From: Aaron Lauterer <a.lauterer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH manager] ui: firewall: rule: maxlength for source and dest
Date: Thu, 22 Apr 2021 14:30:10 +0200 [thread overview]
Message-ID: <20210422123010.14006-2-a.lauterer@proxmox.com> (raw)
In-Reply-To: <20210422123010.14006-1-a.lauterer@proxmox.com>
Limiting the length of the source and dest paramters helps to avoid
problems with iptables-restore which would not apply a rule if a
parameter is larger than the parameter buffer (1024)[0]. As the API is
already limiting this, we should also reflect that in the GUI and give
people a hint that IP sets are most likely the better approach.
[0] http://git.netfilter.org/iptables/tree/iptables/xshared.c?h=v1.8.7#n469
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
---
This one "needs" the firewall patch 'fix #967: source: dest: limit length'
As always when it comes to messages, someone might have a better idea
how to phrase the maxLengthText.
www/manager6/grid/FirewallRules.js | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/www/manager6/grid/FirewallRules.js b/www/manager6/grid/FirewallRules.js
index 424bdfcb..f32a1ea1 100644
--- a/www/manager6/grid/FirewallRules.js
+++ b/www/manager6/grid/FirewallRules.js
@@ -135,7 +135,8 @@ Ext.define('PVE.FirewallRulePanel', {
base_url: me.list_refs_url,
value: '',
fieldLabel: gettext('Source'),
-
+ maxLength: 512,
+ maxLengthText: gettext('Too long, consider using IP sets.'),
},
{
xtype: 'pveIPRefSelector',
@@ -145,6 +146,8 @@ Ext.define('PVE.FirewallRulePanel', {
base_url: me.list_refs_url,
value: '',
fieldLabel: gettext('Destination'),
+ maxLength: 512,
+ maxLengthText: gettext('Too long, consider using IP sets.'),
},
);
--
2.20.1
next prev parent reply other threads:[~2021-04-22 12:30 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-22 12:30 [pve-devel] [PATCH firewall] fix #967: source: dest: limit length Aaron Lauterer
2021-04-22 12:30 ` Aaron Lauterer [this message]
2021-04-22 19:34 ` [pve-devel] applied: [PATCH manager] ui: firewall: rule: maxlength for source and dest Thomas Lamprecht
2021-04-22 17:03 ` [pve-devel] applied: [PATCH firewall] fix #967: source: dest: limit length Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210422123010.14006-2-a.lauterer@proxmox.com \
--to=a.lauterer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.