From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 0FA4B1FF1A6 for ; Fri, 5 Dec 2025 14:59:07 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id D59BD1F2A0; Fri, 5 Dec 2025 14:59:31 +0100 (CET) Message-ID: <9a96aa1e-5c19-4976-847a-3a9ce79f3ebf@proxmox.com> Date: Fri, 5 Dec 2025 14:58:58 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: Robert Obkircher , Proxmox VE development discussion References: <20251201123424.94742-1-r.obkircher@proxmox.com> <61d8eb9c-2b58-4db2-a4ad-b0b85ec0cc00@proxmox.com> <8c636f5c-72e1-4486-aa58-f35c4f6adae2@proxmox.com> Content-Language: en-US From: Stefan Hanreich In-Reply-To: <8c636f5c-72e1-4486-aa58-f35c4f6adae2@proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL 0.724 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [proxmox.com, firewall.pm] Subject: Re: [pve-devel] [PATCH v1 pve-firewall] fix #7068: show rule comments in iptables output X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" CgpPbiAxMi81LzI1IDI6MDIgUE0sIFJvYmVydCBPYmtpcmNoZXIgd3JvdGU6Cj4gCj4gT24gMTIv NS8yNSAxMjo1OCwgU3RlZmFuIEhhbnJlaWNoIHdyb3RlOgo+PiBUZXN0ZWQgdGhpcyBpbiBhIHNp bWlsYXIgdmVpbiBhcyB0aGUgbmZ0YWJsZXMgb25lOgo+PiAqICJub3JtYWwiIGNvbW1lbnRzCj4+ ICogY29tbWVudHMgdGhhdCBhcmUgdG9vIGxvbmcKPj4gKiBjb21tZW50cyB0aGF0IGFyZSB0b28g bG9uZyBhbmQgZG8gbm90IHRydW5jYXRlIG5pY2VseSBhdCB0aGUgMjU1Cj4+IGJvdW5kYXJ5Cj4+ ICogY29tbWVudHMgaW4gc2VjdXJpdHkgZ3JvdXBzCj4+ICogZW1vamlzIGluIGNvbW1lbnRzCj4+ Cj4+IGFmYWljdCB0aGUgUFZFQ09NTUVOVDogcHJlZml4IGlzIG1lcmVseSB2aXN1YWw/IGl0IGRv ZXNuJ3Qgc2VydmUgYW55Cj4+IGZ1bmN0aW9uYWwgcHVycG9zZT8gQXQgbGVhc3QgYSBxdWljayBt b25rZXktcGF0Y2ggcmVtb3ZpbmcgaXQgZGlkbid0Cj4+IGJyZWFrIGFueXRoaW5nIGFuZCBqdWRn aW5nIGZyb20gdGhlIHNvdXJjZSBjb2RlIGl0IHNlZW1zIGZpbmUgYXMgd2VsbC4KPj4gSW1vIGl0 IHdvdWxkIGJlIGZpbmUgdGhlbiB0byBjb21wbGV0ZWx5IG9taXQgaXQgdGhlbiAoZXZlbiBpbiB0 aGUgY2FzZQo+PiB3aGVyZSBydWxlIGNvbW1lbnRzIHN0YXJ0IHdpdGggUFZFU0lHKS4KPiAKPiBJ IHRoaW5rIHRoZSBwYXJzZXIgaW4gaXB0YWJsZXNfZ2V0X2NoYWlucyB3b3VsZCBhdCBsZWFzdCB0 ZW1wb3JhcmlseSBzZXQKPiBhbiBpbnZhbGlkIHNpZ25hdHVyZSBvbiB0aGUgY2hhaW4gYW5kIG9u bHkgb3ZlcnJpZGUgaXQgbGF0ZXIgYmVjYXVzZSB0aGUKPiByZWFsIFBWRVNJRzogcnVsZSBpcyBh bHdheXMgcHJlc2VudCBhbmQgcHJpbnRlZCBsYXN0LiBSZWx5aW5nIG9uIHRoYXQKPiBzZWVtZWQg YSBiaXQgc2tldGNoeS4KCkRvIHlvdSBtZWFuIHRoZSAndW5rbm93bicgc2lnbmF0dXJlPyBTZWVt cyBsaWtlIHRoaXMgaGFwcGVucyBkdWUgdG8gdGhpcwpsaW5lIGhlcmUgaW4gdGhlIHBhcnNlciBj YWxsYmFjayBbMV0uIFRoZSBvdGhlciByZWdleCBtYXRjaGVzIG9ubHkKYFBWRVNJRzpgIGNvbW1l bnRzIGFueXdheS4KCklmIHdlIHJlbW92ZSB0aGUgcHJlZml4LCBhZGRpbmcgYSBjb21tZW50IHdp dGggYSBgUFZFU0lHOmAgcHJlZml4IHdvdWxkCmRvIHRoYXQsIEkgZ3Vlc3M/CgpbMV0KaHR0cHM6 Ly9naXQucHJveG1veC5jb20vP3A9cHZlLWZpcmV3YWxsLmdpdDthPWJsb2I7Zj1zcmMvUFZFL0Zp cmV3YWxsLnBtO2g9OTNmOGMzNDQ2NmZkNjFiYzY0NjQzOTI3NTU5N2FhMjRiODcxODA1MztoYj1I RUFEI2wyMDkzCgo+Pgo+PiBtYiBzb21lb25lIHdpdGggbW9yZSBleHBlcmllbmNlIHdpdGggcGVy bCBhbmQgdXRmLTggY2FuIGNoaW1lIGluIG9uIHRoZQo+PiB0cnVuY2F0aW9uIGxvZ2ljPwo+Pgo+ PiBUZXN0ZWQtYnk6IFN0ZWZhbiBIYW5yZWljaCA8cy5oYW5yZWljaEBwcm94bW94LmNvbT4KPj4K Pj4gT24gMTIvMS8yNSAxOjMzIFBNLCBSb2JlcnQgT2JraXJjaGVyIHdyb3RlOgo+Pj4gVXNlIHRo ZSBpcHRhYmxlcyBjb21tZW50IGV4dGVuc2lvbiB0byBpbmNsdWRlIGNvbW1lbnRzIGZyb20gdGhl IFVJLgo+Pj4gUHJlZml4IHRoZW0gd2l0aCAiUFZFQ09NTUVOVDoiIHRvIGF2b2lkIGludGVyZmVy aW5nIHdpdGggdGhlIGV4aXN0aW5nCj4+PiAiUFZFU0lHOiRzaWciIGNvbW1lbnRzLCB3aGljaCBh cmUgdXNlZCB0byBzdG9yZSBzaWduYXR1cmVzIGZvciBjaGFuZ2UKPj4+IGRldGVjdGlvbi4KPj4+ Cj4+PiBUaGUgdG90YWwgbGVuZ3RoIG9mIHRoZSAodW5lc2NhcGVkKSBjb21tZW50cyBpcyBsaW1p dGVkIHRvIDI1NSB1dGY4Cj4+PiBieXRlcy4gQWNjb3JkaW5nIHRvIHRoZSBtYW4gcGFnZSBpdCBj b3VsZCBiZSB1cCB0byAyNTYgY2hhcmFjdGVycywgYnV0Cj4+PiB0aGUgYWN0dWFsIGltcGxlbWVu dGF0aW9uIHNlZW1zIHRvIHplcm8gdGVybWluYXRlIHRoZSBidWZmZXIgYmVmb3JlCj4+PiBzYXZp bmcuIEZvciBleGFtcGxlLCB0aGUgZm9sbG93aW5nIGNvbW1hbmQgcHJvZHVjZXMgYSAyNTUgY2hh ciBjb21tZW50Cj4+PiBlbmRpbmcgaW4gJ2EnOgo+Pj4gaXB0YWJsZXMgLUEgUFZFRlctSE9TVC1J TiAtbSBjb21tZW50IC0tY29tbWVudCAkKHB5dGhvbjMgLWMKPj4+ICJwcmludCgnYWInKjI1Niki KQo+Pj4KPj4+IFVubGlrZSB0aGUgaXB0YWJsZXMgY29tbWFuZCwgdGhpcyB2ZXJzaW9uIHRydW5j YXRlcyB0byB2YWxpZCB1dGY4Lgo+Pj4KPj4+IFNpZ25lZC1vZmYtYnk6IFJvYmVydCBPYmtpcmNo ZXIgPHIub2JraXJjaGVyQHByb3htb3guY29tPgo+Pj4gLS0tCj4+PiDCoCBzcmMvUFZFL0ZpcmV3 YWxsLnBtIHwgMTcgKysrKysrKysrKysrKysrKy0KPj4+IMKgIDEgZmlsZSBjaGFuZ2VkLCAxNiBp bnNlcnRpb25zKCspLCAxIGRlbGV0aW9uKC0pCj4+Pgo+Pj4gZGlmZiAtLWdpdCBhL3NyYy9QVkUv RmlyZXdhbGwucG0gYi9zcmMvUFZFL0ZpcmV3YWxsLnBtCj4+PiBpbmRleCA5M2Y4YzM0Li42ODg4 MjlhIDEwMDY0NAo+Pj4gLS0tIGEvc3JjL1BWRS9GaXJld2FsbC5wbQo+Pj4gKysrIGIvc3JjL1BW RS9GaXJld2FsbC5wbQo+Pj4gQEAgLTIyNzEsNiArMjI3MSwyMCBAQCBzdWIgaXB0X2dlbl9zcmNf b3JfZHN0X21hdGNoIHsKPj4+IMKgwqDCoMKgwqAgcmV0dXJuICRtYXRjaDsKPj4+IMKgIH0KPj4+ IMKgICtzdWIgcHJpbnRfaXB0X2NvbW1lbnQgewo+Pj4gK8KgwqDCoCBteSAoJGNvbW1lbnQpID0g QF87Cj4+PiArwqDCoMKgIHJldHVybiAiIiBpZiAhZGVmaW5lZCgkY29tbWVudCkgfHwgJGNvbW1l bnQgZXEgIiI7Cj4+PiArwqDCoMKgICRjb21tZW50ID0gZW5jb2RlKCJ1dGY4IiwgJGNvbW1lbnQs IEVuY29kZTo6TEVBVkVfU1JDKTsKPj4+ICvCoMKgwqAgJGNvbW1lbnQgPSAiUFZFQ09NTUVOVDok Y29tbWVudCI7ICMgYXZvaWQgYW55IGNvbmZ1c2lvbiB3aXRoCj4+PiBQVkVTSUcgY29tbWVudHMK Pj4+ICsKPj4+ICvCoMKgwqAgIyBtYW4gaXB0YWJsZXMtZXh0ZW5zaW9ucyBzYXlzIDI1NiBjaGFy cywgYnV0IHRoZSBjb2RlIG9ubHkKPj4+IHNhdmVzIDI1NQo+Pj4gK8KgwqDCoCAkY29tbWVudCA9 IHN1YnN0cigkY29tbWVudCwgMCwgMjU1KTsKPj4+ICvCoMKgwqAgJGNvbW1lbnQgPSBlbmNvZGUo J3V0ZjgnLCBkZWNvZGUoJ3V0ZjgnLCAkY29tbWVudCwKPj4+IEVuY29kZTo6RkJfUVVJRVQgfCBF