From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 771ED1FF140 for ; Thu, 15 Jan 2026 18:12:18 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 0E83D8584; Thu, 15 Jan 2026 18:12:23 +0100 (CET) Message-ID: <9ab1a6bf-cbba-4f78-bf92-c5c8d76d30f2@proxmox.com> Date: Thu, 15 Jan 2026 18:11:48 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: Proxmox VE development discussion , Robert Obkircher References: <20251215150906.257151-1-r.obkircher@proxmox.com> Content-Language: en-US From: Stefan Hanreich In-Reply-To: <20251215150906.257151-1-r.obkircher@proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL 0.724 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pve-devel] [PATCH firewall/manager/proxmox{-ve-rs, -firewall} 0/5] fix #7068: show rule comments in iptables and nftables X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" gave this another test and review - looks good to me - thanks for looking into this! found out while testing that the comment '0' doesn't get saved due to falsiness checks instead of definedness check - nothing to do with your patch series. Tested-by: Stefan Hanreich Reviewed-by: Stefan Hanreich On 12/15/25 4:10 PM, Robert Obkircher wrote: > Pass firewall rule comments from the UI to the underlying firewall > configuration. > > Combines and changes two previously separate patches: > New: > - added a preserve_comments firewall option to api and UI > [1] fix #7068: show rule comments in iptables output > - shortened PVECOMMENT: prefix to PVE: > - fixed escape logic regex > - added tests for print_ipt_command function > [2] fix #7068: show rule comments in nftables output > - test truncation logic > > Note that for testing you likely want the fix for '#' symbols inside > comments [3] and the fix for "make check" in pve-firewall [4]. > > At some point I ran into a strange issue, where the options grid > displayed "Yes" for boolean options which were clearly 0 in the network > response, while the edit dialog displayed the correct value. I'm not > sure what caused this but system updates and rebuilding pve-firewall > +pve-manager fixed it. > > [1] https://lore.proxmox.com/pve-devel/20251201123424.94742-1-r.obkircher@proxmox.com/#r > [2] https://lore.proxmox.com/pve-devel/75f887c2-fce6-444e-829c-977784dca365@proxmox.com/#r > [3] https://lore.proxmox.com/pve-devel/20251215123925.168475-1-r.obkircher@proxmox.com/T/#u > [4] https://lore.proxmox.com/pve-devel/20251211141201.143435-1-r.obkircher@proxmox.com/ > > *** MURPP HERE *** > > pve-firewall: > > Robert Obkircher (2): > api: firewall: add option to preserve comments > fix #7068: show rule comments in iptables output > > src/PVE/Firewall.pm | 36 +++++++++++++++++- > test/Makefile | 1 + > test/test_comments.pl | 86 +++++++++++++++++++++++++++++++++++++++++++ > 3 files changed, 121 insertions(+), 2 deletions(-) > create mode 100755 test/test_comments.pl > > > pve-manager: > > Robert Obkircher (1): > ui: firewall: add preserve comments option > > www/manager6/grid/FirewallOptions.js | 1 + > 1 file changed, 1 insertion(+) > > > proxmox-ve-rs: > > Robert Obkircher (1): > firewall: parse preserve_comments host firewall option > > proxmox-ve-config/src/firewall/host.rs | 14 ++++++++++++++ > 1 file changed, 14 insertions(+) > > > proxmox-firewall: > > Robert Obkircher (2): > fix #7068: show rule comments in nftables output > firewall: add rule comments to snapshot tests > > proxmox-firewall/src/rule.rs | 56 ++++++++++++++++++- > proxmox-firewall/tests/input/host.fw | 4 +- > .../integration_tests__firewall.snap | 44 ++++++++++++++- > 3 files changed, 100 insertions(+), 4 deletions(-) > > > Summary over all repositories: > 8 files changed, 236 insertions(+), 6 deletions(-) > _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel