://packages.ubuntu.com/artful/dpdk
T
Signed-off-by: Thomas Lamprecht
---
data/PVE/CLI/pvecm.pm | 16 +++-
1 file changed, 7 insertions(+), 9 deletions(-)
diff --git a/data/PVE/CLI/pvecm.pm b/data/PVE/CLI/pvecm.pm
index 41c2f9c..5a93a66 100755
--- a/data/PVE/CLI/pvecm.pm
+++ b/data/PVE/CLI/pvecm.pm
@@ -10,7 +10,7 @@ use
Signed-off-by: Thomas Lamprecht
---
data/PVE/Corosync.pm | 64 +---
1 file changed, 36 insertions(+), 28 deletions(-)
diff --git a/data/PVE/Corosync.pm b/data/PVE/Corosync.pm
index 3c4c8c0..1180316 100644
--- a/data/PVE/Corosync.pm
+++ b/data/PVE/C
Allow to add and delete qdevice through the pvecm CLI tool.
Signed-off-by: Thomas Lamprecht
---
NOTE: WIP
data/PVE/CLI/pvecm.pm | 208 ++
1 file changed, 208 insertions(+)
diff --git a/data/PVE/CLI/pvecm.pm b/data/PVE/CLI/pvecm.pm
index 5a93a66.
Signed-off-by: Thomas Lamprecht
---
data/PVE/CLI/pvecm.pm | 1 -
1 file changed, 1 deletion(-)
diff --git a/data/PVE/CLI/pvecm.pm b/data/PVE/CLI/pvecm.pm
index 7ca98f7..41c2f9c 100755
--- a/data/PVE/CLI/pvecm.pm
+++ b/data/PVE/CLI/pvecm.pm
@@ -10,7 +10,6 @@ use POSIX;
use Net::IP;
use File::Pa
The old parser itself was simple and easy but resulted in quite a bit
of headache when changing corosync config sections, especially if
multiple section levelsshould be touched.
Move to a more practical internal format which represents the
corosync configuration in hash
Signed-off-by: Thomas Lamp
This is a resend of my last iteration, code wise nothing changed but
it did not apply on current master, so I respinned it.
First 5 patches should be ready for comitting, but the last two are
rather RFC/WIP and for people who'd like to test (easy) qdevice setup
now. But if someone gives them a (hi
Add a method to execute a sub for each cluster member, passing its
name and cluster ip to the $code sub.
This is similar to our foreach_disk or foreach_storage
Signed-off-by: Thomas Lamprecht
---
NOTE: WIP, and only for the next patchs qdevice prototype
data/PVE/Cluster.pm | 16 +++
Signed-off-by: Thomas Lamprecht
---
data/PVE/Corosync.pm | 39 ---
1 file changed, 16 insertions(+), 23 deletions(-)
diff --git a/data/PVE/Corosync.pm b/data/PVE/Corosync.pm
index 1180316..1d58bf0 100644
--- a/data/PVE/Corosync.pm
+++ b/data/PVE/Corosync.pm
@@
> Alexandre DERUMIER hat am 14. September 2017 um 09:16
> geschrieben:
>
>
> Hi,
>
> could it be possible to add dpdk support ?
I did not try it but the manual has a requirement for DPDK Version17.05.1
http://docs.openvswitch.org/en/latest/intro/install/dpdk/
Debian has only 16.11.1 in stre
Hi,
could it be possible to add dpdk support ?
I had sent a patch some months ago
https://pve.proxmox.com/pipermail/pve-devel/2017-April/026089.html
It's only add support to dpdk, but don't enable it by default, so I think it's
quite safe.
- Mail original -
De: "Wolfgang Link"
À: "p
On 09/14/2017 08:09 AM, Thomas Lamprecht wrote:
> On 09/13/2017 04:10 PM, Emmanuel Kasper wrote:
>> This allows calling the 'make install' target twice in a row.
>
> Looks OK, we overwrite everything else so why not the man pages.
>
> This can be already applied even if we would say the current
applied
On Tue, Aug 22, 2017 at 02:18:46PM +0200, Fabian Grünbichler wrote:
> Signed-off-by: Fabian Grünbichler
> ---
> proxinstall | 8
> 1 file changed, 8 insertions(+)
>
> diff --git a/proxinstall b/proxinstall
> index 509430f..a04d98a 100755
> --- a/proxinstall
> +++ b/proxinstall
applied
On Wed, May 31, 2017 at 09:38:00AM +0200, Fabian Grünbichler wrote:
> blowfish, 3des and arcfour are not enabled by default on the
> server side anyway.
>
> on most hardware, AES is about 3 times faster than Chacha20
> because of hardware accelerated AES, hence the changed order
> of pref
28 matches
Mail list logo
