From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 8DC099587A for ; Wed, 18 Jan 2023 16:47:06 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 5FFAD227EE for ; Wed, 18 Jan 2023 16:46:36 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 18 Jan 2023 16:46:35 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id D1AE544A75 for ; Wed, 18 Jan 2023 16:46:34 +0100 (CET) Date: Wed, 18 Jan 2023 16:46:33 +0100 From: Wolfgang Bumiller To: Christian Ebner Cc: pve-devel@lists.proxmox.com Message-ID: <20230118154633.7s3gr4qyzeaqgqqo@casey.proxmox.com> References: <20230111133220.337991-1-c.ebner@proxmox.com> <20230111133220.337991-2-c.ebner@proxmox.com> <20230118103317.ydpvejxfkezmiprj@casey.proxmox.com> <1435006759.1324.1674054628538@webmail.proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1435006759.1324.1674054628538@webmail.proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL 0.206 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pve-devel] [PATCH v2 firewall 1/1] api: Add optional parameters `since` and `until` for timestamp filter X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jan 2023 15:47:06 -0000 On Wed, Jan 18, 2023 at 04:10:28PM +0100, Christian Ebner wrote: > > On 18.01.2023 11:33 CET Wolfgang Bumiller wrote: > > > > > > On Wed, Jan 11, 2023 at 02:32:19PM +0100, Christian Ebner wrote: > > > The optional unix epoch timestamps parameters `since` and `until` are introduced > > > in order to filter firewall logs files. If one of these flags is set, also > > > rotated logfiles are included. This is handled in the `dump_fw_logfile` helper > > > function. Filtering is now performed based on a callback function passed to > > > `dump_fw_logfile`. > > > > > > This patch depends on the corresponding patch in the pve-common repository. > > > > > > Signed-off-by: Christian Ebner > > > --- > > > src/PVE/API2/Firewall/Host.pm | 34 +++++++++++++++++++- > > > src/PVE/API2/Firewall/VM.pm | 40 +++++++++++++++++++++--- > > > src/PVE/Firewall/Helpers.pm | 59 +++++++++++++++++++++++++++++++++++ > > > 3 files changed, 128 insertions(+), 5 deletions(-) > > > > > > diff --git a/src/PVE/API2/Firewall/Host.pm b/src/PVE/API2/Firewall/Host.pm > > > index dfeccd0..02f090e 100644 > > > --- a/src/PVE/API2/Firewall/Host.pm > > > +++ b/src/PVE/API2/Firewall/Host.pm > > > @@ -11,6 +11,7 @@ use PVE::Firewall; > > > use PVE::API2::Firewall::Rules; > > > > > > > > > +use Date::Parse qw(str2time); > > > use base qw(PVE::RESTHandler); > > > > > > __PACKAGE__->register_method ({ > > > @@ -172,6 +173,18 @@ __PACKAGE__->register_method({ > > > minimum => 0, > > > optional => 1, > > > }, > > > + since => { > > > + type => 'integer', > > > + minimum => 0, > > > + description => "Display log since this UNIX epoch.", > > > + optional => 1, > > > + }, > > > + until => { > > > + type => 'integer', > > > + minimum => 0, > > > + description => "Display log until this UNIX epoch.", > > > + optional => 1, > > > + }, > > > }, > > > }, > > > returns => { > > > @@ -196,8 +209,27 @@ __PACKAGE__->register_method({ > > > my $rpcenv = PVE::RPCEnvironment::get(); > > > my $user = $rpcenv->get_user(); > > > my $node = $param->{node}; > > > + my $filename = "/var/log/pve-firewall.log"; > > > + my ($start, $limit, $since, $until) = > > > + $param->@{qw(start limit since until)}; > > > + > > > + my $filter = sub { > > > > I think this filter could be implied by the `dump_fw_logfile` sub. > > In which case I would need to re-introduce the `since` and `until` parameters to `dump_fw_logfile`, which was the idea to get rid of by passing the whole callback function. Or am I missing the point here? Maybe put it all together with `start` and `limit` in a `param` hash? Well I mostly just wanted it out of `PVE::Tools` since it also parses fw log specific lines, but now that part is inside the firewall package, and it's just duplicate code.