From: Hannes Laimer <h.laimer@proxmox.com>
To: pdm-devel@lists.proxmox.com
Subject: [pdm-devel] [PATCH proxmox-yew-comp v3 3/4] firewall: add options edit form
Date: Mon, 10 Nov 2025 18:25:12 +0100 [thread overview]
Message-ID: <20251110172517.335741-8-h.laimer@proxmox.com> (raw)
In-Reply-To: <20251110172517.335741-1-h.laimer@proxmox.com>
This also includes the log-ratelimit field, its value is a property
string.
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
---
src/firewall/log_ratelimit_field.rs | 334 ++++++++++++++++++++
src/firewall/mod.rs | 6 +
src/firewall/options_edit.rs | 458 ++++++++++++++++++++++++++++
src/lib.rs | 2 +-
4 files changed, 799 insertions(+), 1 deletion(-)
create mode 100644 src/firewall/log_ratelimit_field.rs
create mode 100644 src/firewall/options_edit.rs
diff --git a/src/firewall/log_ratelimit_field.rs b/src/firewall/log_ratelimit_field.rs
new file mode 100644
index 0000000..db2f8a9
--- /dev/null
+++ b/src/firewall/log_ratelimit_field.rs
@@ -0,0 +1,334 @@
+use anyhow::Error;
+use proxmox_schema::ApiType;
+use serde_json::Value;
+use yew::html::{IntoEventCallback, IntoPropValue};
+
+use pwt::prelude::*;
+use pwt::props::FieldBuilder;
+use pwt::widget::form::{
+ Checkbox, Combobox, ManagedField, ManagedFieldContext, ManagedFieldMaster, ManagedFieldState,
+ Number,
+};
+use pwt::widget::{Container, InputPanel, Row};
+
+use pwt::props::WidgetBuilder;
+use pwt_macros::{builder, widget};
+
+use crate::SchemaValidation;
+
+const TIME_UNITS: &[&str] = &["second", "minute", "hour", "day"];
+
+/// A field widget for entering a rate value in the format "number/unit".
+///
+/// The rate is displayed as a number input followed by a unit selector
+/// (second, minute, hour, or day). The value is formatted as "number/unit"
+/// (e.g., "5/minute").
+#[widget(comp=RateFieldImpl, @input)]
+#[derive(Clone, Properties, PartialEq)]
+#[builder]
+pub struct RateField {
+ /// The current value of the rate field in "number/unit" format.
+ #[builder(IntoPropValue, into_prop_value)]
+ #[prop_or_default]
+ pub value: Option<AttrValue>,
+
+ /// Callback invoked when the rate value changes.
+ #[builder_cb(IntoEventCallback, into_event_callback, String)]
+ #[prop_or_default]
+ pub on_input: Option<Callback<String>>,
+}
+
+impl Default for RateField {
+ fn default() -> Self {
+ Self::new()
+ }
+}
+
+impl RateField {
+ /// Creates a new `RateField` with default values.
+ pub fn new() -> Self {
+ yew::props!(Self {})
+ }
+}
+
+enum RateMsg {
+ ChangeNumber(Option<u64>),
+ ChangeUnit(String),
+}
+
+struct RateFieldImpl {
+ number: Option<u64>,
+ unit: String,
+}
+
+impl yew::Component for RateFieldImpl {
+ type Message = RateMsg;
+ type Properties = RateField;
+
+ fn create(ctx: &yew::Context<Self>) -> Self {
+ let mut me = Self {
+ number: None,
+ unit: "second".to_string(),
+ };
+ me.parse_value(&ctx.props().value);
+ me
+ }
+
+ fn update(&mut self, ctx: &yew::Context<Self>, msg: Self::Message) -> bool {
+ match msg {
+ RateMsg::ChangeNumber(number) => {
+ self.number = number;
+ }
+ RateMsg::ChangeUnit(unit) => self.unit = unit,
+ }
+
+ let new_value_str = if let Some(num) = self.number {
+ format!("{}/{}", num, self.unit)
+ } else {
+ String::new()
+ };
+
+ if let Some(callback) = &ctx.props().on_input {
+ callback.emit(new_value_str);
+ }
+
+ true
+ }
+
+ fn changed(&mut self, ctx: &yew::Context<Self>, _old_props: &Self::Properties) -> bool {
+ self.parse_value(&ctx.props().value);
+ true
+ }
+
+ fn view(&self, ctx: &yew::Context<Self>) -> Html {
+ let is_empty = self.number.is_none();
+ let number_value = self.number.map(|n| n.to_string()).unwrap_or_default();
+
+ let units: Vec<AttrValue> = TIME_UNITS.iter().map(|&u| AttrValue::from(u)).collect();
+
+ Row::new()
+ .style("align-items", "center")
+ .gap(1)
+ .with_child(
+ Number::<u64>::new()
+ .key("rate_number")
+ .value(number_value)
+ .placeholder("1")
+ .min(1)
+ .max(99)
+ .on_change(ctx.link().callback(|result: Option<Result<u64, String>>| {
+ RateMsg::ChangeNumber(result.and_then(|r| r.ok()))
+ })),
+ )
+ .with_child("/")
+ .with_child(
+ Combobox::new()
+ .key("rate_unit")
+ .items(std::rc::Rc::new(units))
+ .value(self.unit.clone())
+ .disabled(is_empty)
+ .required(true)
+ .on_change(ctx.link().callback(RateMsg::ChangeUnit)),
+ )
+ .into()
+ }
+}
+
+impl RateFieldImpl {
+ fn parse_value(&mut self, value: &Option<AttrValue>) {
+ self.number = None;
+ self.unit = "second".to_string();
+
+ if let Some(v) = value {
+ if !v.is_empty() {
+ if let Some((num, unit)) = v.split_once('/') {
+ self.number = num.parse::<u64>().ok();
+ self.unit = unit.to_string();
+ }
+ }
+ }
+ }
+}
+
+/// A managed field widget for configuring firewall log rate limiting.
+///
+/// This field allows users to configure:
+/// - Whether rate limiting is enabled
+/// - The rate limit (e.g., "5/minute")
+/// - The burst value
+///
+/// The value is stored as a property string in the format
+/// "enable=0|1,rate=number/unit,burst=number".
+#[widget(comp=ManagedFieldMaster<LogRatelimitFieldImpl>, @input)]
+#[derive(Clone, Properties, PartialEq)]
+#[builder]
+pub struct LogRatelimitField {
+ /// The default value to use when the field is empty.
+ #[builder(IntoPropValue, into_prop_value)]
+ #[prop_or_default]
+ pub default: Option<AttrValue>,
+}
+
+impl Default for LogRatelimitField {
+ fn default() -> Self {
+ Self::new()
+ }
+}
+
+impl LogRatelimitField {
+ /// Creates a new `LogRatelimitField` with default values.
+ pub fn new() -> Self {
+ yew::props!(Self {})
+ }
+}
+
+enum LogRatelimitMsg {
+ Enable(bool),
+ Rate(String),
+ Burst(Option<u64>),
+}
+
+struct LogRatelimitFieldImpl {
+ enable: bool,
+ rate: String,
+ burst: Option<u64>,
+}
+
+impl ManagedField for LogRatelimitFieldImpl {
+ type Message = LogRatelimitMsg;
+ type Properties = LogRatelimitField;
+ type ValidateClosure = ();
+
+ fn validation_args(_props: &Self::Properties) -> Self::ValidateClosure {}
+
+ fn validator(_props: &Self::ValidateClosure, value: &Value) -> Result<Value, Error> {
+ Ok(value.clone())
+ }
+
+ fn setup(props: &Self::Properties) -> ManagedFieldState {
+ let value = Value::Null;
+ let default = match &props.default {
+ Some(d) => Value::String(d.to_string()),
+ None => Value::String(String::new()),
+ };
+ ManagedFieldState::new(value, default)
+ }
+
+ fn value_changed(&mut self, ctx: &ManagedFieldContext<Self>) {
+ let state = ctx.state();
+
+ // Initialize with API defaults (enable=true is the API default)
+ // When the property string is empty, rate and burst are unset
+ self.enable = true;
+ self.rate = String::new();
+ self.burst = None;
+
+ // If value is Null, use the default instead
+ let value_to_parse = match &state.value {
+ Value::Null => &state.default,
+ other => other,
+ };
+
+ if let Value::String(v) = value_to_parse {
+ if !v.is_empty() {
+ match pve_api_types::ClusterFirewallOptionsLogRatelimit::API_SCHEMA
+ .parse_property_string(v)
+ {
+ Ok(parsed) => {
+ match serde_json::from_value::<
+ pve_api_types::ClusterFirewallOptionsLogRatelimit,
+ >(parsed)
+ {
+ Ok(ratelimit) => {
+ self.enable = ratelimit.enable;
+ if let Some(rate) = ratelimit.rate {
+ self.rate = rate.clone();
+ }
+ self.burst = ratelimit.burst;
+ }
+ Err(e) => {
+ log::error!("Failed to parse log_ratelimit value: {e:?}");
+ }
+ }
+ }
+ Err(e) => {
+ log::error!("Failed to parse log_ratelimit property string '{v}': {e:?}");
+ }
+ }
+ }
+ }
+ }
+
+ fn create(ctx: &ManagedFieldContext<Self>) -> Self {
+ let mut me = Self {
+ enable: true,
+ rate: String::new(),
+ burst: None,
+ };
+ me.value_changed(ctx);
+ me
+ }
+
+ fn update(&mut self, ctx: &ManagedFieldContext<Self>, msg: Self::Message) -> bool {
+ match msg {
+ LogRatelimitMsg::Enable(enable) => self.enable = enable,
+ LogRatelimitMsg::Rate(rate) => self.rate = rate,
+ LogRatelimitMsg::Burst(burst_value) => self.burst = burst_value,
+ }
+
+ let mut parts = Vec::new();
+ parts.push(format!("enable={}", if self.enable { 1 } else { 0 }));
+ if !self.rate.is_empty() {
+ parts.push(format!("rate={}", self.rate));
+ }
+ if let Some(burst) = self.burst {
+ parts.push(format!("burst={}", burst));
+ }
+ let property_string = parts.join(",");
+ let new_value = Value::String(property_string);
+
+ ctx.link().update_value(new_value);
+ true
+ }
+
+ fn view(&self, ctx: &ManagedFieldContext<Self>) -> Html {
+ let props = ctx.props();
+ let base_schema = &pve_api_types::ClusterFirewallOptionsLogRatelimit::API_SCHEMA;
+
+ Container::new()
+ .style("border", "1px solid var(--pwt-border-color, #ccc)")
+ .style("border-radius", "4px")
+ .padding(2)
+ .with_child(
+ InputPanel::new()
+ .with_std_props(&props.std_props)
+ .with_field(
+ tr!("Enable"),
+ Checkbox::new()
+ .key("enable")
+ .checked(self.enable)
+ .on_change(ctx.link().callback(LogRatelimitMsg::Enable)),
+ )
+ .with_field(
+ tr!("Rate"),
+ RateField::new()
