From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <pve-devel-bounces@lists.proxmox.com> Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id B57F51FF16F for <inbox@lore.proxmox.com>; Fri, 15 Nov 2024 13:12:50 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id CACE212AF0; Fri, 15 Nov 2024 13:12:14 +0100 (CET) From: Stefan Hanreich <s.hanreich@proxmox.com> To: pve-devel@lists.proxmox.com Date: Fri, 15 Nov 2024 13:11:06 +0100 Message-Id: <20241115121109.170200-16-s.hanreich@proxmox.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241115121109.170200-1-s.hanreich@proxmox.com> References: <20241115121109.170200-1-s.hanreich@proxmox.com> MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.233 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH pve-manager v4 15/18] sdn: add firewall panel X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com> List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe> List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/> List-Post: <mailto:pve-devel@lists.proxmox.com> List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help> List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe> Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com> RXhwb3NlIHRoZSBhYmlsaXR5IHRvIGNyZWF0ZSB2bmV0LWxldmVsIGZpcmV3YWxscyBpbiB0aGUg UFZFIFVJCgpTaWduZWQtb2ZmLWJ5OiBTdGVmYW4gSGFucmVpY2ggPHMuaGFucmVpY2hAcHJveG1v eC5jb20+ClRlc3RlZC1ieTogSGFubmVzIETDvHJyIDxoLmR1ZXJyQHByb3htb3guY29tPgotLS0K IHd3dy9tYW5hZ2VyNi9NYWtlZmlsZSAgICAgICAgICAgICAgICB8ICAyICsKIHd3dy9tYW5hZ2Vy Ni9kYy9Db25maWcuanMgICAgICAgICAgICB8ICA4ICsrKwogd3d3L21hbmFnZXI2L3Nkbi9GaXJl d2FsbFBhbmVsLmpzICAgIHwgNTAgKysrKysrKysrKysrKysrKysrCiB3d3cvbWFuYWdlcjYvc2Ru L0ZpcmV3YWxsVm5ldFZpZXcuanMgfCA3NyArKysrKysrKysrKysrKysrKysrKysrKysrKysrCiA0 IGZpbGVzIGNoYW5nZWQsIDEzNyBpbnNlcnRpb25zKCspCiBjcmVhdGUgbW9kZSAxMDA2NDQgd3d3 L21hbmFnZXI2L3Nkbi9GaXJld2FsbFBhbmVsLmpzCiBjcmVhdGUgbW9kZSAxMDA2NDQgd3d3L21h bmFnZXI2L3Nkbi9GaXJld2FsbFZuZXRWaWV3LmpzCgpkaWZmIC0tZ2l0IGEvd3d3L21hbmFnZXI2 L01ha2VmaWxlIGIvd3d3L21hbmFnZXI2L01ha2VmaWxlCmluZGV4IGQ2MjNkZmI5OC4uMmFkMzg1 M2QwIDEwMDY0NAotLS0gYS93d3cvbWFuYWdlcjYvTWFrZWZpbGUKKysrIGIvd3d3L21hbmFnZXI2 L01ha2VmaWxlCkBAIC0yNzksNiArMjc5LDggQEAgSlNTUkM9IAkJCQkJCQlcCiAJc2RuL1N1Ym5l dFZpZXcuanMJCQkJXAogCXNkbi9ab25lQ29udGVudFZpZXcuanMJCQkJXAogCXNkbi9ab25lQ29u dGVudFBhbmVsLmpzCQkJCVwKKwlzZG4vRmlyZXdhbGxQYW5lbC5qcwkJCQlcCisJc2RuL0ZpcmV3 YWxsVm5ldFZpZXcuanMJCQkJXAogCXNkbi9ab25lVmlldy5qcwkJCQkJXAogCXNkbi9JcGFtRWRp dC5qcwkJCQkJXAogCXNkbi9PcHRpb25zUGFuZWwuanMJCQkJXApkaWZmIC0tZ2l0IGEvd3d3L21h bmFnZXI2L2RjL0NvbmZpZy5qcyBiL3d3dy9tYW5hZ2VyNi9kYy9Db25maWcuanMKaW5kZXggNzIw ZWRlZmM2Li5kNDQ1NTQ5NTQgMTAwNjQ0Ci0tLSBhL3d3dy9tYW5hZ2VyNi9kYy9Db25maWcuanMK KysrIGIvd3d3L21hbmFnZXI2L2RjL0NvbmZpZy5qcwpAQCAtMjIxLDYgKzIyMSwxNCBAQCBFeHQu ZGVmaW5lKCdQVkUuZGMuQ29uZmlnJywgewogCQkgICAgaGlkZGVuOiB0cnVlLAogCQkgICAgaWNv bkNsczogJ2ZhIGZhLW1hcC1zaWducycsCiAJCSAgICBpdGVtSWQ6ICdzZG5tYXBwaW5ncycsCisJ CX0sCisJCXsKKwkJICAgIHh0eXBlOiAncHZlU0RORmlyZXdhbGwnLAorCQkgICAgZ3JvdXBzOiBb J3NkbiddLAorCQkgICAgdGl0bGU6IGdldHRleHQoJ0ZpcmV3YWxsJyksCisJCSAgICBoaWRkZW46 IHRydWUsCisJCSAgICBpY29uQ2xzOiAnZmEgZmEtc2hpZWxkJywKKwkJICAgIGl0ZW1JZDogJ3Nk bmZpcmV3YWxsJywKIAkJfSk7CiAJICAgIH0KIApkaWZmIC0tZ2l0IGEvd3d3L21hbmFnZXI2L3Nk bi9GaXJld2FsbFBhbmVsLmpzIGIvd3d3L21hbmFnZXI2L3Nkbi9GaXJld2FsbFBhbmVsLmpzCm5l dyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4IDAwMDAwMDAwMC4uMGNkZjMxOTE1Ci0tLSAvZGV2L251 bGwKKysrIGIvd3d3L21hbmFnZXI2L3Nkbi9GaXJld2FsbFBhbmVsLmpzCkBAIC0wLDAgKzEsNTAg QEAKKworRXh0LmRlZmluZSgnUFZFLnNkbi5GaXJld2FsbFBhbmVsJywgeworICAgIGV4dGVuZDog J0V4dC5wYW5lbC5QYW5lbCcsCisgICAgYWxpYXM6ICd3aWRnZXQucHZlU0RORmlyZXdhbGwnLAor CisgICAgdGl0bGU6ICdWTmV0JywKKworICAgIGluaXRDb21wb25lbnQ6IGZ1bmN0aW9uKCkgewor CWxldCBtZSA9IHRoaXM7CisKKwlsZXQgdGFiUGFuZWwgPSBFeHQuY3JlYXRlKCdFeHQuVGFiUGFu ZWwnLCB7CisJICAgIGZ1bGxzY3JlZW46IHRydWUsCisJICAgIHJlZ2lvbjogJ2NlbnRlcicsCisJ ICAgIGJvcmRlcjogZmFsc2UsCisJICAgIHNwbGl0OiB0cnVlLAorCSAgICBkaXNhYmxlZDogdHJ1 ZSwKKwkgICAgZmxleDogMiwKKwkgICAgaXRlbXM6IFsKKwkJeworCQkgICAgeHR5cGU6ICdwdmVG aXJld2FsbFJ1bGVzJywKKwkJICAgIHRpdGxlOiBnZXR0ZXh0KCdSdWxlcycpLAorCQkgICAgbGlz dF9yZWZzX3VybDogJy9jbHVzdGVyL2ZpcmV3YWxsL3JlZnMnLAorCQkgICAgZmlyZXdhbGxfdHlw ZTogJ3ZuZXQnLAorCQl9LAorCQl7CisJCSAgICB4dHlwZTogJ3B2ZUZpcmV3YWxsT3B0aW9ucycs CisJCSAgICB0aXRsZTogZ2V0dGV4dCgnT3B0aW9ucycpLAorCQkgICAgZnd0eXBlOiAndm5ldCcs CisJCX0sCisJICAgIF0sCisJfSk7CisKKwlsZXQgdm5ldFBhbmVsID0gRXh0LmNyZWF0ZVdpZGdl dCgncHZlU0RORmlyZXdhbGxWbmV0VmlldycsIHsKKwkgICAgdGl0bGU6ICdWTmV0cycsCisJICAg IHJlZ2lvbjogJ3dlc3QnLAorCSAgICBib3JkZXI6IGZhbHNlLAorCSAgICBzcGxpdDogdHJ1ZSwK KwkgICAgZm9yY2VGaXQ6IHRydWUsCisJICAgIGZsZXg6IDEsCisJICAgIHRhYlBhbmVsLAorCX0p OworCisJRXh0LmFwcGx5KG1lLCB7CisJICAgIGxheW91dDogJ2JvcmRlcicsCisJICAgIGl0ZW1z OiBbdm5ldFBhbmVsLCB0YWJQYW5lbF0sCisJfSk7CisKKwltZS5jYWxsUGFyZW50KCk7CisgICAg fSwKK30pOwpkaWZmIC0tZ2l0IGEvd3d3L21hbmFnZXI2L3Nkbi9GaXJld2FsbFZuZXRWaWV3Lmpz IGIvd3d3L21hbmFnZXI2L3Nkbi9GaXJld2FsbFZuZXRWaWV3LmpzCm5ldyBmaWxlIG1vZGUgMTAw