bmNvZGU6OkxFQVZFX1NSQykpOwo+Pj4gKwo+Pj4gK8KgwqDCoCAkY29tbWVudCA9fiBzL1tcXCIn XS9cXCQxL2c7ICMgZXNjYXBlIGxvZ2ljIGZyb20KPj4+IHh0YWJsZXNfc2F2ZV9zdHJpbmcKCnNl ZW1zIGxpa2UgdGhlcmUgaXMgc3RpbGwgYW4gaXNzdWUgaGVyZSAtIHNldHRpbmcgdGhlIGNvbW1l bnQgYCMjIyJgIEkKZ2V0IHNldmVyYWw6CgpVc2Ugb2YgdW5pbml0aWFsaXplZCB2YWx1ZSAkMSBp biBjb25jYXRlbmF0aW9uICguKSBvciBzdHJpbmcgYXQKL3Vzci9zaGFyZS9wZXJsNS9QVkUvRmly ZXdhbGwucG0gbGluZSAyMjg0LgoKQ2FuIGJlIGVhc2lseSBjaGVja2VkIHZpYSBgcHZlLWZpcmV3 YWxsIGNvbXBpbGVgLgoKPj4+ICvCoMKgwqAgcmV0dXJuICIgLW0gY29tbWVudCAtLWNvbW1lbnQg XCIkY29tbWVudFwiIjsgIyBuZXZlciBvbWl0IHF1b3Rlcwo+Pj4gYmVjYXVzZSBvZiB0aGUgY29s b24KPj4+ICt9Cj4+PiArCj4+PiDCoCAjIGNvbnZlcnQgYSAlcnVsZSB0byBhbiBhcnJheSBvZiBp cHRhYmxlcyBjb21tYW5kcwo+Pj4gwqAgc3ViIGlwdF9ydWxlX3RvX2NtZHMgewo+Pj4gwqDCoMKg wqDCoCBteSAoJHJ1bGUsICRjaGFpbiwgJGlwdmVyc2lvbiwgJGNsdXN0ZXJfY29uZiwgJGZ3X2Nv bmYsICR2bWlkKQo+Pj4gPSBAXzsKPj4+IEBAIC0yMzc1LDcgKzIzODksOCBAQCBzdWIgaXB0X3J1 bGVfdG9fY21kcyB7Cj4+PiDCoMKgwqDCoMKgwqDCoMKgwqAgbXkgJGxvZ2FjdGlvbiA9IGdldF9s b2dfcnVsZV9iYXNlKCRjaGFpbiwgJHZtaWQsICRydWxlLQo+Pj4gPntsb2dtc2d9LCAkbG9nbGV2 ZWwpOwo+Pj4gwqDCoMKgwqDCoMKgwqDCoMKgIHB1c2ggQGlwdGNtZHMsICItQSAkY2hhaW4gJG1h dGNoc3RyICRsb2dhY3Rpb24iOwo+Pj4gwqDCoMKgwqDCoCB9Cj4+PiAtwqDCoMKgIHB1c2ggQGlw dGNtZHMsICItQSAkY2hhaW4gJG1hdGNoc3RyICR0YXJnZXRzdHIiOwo+Pj4gK8KgwqDCoCBteSAk Y29tbWVudCA9IHByaW50X2lwdF9jb21tZW50KCRydWxlLT57Y29tbWVudH0pOwo+Pj4gK8KgwqDC oCBwdXNoIEBpcHRjbWRzLCAiLUEgJGNoYWluICRtYXRjaHN0ciAkdGFyZ2V0c3RyJGNvbW1lbnQi Owo+Pj4gwqDCoMKgwqDCoCByZXR1cm4gQGlwdGNtZHM7Cj4+PiDCoCB9Cj4+PiDCoCAKPj4KCgoK X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KcHZlLWRldmVs IG1haWxpbmcgbGlzdApwdmUtZGV2ZWxAbGlzdHMucHJveG1veC5jb20KaHR0cHM6Ly9saXN0cy5w cm94bW94LmNvbS9jZ2ktYmluL21haWxtYW4vbGlzdGluZm8vcHZlLWRldmVsCg==