+ .key("rate")
+ .value(self.rate.clone())
+ .on_input(ctx.link().callback(LogRatelimitMsg::Rate)),
+ )
+ .with_field(
+ tr!("Burst"),
+ Number::<u64>::new()
+ .key("burst")
+ .value(self.burst.map(|b| b.to_string()))
+ .on_change(ctx.link().callback(
+ |result: Option<Result<u64, String>>| {
+ LogRatelimitMsg::Burst(result.and_then(|r| r.ok()))
+ },
+ ))
+ .schema(crate::form::get_field_schema(base_schema, vec!["burst"])),
+ ),
+ )
+ .into()
+ }
+}
diff --git a/src/firewall/mod.rs b/src/firewall/mod.rs
index 49dcf23..379b958 100644
--- a/src/firewall/mod.rs
+++ b/src/firewall/mod.rs
@@ -1,2 +1,8 @@
mod context;
pub use context::FirewallContext;
+
+mod options_edit;
+pub use options_edit::EditFirewallOptions;
+
+mod log_ratelimit_field;
+pub use log_ratelimit_field::LogRatelimitField;
diff --git a/src/firewall/options_edit.rs b/src/firewall/options_edit.rs
new file mode 100644
index 0000000..03579db
--- /dev/null
+++ b/src/firewall/options_edit.rs
@@ -0,0 +1,458 @@
+use std::rc::Rc;
+
+use anyhow::Error;
+use proxmox_schema::ApiType;
+use pve_api_types::{ClusterFirewallOptions, GuestFirewallOptions, NodeFirewallOptions};
+use serde_json::Value;
+use yew::html::{IntoEventCallback, IntoPropValue};
+use yew::virtual_dom::{VComp, VNode};
+
+use pwt::prelude::*;
+use pwt::widget::form::{Checkbox, Combobox, FormContext, Number};
+use pwt::widget::InputPanel;
+
+use pwt_macros::builder;
+
+use crate::{form::delete_empty_values, ApiLoadCallback, EditWindow};
+
+use super::{context::FirewallContext, LogRatelimitField};
+
+fn enum_items_from_schema<T: ApiType>(name: &str) -> Vec<AttrValue> {
+ let s = crate::form::get_field_schema(&T::API_SCHEMA, vec![name]);
+ crate::form::enum_items_from_schema(s)
+}
+
+fn placeholder_from_schema<T: ApiType>(name: &str) -> String {
+ let s = crate::form::get_field_schema(&T::API_SCHEMA, vec![name]);
+ crate::form::placeholder_from_schema(s)
+}
+
+fn create_firewall_options_loader<F>(url: AttrValue, transform_fn: F) -> ApiLoadCallback<Value>
+where
+ F: Fn(&mut serde_json::Map<String, Value>) + Clone + 'static,
+{
+ ApiLoadCallback::new(move || {
+ let url = url.clone();
+ let transform_fn = transform_fn.clone();
+ async move {
+ let mut resp = crate::http_get_full(url.to_string(), None).await?;
+ if let serde_json::Value::Object(ref mut map) = resp.data {
+ transform_fn(map);
+ }
+ Ok::<_, anyhow::Error>(resp)
+ }
+ })
+}
+
+async fn update_firewall_options(
+ form_ctx: FormContext,
+ url: AttrValue,
+ fields: &[&str],
+ transform_fn: Option<impl FnOnce(&mut serde_json::Map<String, Value>)>,
+) -> Result<(), Error> {
+ let mut data = form_ctx.get_submit_data();
+
+ if let (Some(transform), serde_json::Value::Object(ref mut map)) = (transform_fn, &mut data) {
+ transform(map);
+ }
+
+ let data = delete_empty_values(&data, fields, true);
+
+ crate::http_put(&url.to_string(), Some(data)).await
+}
+
+/// Properties for the firewall options edit form.
+///
+/// This component provides a form for editing firewall options at different
+/// levels: cluster, node, or guest (LXC/QEMU).
+#[derive(Clone, PartialEq, Properties)]
+#[builder]
+pub struct EditFirewallOptions {
+ /// The firewall context specifying which level to edit (cluster, node, or guest).
+ #[builder(IntoPropValue, into_prop_value)]
+ pub context: FirewallContext,
+
+ /// Callback invoked when the edit window is closed.
