From: Thomas Lamprecht <t.lamprecht@proxmox.com>
To: Oguz Bektas <o.bektas@proxmox.com>,
Dominik Csapak <d.csapak@proxmox.com>,
Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Subject: Re: [pve-devel] [PATCH v4 firewall 1/2] implement fail2ban backend and API
Date: Wed, 20 Oct 2021 16:12:33 +0200 [thread overview]
Message-ID: <18c23b5b-6eb4-f1db-c507-f5b072a988d2@proxmox.com> (raw)
In-Reply-To: <YXAHZKkSs38FtP/G@gaia>
On 20.10.21 14:11, Oguz Bektas wrote:
> On Tue, Oct 19, 2021 at 03:43:49PM +0200, Dominik Csapak wrote:
>> while the code looks ok IMHO, i have some general questions:
>> * does it really make sense to hard depend on fail2ban?
>> could it not also make sense to have it as 'recommends' or 'suggests'?
>> setting enabled to 1 could then check if its installed and
>> raise an error
>>
>> * if we do not plan to add more fail2ban options in our config,
>> i would rather see a combined fail2ban option (propertystring?)
>> that would go into the general host firewall options
>>
>> that way we would not have to c&p the whole config parsing/setting api
>> and could have a single new option line in the gui instead
>> of a whole new panel with only 3 options (i think the majority of our
>> users will not use fail2ban)
>
>>
>> does that make sense to you?
>>
>
> well if we hide it like that inside the menu, then surely nobody will
> use it ;)
>
> separate panel makes it more visible IMO. it shouldn't be hidden 3
> layers deep in the options menu (Host -> Firewall -> Options -> Fail2ban
> -> Enable) for such a simple feature, i think a lot more people would
> use it if it's placed in a visible location (Host -> Fail2ban ->
> Enable). if you really insist on putting it in the firewall options menu
> then i'll have to insist for it to be installed & enabled by default :)
With that arguing every option would need to be its own panel placed at the
top-level.. PVE's interface is complex as is, sensible grouping simple one time
option actually helps in UX and to find stuff, documentation can ensure features
are found, they provide a central searchable place for that, after all.
next prev parent reply other threads:[~2021-10-20 14:12 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-11 10:57 [pve-devel] [PATCH-SERIES manager firewall v4 0/2] fix #1065: implement fail2ban api and gui Oguz Bektas
2021-10-11 10:57 ` [pve-devel] [PATCH v4 firewall 1/2] implement fail2ban backend and API Oguz Bektas
2021-10-19 13:43 ` Dominik Csapak
2021-10-20 12:11 ` Oguz Bektas
2021-10-20 14:12 ` Thomas Lamprecht [this message]
2021-10-20 14:09 ` Thomas Lamprecht
2021-10-11 10:57 ` [pve-devel] [PATCH v4 manager 2/2] fix #1065: ui: fail2ban gui for nodes Oguz Bektas
2021-10-19 13:47 ` Dominik Csapak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=18c23b5b-6eb4-f1db-c507-f5b072a988d2@proxmox.com \
--to=t.lamprecht@proxmox.com \
--cc=d.csapak@proxmox.com \
--cc=o.bektas@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal