From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: Re: [pve-devel] [PATCH docs/proxmox-firewall v2 0/4] migrate proxmox-firewall to proxmox-log + introduce subcommands
Date: Thu, 24 Jul 2025 17:09:22 +0200 [thread overview]
Message-ID: <6aab2424-0db7-4be8-b612-1b22469422a7@proxmox.com> (raw)
In-Reply-To: <20250527135800.190084-1-s.hanreich@proxmox.com>
ping
On 5/27/25 15:57, Stefan Hanreich wrote:
> Since we now have proxmox-log as the standard crate for logging purposes,
> migrate proxmox-firewall to the new logging crate.
>
> The old logging setup was also tied with the debugging mechanisms described in
> the documentation. I used that opportunity to implement specific subcommands for
> debugging proxmox-firewall, instead of just relying solely on the log output.
>
> The patch for changing to proxmox-log can be applied independently, but this
> breaks the commands included in the documentation. That's why I decided to send
> them as part of one patch series, because the change to proxmox-log prompted me
> to implement the subcommands for debugging in the first place.
>
> I've also looked at implementing the status subcommand, but this would currently
> require a bit more work. The JSON output generated by proxmox-firewall and the
> JSON output from nftables differ, because nftables does some rule rewriting /
> optimization under the hood, so they're not 1:1 comparable. I'll look into
> adjusting the proxmox-firewall to emitting the already optimized JSON output, so
> we can compare the nft output with the output generated by proxmox-firewall.
>
> Changes from v1:
> * print USAGE on wrong subcommands
> * add localnet subcommand
> * rustfmt
>
> proxmox-firewall:
>
> Stefan Hanreich (3):
> firewall: use proxmox_log
> proxmox-firewall: add subcommands
> proxmox-firewall: add localnet subcommand
>
> debian/control | 4 +-
> debian/proxmox-firewall.service | 4 +-
> proxmox-firewall/Cargo.toml | 5 +-
> proxmox-firewall/src/bin/proxmox-firewall.rs | 135 +++++++++++++++----
> proxmox-firewall/src/config.rs | 2 +
> proxmox-firewall/src/firewall.rs | 2 +
> proxmox-firewall/src/object.rs | 2 +
> proxmox-firewall/src/rule.rs | 2 +
> 8 files changed, 120 insertions(+), 36 deletions(-)
>
>
> pve-docs:
>
> Stefan Hanreich (1):
> firewall: update 'useful commands' section with new subcommands
>
> pve-firewall.adoc | 38 ++++++++++++++++++++++++--------------
> 1 file changed, 24 insertions(+), 14 deletions(-)
>
>
> Summary over all repositories:
> 9 files changed, 144 insertions(+), 50 deletions(-)
>
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-07-24 15:08 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-27 13:57 Stefan Hanreich
2025-05-27 13:57 ` [pve-devel] [PATCH proxmox-firewall v2 1/3] firewall: use proxmox_log Stefan Hanreich
2025-05-27 13:57 ` [pve-devel] [PATCH proxmox-firewall v2 2/3] proxmox-firewall: add subcommands Stefan Hanreich
2025-05-27 13:57 ` [pve-devel] [PATCH proxmox-firewall v2 3/3] proxmox-firewall: add localnet subcommand Stefan Hanreich
2025-05-27 13:58 ` [pve-devel] [PATCH pve-docs v2 1/1] firewall: update 'useful commands' section with new subcommands Stefan Hanreich
2025-07-24 15:09 ` Stefan Hanreich [this message]
2025-07-29 6:21 ` [pve-devel] [PATCH docs/proxmox-firewall v2 0/4] migrate proxmox-firewall to proxmox-log + introduce subcommands Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6aab2424-0db7-4be8-b612-1b22469422a7@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.