+ #[builder_cb(IntoEventCallback, into_event_callback, ())]
+ #[prop_or_default]
+ pub on_close: Option<Callback<()>>,
+}
+
+impl EditFirewallOptions {
+ /// Creates a new `EditFirewallOptions` for editing cluster-level firewall options.
+ ///
+ /// # Arguments
+ ///
+ /// * `remote` - The remote identifier for the PVE cluster.
+ pub fn cluster(remote: impl Into<AttrValue>) -> Self {
+ yew::props!(Self {
+ context: FirewallContext::cluster(remote),
+ })
+ }
+
+ /// Creates a new `EditFirewallOptions` for editing node-level firewall options.
+ ///
+ /// # Arguments
+ ///
+ /// * `remote` - The remote identifier for the PVE cluster.
+ /// * `node` - The node identifier.
+ pub fn node(remote: impl Into<AttrValue>, node: impl Into<AttrValue>) -> Self {
+ yew::props!(Self {
+ context: FirewallContext::node(remote, node),
+ })
+ }
+
+ /// Creates a new `EditFirewallOptions` for editing guest-level firewall options.
+ ///
+ /// # Arguments
+ ///
+ /// * `remote` - The remote identifier for the PVE cluster.
+ /// * `node` - The node identifier where the guest is located.
+ /// * `vmid` - The virtual machine ID.
+ /// * `vmtype` - The type of guest ("lxc" or "qemu").
+ pub fn guest(
+ remote: impl Into<AttrValue>,
+ node: impl Into<AttrValue>,
+ vmid: u64,
+ vmtype: impl Into<AttrValue>,
+ ) -> Self {
+ yew::props!(Self {
+ context: FirewallContext::guest(remote, node, vmid, vmtype),
+ })
+ }
+}
+
+/// Internal component that renders the firewall options edit form.
+///
+/// This component handles loading firewall options from the API and rendering
+/// the appropriate form based on the firewall context (cluster, node, or guest).
+pub struct ProxmoxEditFirewallOptions {
+ loader: Option<ApiLoadCallback<Value>>,
+}
+
+impl Component for ProxmoxEditFirewallOptions {
+ type Message = ();
+ type Properties = EditFirewallOptions;
+
+ fn create(ctx: &Context<Self>) -> Self {
+ let props = ctx.props();
+ let url: AttrValue = props.context.options_url().into();
+
+ let loader = if !url.is_empty() {
+ Some(create_firewall_options_loader(url, |map| {
+ // Convert enable field from u64 to bool for cluster firewall
+ if let Some(enable_num) = map.get("enable").and_then(|v| v.as_u64()) {
+ map.insert("enable".into(), serde_json::Value::Bool(enable_num != 0));
+ }
+ }))
+ } else {
+ None
+ };
+
+ Self { loader }
+ }
+
+ fn view(&self, ctx: &Context<Self>) -> Html {
+ let props = ctx.props();
+ let url: AttrValue = props.context.options_url().into();
+
+ type ContextConfig<'a> = (
+ String,
+ fn(&FormContext) -> Html,
+ &'a [&'a str],
+ Option<fn(&mut serde_json::Map<String, Value>)>,
+ );
+ let (title, renderer, fields, transform_fn): ContextConfig<'_> = match &props.context {
+ FirewallContext::Cluster { .. } => (
+ props.context.title(&tr!("Edit Cluster Firewall")),
+ edit_cluster_firewall_input_panel,
+ &[
+ "enable",
+ "ebtables",
+ "policy_in",
+ "policy_out",
+ "policy_forward",
+ "log_ratelimit",
+ ],
+ Some(|map: &mut serde_json::Map<String, Value>| {
+ if let Some(enable) = map.get("enable").and_then(|v| v.as_bool()) {
+ map.insert("enable".into(), Value::from(if enable { 1 } else { 0 }));
+ }
+ }),
+ ),
+ FirewallContext::Node { .. } => (
+ props.context.title(&tr!("Edit Node Firewall")),
+ edit_node_firewall_input_panel,
+ &[
+ "enable",
+ "nosmurfs",
+ "tcpflags",
+ "ndp",
+ "nf_conntrack_max",
+ "nf_conntrack_tcp_timeout_established",
+ "log_level_in",
+ "log_level_out",
+ "log_level_forward",
+ "tcp_flags_log_level",
+ "smurf_log_level",
+ "nftables",
+ ],
+ None,
+ ),
+ FirewallContext::Guest { .. } => (
+ props.context.title(&tr!("Edit Guest Firewall")),
+ edit_guest_firewall_input_panel,
+ &[
+ "enable",
+ "dhcp",
+ "ndp",
+ "radv",
+ "macfilter",
+ "ipfilter",
+ "log_level_in",
+ "log_level_out",
+ "policy_in",
+ "policy_out",
+ ],
+ None,
+ ),
+ };
+
+ EditWindow::new(title)
+ .loader(self.loader.clone())
+ .on_close(props.on_close.clone())
+ .on_done(props.on_close.clone())
+ .renderer(renderer)
+ .on_submit({
+ let url = url.clone();
+ move |form_ctx: FormContext| {
+ let url = url.clone();
+ let fields = fields.to_vec();
+ async move { update_firewall_options(form_ctx, url, &fields, transform_fn).await }
+ }
+ })
+ .into()
+ }
+}
+
+fn edit_cluster_firewall_input_panel(_form_ctx: &FormContext) -> Html {
+ InputPanel::new()
+ .padding(4)
+ .with_large_field(
+ tr!("Enable Firewall"),
+ Checkbox::new().name("enable").key("enable"),
+ )
+ .with_large_field(
+ tr!("Enable ebtables"),
+ Checkbox::new()
+ .name("ebtables")
+ .default(true)
+ .key("ebtables"),
+ )
+ .with_field(
+ tr!("Input Policy"),
+ Combobox::new()
+ .name("policy_in")
+ .key("policy_in")
+ .placeholder("DROP")
+ .items(enum_items_from_schema::<ClusterFirewallOptions>("policy_in").into()),
+ )
+ .with_field(
+ tr!("Output Policy"),
+ Combobox::new()
+ .name("policy_out")
+ .key("policy_out")
+ .placeholder("ACCEPT")
+ .items(enum_items_from_schema::<ClusterFirewallOptions>("policy_out").into()),
+ )
+ .with_field(
+ tr!("Forward Policy"),
+ Combobox::new()
+ .name("policy_forward")
+ .key("policy_forward")
+ .placeholder(placeholder_from_schema::<ClusterFirewallOptions>(
+ "policy_forward",
+ ))
+ .items(enum_items_from_schema::<ClusterFirewallOptions>("policy_forward").into()),
+ )
+ .with_large_field(
+ tr!("Log Rate Limiting"),
+ LogRatelimitField::new()
+ .name("log_ratelimit")
+ .key("log_ratelimit"),
+ )
+ .into()
+}
+
+impl From<EditFirewallOptions> for VNode {
+ fn from(val: EditFirewallOptions) -> Self {
+ let comp = VComp::new::<ProxmoxEditFirewallOptions>(Rc::new(val), None);
+ VNode::from(comp)
+ }
+}
+
+fn edit_guest_firewall_input_panel(_form_ctx: &FormContext) -> Html {
+ InputPanel::new()
+ .padding(4)
+ .with_field(
+ tr!("Enable Firewall"),
+ Checkbox::new().name("enable").key("enable"),
+ )
+ .with_right_field(
+ tr!("Enable DHCP"),
+ Checkbox::new().name("dhcp").default(true).key("dhcp"),
+ )
+ .with_field(
+ tr!("Enable NDP"),
+ Checkbox::new().name("ndp").default(true).key("ndp"),
+ )
+ .with_right_field(
+ tr!("Router Advertisement"),
+ Checkbox::new().name("radv").key("radv"),
+ )
+ .with_field(
+ tr!("MAC filter"),
+ Checkbox::new()
+ .name("macfilter")
+ .default(true)
+ .key("macfilter"),
+ )
+ .with_right_field(
+ tr!("IP filter"),
+ Checkbox::new().name("ipfilter").key("ipfilter"),
