From: Stefan Hanreich <s.hanreich@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>,
Christoph Heiss <c.heiss@proxmox.com>
Subject: Re: [pve-devel] [PATCH proxmox-firewall] firewall: show full error if rule apply fails
Date: Wed, 2 Jul 2025 15:42:42 +0200 [thread overview]
Message-ID: <ee7e2268-3295-46ac-ac91-58783a8d8961@proxmox.com> (raw)
In-Reply-To: <20250630112615.1007598-1-c.heiss@proxmox.com>
On 6/30/25 13:23, Christoph Heiss wrote:
> Currently, this will only log something like
>
> error updating firewall rules: cannot execute nftables commands
>
> which, by itself, is pretty unhelpful. `anyhow` errors have context, so
> show that too.
How much additional lines in the log would that be? Since the daemon
runs every 5s this could grow large quite quickly. I already made some
effort of improving the debug experience by introducing new subcommands
[1], similar to pve-firewall. So potentially that is sufficient?
Otherwise we could also make this dependent on the log level?
[1]
https://lore.proxmox.com/pve-devel/20250527135800.190084-3-s.hanreich@proxmox.com/
> Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
> ---
> proxmox-firewall/src/bin/proxmox-firewall.rs | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/proxmox-firewall/src/bin/proxmox-firewall.rs b/proxmox-firewall/src/bin/proxmox-firewall.rs
> index 4732e51..5cd0c70 100644
> --- a/proxmox-firewall/src/bin/proxmox-firewall.rs
> +++ b/proxmox-firewall/src/bin/proxmox-firewall.rs
> @@ -101,7 +101,7 @@ fn main() -> Result<(), std::io::Error> {
> let start = Instant::now();
>
> if let Err(error) = handle_firewall() {
> - log::error!("error updating firewall rules: {error}");
> + log::error!("error updating firewall rules: {error:#}");
> }
>
> let duration = start.elapsed();
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-07-02 13:42 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-30 11:23 Christoph Heiss
2025-07-02 13:42 ` Stefan Hanreich [this message]
2025-07-02 13:53 ` Christoph Heiss
2025-07-02 13:54 ` Stefan Hanreich
2025-07-02 15:53 ` Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ee7e2268-3295-46ac-ac91-58783a8d8961@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=c.heiss@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.