NjQ0CmluZGV4IDAwMDAwMDAwMC4uODYxZDRiNWJlCi0tLSAvZGV2L251bGwKKysrIGIvd3d3L21h bmFnZXI2L3Nkbi9GaXJld2FsbFZuZXRWaWV3LmpzCkBAIC0wLDAgKzEsNzcgQEAKK0V4dC5kZWZp bmUoJ1BWRS5zZG4uRmlyZXdhbGxWbmV0VmlldycsIHsKKyAgICBleHRlbmQ6ICdFeHQuZ3JpZC5H cmlkUGFuZWwnLAorICAgIGFsaWFzOiAnd2lkZ2V0LnB2ZVNETkZpcmV3YWxsVm5ldFZpZXcnLAor CisgICAgc3RhdGVmdWw6IHRydWUsCisgICAgc3RhdGVJZDogJ2dyaWQtc2RuLXZuZXQtZmlyZXdh bGwnLAorCisgICAgdGFiUGFuZWw6IHVuZGVmaW5lZCwKKworICAgIGdldFJ1bGVzUGFuZWw6IGZ1 bmN0aW9uKCkgeworCWxldCBtZSA9IHRoaXM7CisJcmV0dXJuIG1lLnRhYlBhbmVsLml0ZW1zLmdl dEF0KDApOworICAgIH0sCisKKyAgICBnZXRPcHRpb25zUGFuZWw6IGZ1bmN0aW9uKCkgeworCWxl dCBtZSA9IHRoaXM7CisJcmV0dXJuIG1lLnRhYlBhbmVsLml0ZW1zLmdldEF0KDEpOworICAgIH0s CisKKyAgICBpbml0Q29tcG9uZW50OiBmdW5jdGlvbigpIHsKKwlsZXQgbWUgPSB0aGlzOworCisJ bGV0IHN0b3JlID0gbmV3IEV4dC5kYXRhLlN0b3JlKHsKKwkgICAgbW9kZWw6ICdwdmUtc2RuLXZu ZXQnLAorCSAgICBwcm94eTogeworICAgICAgICAgICAgICAgIHR5cGU6ICdwcm94bW94JywKKwkJ dXJsOiAiL2FwaTIvanNvbi9jbHVzdGVyL3Nkbi92bmV0cyIsCisJICAgIH0sCisJICAgIHNvcnRl cnM6IHsKKwkJcHJvcGVydHk6IFsnem9uZScsICd2bmV0J10sCisJCWRpcmVjdGlvbjogJ0FTQycs CisJICAgIH0sCisJfSk7CisKKwlsZXQgcmVsb2FkID0gKCkgPT4gc3RvcmUubG9hZCgpOworCisJ bGV0IHNtID0gRXh0LmNyZWF0ZSgnRXh0LnNlbGVjdGlvbi5Sb3dNb2RlbCcsIHt9KTsKKworCUV4 dC5hcHBseShtZSwgeworCSAgICBzdG9yZTogc3RvcmUsCisJICAgIHJlbG9hZFN0b3JlOiByZWxv YWQsCisJICAgIHNlbE1vZGVsOiBzbSwKKwkgICAgdmlld0NvbmZpZzogeworCQl0cmFja092ZXI6 IGZhbHNlLAorCSAgICB9LAorCSAgICBjb2x1bW5zOiBbCisJCXsKKwkJICAgIGhlYWRlcjogJ0lE JywKKwkJICAgIGZsZXg6IDEsCisJCSAgICBkYXRhSW5kZXg6ICd2bmV0JywKKwkJfSwKKwkJewor CQkgICAgaGVhZGVyOiBnZXR0ZXh0KCdab25lJyksCisJCSAgICBmbGV4OiAxLAorCQkgICAgZGF0 YUluZGV4OiAnem9uZScsCisJCX0sCisJCXsKKwkJICAgIGhlYWRlcjogZ2V0dGV4dCgnQWxpYXMn KSwKKwkJICAgIGZsZXg6IDEsCisJCSAgICBkYXRhSW5kZXg6ICdhbGlhcycsCisJCX0sCisJICAg IF0sCisJICAgIGxpc3RlbmVyczogeworCQlhY3RpdmF0ZTogcmVsb2FkLAorCQlzaG93OiByZWxv YWQsCisJCXNlbGVjdDogZnVuY3Rpb24oX3NtLCByZWMpIHsKKwkJICAgIG1lLnRhYlBhbmVsLnNl dERpc2FibGVkKGZhbHNlKTsKKworCQkgICAgbWUuZ2V0UnVsZXNQYW5lbCgpLnNldEJhc2VVcmwo YC9jbHVzdGVyL3Nkbi92bmV0cy8ke3JlYy5pZH0vZmlyZXdhbGwvcnVsZXNgKTsKKwkJICAgIG1l LmdldE9wdGlvbnNQYW5lbCgpLnNldEJhc2VVcmwoYC9jbHVzdGVyL3Nkbi92bmV0cy8ke3JlYy5p ZH0vZmlyZXdhbGwvb3B0aW9uc2ApOworCQl9LAorCSAgICB9LAorCX0pOworCXN0b3JlLmxvYWQo KTsKKwltZS5jYWxsUGFyZW50KCk7CisgICAgfSwKK30pOwotLSAKMi4zOS41CgoKX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KcHZlLWRldmVsIG1haWxpbmcg bGlzdApwdmUtZGV2ZWxAbGlzdHMucHJveG1veC5jb20KaHR0cHM6Ly9saXN0cy5wcm94bW94LmNv bS9jZ2ktYmluL21haWxtYW4vbGlzdGluZm8vcHZlLWRldmVsCg==