+ )
+ .with_field(
+ tr!("Log Level In"),
+ Combobox::new()
+ .name("log_level_in")
+ .key("log_level_in")
+ .placeholder(placeholder_from_schema::<GuestFirewallOptions>(
+ "log_level_in",
+ ))
+ .items(enum_items_from_schema::<GuestFirewallOptions>("log_level_in").into()),
+ )
+ .with_right_field(
+ tr!("Log Level Out"),
+ Combobox::new()
+ .name("log_level_out")
+ .key("log_level_out")
+ .placeholder(placeholder_from_schema::<GuestFirewallOptions>(
+ "log_level_out",
+ ))
+ .items(enum_items_from_schema::<GuestFirewallOptions>("log_level_out").into()),
+ )
+ .with_field(
+ tr!("Input Policy"),
+ Combobox::new()
+ .name("policy_in")
+ .key("policy_in")
+ .placeholder("DROP")
+ .items(enum_items_from_schema::<GuestFirewallOptions>("policy_in").into()),
+ )
+ .with_right_field(
+ tr!("Output Policy"),
+ Combobox::new()
+ .name("policy_out")
+ .key("policy_out")
+ .placeholder("ACCEPT")
+ .items(enum_items_from_schema::<GuestFirewallOptions>("policy_out").into()),
+ )
+ .into()
+}
+
+fn edit_node_firewall_input_panel(_form_ctx: &FormContext) -> Html {
+ InputPanel::new()
+ .padding(4)
+ .with_field(
+ tr!("Enable Firewall"),
+ Checkbox::new().name("enable").default(true).key("enable"),
+ )
+ .with_right_field(
+ tr!("SMURFS filter"),
+ Checkbox::new()
+ .name("nosmurfs")
+ .default(true)
+ .key("nosmurfs"),
+ )
+ .with_field(
+ tr!("TCP flags filter"),
+ Checkbox::new().name("tcpflags").key("tcpflags"),
+ )
+ .with_right_field(
+ tr!("Enable NDP"),
+ Checkbox::new().name("ndp").default(true).key("ndp"),
+ )
+ .with_field(
+ tr!("Connection Tracking Max"),
+ Number::<u64>::new()
+ .name("nf_conntrack_max")
+ .key("nf_conntrack_max")
+ .placeholder(placeholder_from_schema::<NodeFirewallOptions>(
+ "nf_conntrack_max",
+ )),
+ )
+ .with_right_field(
+ tr!("TCP Timeout Established"),
+ Number::<u64>::new()
+ .name("nf_conntrack_tcp_timeout_established")
+ .key("nf_conntrack_tcp_timeout_established")
+ .placeholder(placeholder_from_schema::<NodeFirewallOptions>(
+ "nf_conntrack_tcp_timeout_established",
+ )),
+ )
+ .with_field(
+ tr!("Log Level In"),
+ Combobox::new()
+ .name("log_level_in")
+ .key("log_level_in")
+ .placeholder(placeholder_from_schema::<NodeFirewallOptions>(
+ "log_level_in",
+ ))
+ .items(enum_items_from_schema::<NodeFirewallOptions>("log_level_in").into()),
+ )
+ .with_right_field(
+ tr!("Log Level Out"),
+ Combobox::new()
+ .name("log_level_out")
+ .key("log_level_out")
+ .placeholder(placeholder_from_schema::<NodeFirewallOptions>(
+ "log_level_out",
+ ))
+ .items(enum_items_from_schema::<NodeFirewallOptions>("log_level_out").into()),
+ )
+ .with_field(
+ tr!("Log Level Forward"),
+ Combobox::new()
+ .name("log_level_forward")
+ .key("log_level_forward")
+ .placeholder(placeholder_from_schema::<NodeFirewallOptions>(
+ "log_level_forward",
+ ))
+ .items(enum_items_from_schema::<NodeFirewallOptions>("log_level_forward").into()),
+ )
+ .with_right_field(
+ tr!("TCP Flags Log Level"),
+ Combobox::new()
+ .name("tcp_flags_log_level")
+ .key("tcp_flags_log_level")
+ .placeholder(placeholder_from_schema::<NodeFirewallOptions>(
+ "tcp_flags_log_level",
+ ))
+ .items(enum_items_from_schema::<NodeFirewallOptions>("tcp_flags_log_level").into()),
+ )
+ .with_field(
+ tr!("SMURF Log Level"),
+ Combobox::new()
+ .name("smurf_log_level")
+ .key("smurf_log_level")
+ .placeholder(placeholder_from_schema::<NodeFirewallOptions>(
+ "smurf_log_level",
+ ))
+ .items(enum_items_from_schema::<NodeFirewallOptions>("smurf_log_level").into()),
+ )
+ .with_right_field(
+ tr!("nftables (tech preview)"),
+ Checkbox::new().name("nftables").key("nftables"),
+ )
+ .into()
+}
diff --git a/src/lib.rs b/src/lib.rs
index 7731ce5..3d13b13 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -133,7 +133,7 @@ mod rrd_timeframe_selector;
pub use rrd_timeframe_selector::{RRDTimeframe, RRDTimeframeSelector};
mod firewall;
-pub use firewall::FirewallContext;
+pub use firewall::{EditFirewallOptions, FirewallContext};
mod running_tasks;
pub use running_tasks::{ProxmoxRunningTasks, RunningTasks};
--
2.47.3
_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel
next prev parent reply other threads:[~2025-11-10 17:25 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-10 17:25 [pdm-devel] [PATCH proxmox{, -yew-comp, -datacenter-manager} v3 00/12] add basic integration of PVE firewall Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox v3 1/4] pve-api-types: update pve-api.json Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox v3 2/4] pve-api-types: add get/update firewall options endpoints Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox v3 3/4] pve-api-types: add list firewall rules endpoints Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox v3 4/4] pve-api-types: regenerate Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-yew-comp v3 1/4] form: add helpers for extractig data out of schemas Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-yew-comp v3 2/4] firewall: add FirewallContext Hannes Laimer
2025-11-10 17:25 ` Hannes Laimer [this message]
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-yew-comp v3 4/4] firewall: add rules table Hannes Laimer
2025-11-12 13:06 ` Stefan Hanreich
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-datacenter-manager v3 1/4] pdm-api-types: add firewall status types Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-datacenter-manager v3 2/4] api: firewall: add option, rules and status endpoints Hannes Laimer
2025-11-12 10:52 ` Stefan Hanreich
2025-11-12 11:09 ` Hannes Laimer
2025-11-12 11:22 ` Thomas Lamprecht
2025-11-12 11:27 ` Stefan Hanreich
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-datacenter-manager v3 3/4] pdm-client: add api methods for firewall options, " Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-datacenter-manager v3 4/4] ui: add firewall status tree Hannes Laimer
2025-11-12 11:21 ` Stefan Hanreich
2025-11-12 14:41 ` Lukas Wagner
2025-11-12 13:07 ` [pdm-devel] [PATCH proxmox{, -yew-comp, -datacenter-manager} v3 00/12] add basic integration of PVE firewall Stefan Hanreich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251110172517.335741-8-h.laimer@proxmox.com \
--to=h.laimer@proxmox.com \
--cc=pdm-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.