From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id CD9421FF163 for ; Thu, 10 Oct 2024 18:00:02 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 03E201E90E; Thu, 10 Oct 2024 17:57:37 +0200 (CEST) From: Stefan Hanreich To: pve-devel@lists.proxmox.com Date: Thu, 10 Oct 2024 17:56:48 +0200 Message-Id: <20241010155650.255698-16-s.hanreich@proxmox.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241010155650.255698-1-s.hanreich@proxmox.com> References: <20241010155650.255698-1-s.hanreich@proxmox.com> MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.254 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH pve-manager v2 15/17] sdn: add firewall panel X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" Expose the ability to create vnet-level firewalls in the PVE UI Signed-off-by: Stefan Hanreich --- www/manager6/Makefile | 2 + www/manager6/dc/Config.js | 8 +++ www/manager6/sdn/FirewallPanel.js | 48 +++++++++++++++++ www/manager6/sdn/FirewallVnetView.js | 77 ++++++++++++++++++++++++++++ 4 files changed, 135 insertions(+) create mode 100644 www/manager6/sdn/FirewallPanel.js create mode 100644 www/manager6/sdn/FirewallVnetView.js diff --git a/www/manager6/Makefile b/www/manager6/Makefile index 2c3a822bd..13a1c4177 100644 --- a/www/manager6/Makefile +++ b/www/manager6/Makefile @@ -279,6 +279,8 @@ JSSRC= \ sdn/SubnetView.js \ sdn/ZoneContentView.js \ sdn/ZoneContentPanel.js \ + sdn/FirewallPanel.js \ + sdn/FirewallVnetView.js \ sdn/ZoneView.js \ sdn/IpamEdit.js \ sdn/OptionsPanel.js \ diff --git a/www/manager6/dc/Config.js b/www/manager6/dc/Config.js index 720edefc6..d44554954 100644 --- a/www/manager6/dc/Config.js +++ b/www/manager6/dc/Config.js @@ -221,6 +221,14 @@ Ext.define('PVE.dc.Config', { hidden: true, iconCls: 'fa fa-map-signs', itemId: 'sdnmappings', + }, + { + xtype: 'pveSDNFirewall', + groups: ['sdn'], + title: gettext('Firewall'), + hidden: true, + iconCls: 'fa fa-shield', + itemId: 'sdnfirewall', }); } diff --git a/www/manager6/sdn/FirewallPanel.js b/www/manager6/sdn/FirewallPanel.js new file mode 100644 index 000000000..f02ff5a35 --- /dev/null +++ b/www/manager6/sdn/FirewallPanel.js @@ -0,0 +1,48 @@ + +Ext.define('PVE.sdn.FirewallPanel', { + extend: 'Ext.panel.Panel', + alias: 'widget.pveSDNFirewall', + + title: 'VNet', + + initComponent: function() { + let me = this; + + let tabPanel = Ext.create('Ext.TabPanel', { + fullscreen: true, + region: 'center', + border: false, + split: true, + disabled: true, + items: [ + { + xtype: 'pveFirewallRules', + title: gettext('Rules'), + list_refs_url: '/cluster/firewall/refs', + firewall_type: 'vnet', + }, + { + xtype: 'pveFirewallOptions', + title: gettext('Options'), + fwtype: 'vnet', + }, + ], + }); + + let vnetPanel = Ext.createWidget('pveSDNFirewallVnetView', { + title: 'VNets', + region: 'west', + border: false, + split: true, + forceFit: true, + tabPanel, + }); + + Ext.apply(me, { + layout: 'border', + items: [vnetPanel, tabPanel], + }); + + me.callParent(); + }, +}); diff --git a/www/manager6/sdn/FirewallVnetView.js b/www/manager6/sdn/FirewallVnetView.js new file mode 100644 index 000000000..861d4b5be --- /dev/null +++ b/www/manager6/sdn/FirewallVnetView.js @@ -0,0 +1,77 @@ +Ext.define('PVE.sdn.FirewallVnetView', { + extend: 'Ext.grid.GridPanel', + alias: 'widget.pveSDNFirewallVnetView', + + stateful: true, + stateId: 'grid-sdn-vnet-firewall', + + tabPanel: undefined, + + getRulesPanel: function() { + let me = this; + return me.tabPanel.items.getAt(0); + }, + + getOptionsPanel: function() { + let me = this; + return me.tabPanel.items.getAt(1); + }, + + initComponent: function() { + let me = this; + + let store = new Ext.data.Store({ + model: 'pve-sdn-vnet', + proxy: { + type: 'proxmox', + url: "/api2/json/cluster/sdn/vnets", + }, + sorters: { + property: ['zone', 'vnet'], + direction: 'ASC', + }, + }); + + let reload = () => store.load(); + + let sm = Ext.create('Ext.selection.RowModel', {}); + + Ext.apply(me, { + store: store, + reloadStore: reload, + selModel: sm, + viewConfig: { + trackOver: false, + }, + columns: [ + { + header: 'ID', + flex: 1, + dataIndex: 'vnet', + }, + { + header: gettext('Zone'), + flex: 1, + dataIndex: 'zone', + }, + { + header: gettext('Alias'), + flex: 1, + dataIndex: 'alias', + }, + ], + listeners: { + activate: reload, + show: reload, + select: function(_sm, rec) { + me.tabPanel.setDisabled(false); + + me.getRulesPanel().setBaseUrl(`/cluster/sdn/vnets/${rec.id}/firewall/rules`); + me.getOptionsPanel().setBaseUrl(`/cluster/sdn/vnets/${rec.id}/firewall/options`); + }, + }, + }); + store.load(); + me.callParent(); + }, +}); -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel