From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id A5B791FF16F
	for <inbox@lore.proxmox.com>; Fri, 15 Nov 2024 13:19:38 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id AF74012FFE;
	Fri, 15 Nov 2024 13:19:39 +0100 (CET)
From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Fri, 15 Nov 2024 13:11:07 +0100
Message-Id: <20241115121109.170200-17-s.hanreich@proxmox.com>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20241115121109.170200-1-s.hanreich@proxmox.com>
References: <20241115121109.170200-1-s.hanreich@proxmox.com>
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.233 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery
 methods
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_NONE                0.001 SPF: sender does not publish an SPF Record
Subject: [pve-devel] [PATCH pve-manager v4 16/18] firewall: rules: show
 warning when creating forward rules
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

Since forward rules only take effect when the nftables firewall is
enabled, show a warning to users that informs them of this.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 www/manager6/grid/FirewallRules.js | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/www/manager6/grid/FirewallRules.js b/www/manager6/grid/FirewallRules.js
index e2809f02b..f8ee63783 100644
--- a/www/manager6/grid/FirewallRules.js
+++ b/www/manager6/grid/FirewallRules.js
@@ -174,6 +174,7 @@ Ext.define('PVE.FirewallRulePanel', {
 
     firewall_type: undefined,
     action_selector: undefined,
+    forward_warning: undefined,
 
     onGetValues: function(values) {
 	var me = this;
@@ -199,11 +200,17 @@ Ext.define('PVE.FirewallRulePanel', {
 	me.action_selector.setComboItems(allowed_actions.map((action) => [action, action]));
     },
 
+    setForwardWarning: function(type) {
+	let me = this;
+	me.forward_warning.setHidden(type !== 'forward');
+    },
+
     onSetValues: function(values) {
 	let me = this;
 
 	if (values.type) {
 	    me.setValidActions(values.type);
+	    me.setForwardWarning(values.type);
 	}
 
 	return values;
@@ -227,6 +234,12 @@ Ext.define('PVE.FirewallRulePanel', {
 	    allowBlank: false,
 	});
 
+	me.forward_warning = Ext.create('Proxmox.form.field.DisplayEdit', {
+	    userCls: 'pmx-hint',
+	    value: gettext('Forward rules only take effect when the nftables firewall is activated in the host options'),
+	    hidden: true,
+	});
+
 	me.column1 = [
 	    {
 		// hack: we use this field to mark the form 'dirty' when the
@@ -246,6 +259,7 @@ Ext.define('PVE.FirewallRulePanel', {
 		listeners: {
 		    change: function(f, value) {
 			me.setValidActions(value);
+			me.setForwardWarning(value);
                     },
                 },
 	    },
@@ -420,9 +434,17 @@ Ext.define('PVE.FirewallRulePanel', {
 		value: '',
 		fieldLabel: gettext('Comment'),
 	    },
+	    me.forward_warning,
 	];
 
 	me.callParent();
+
+	if (me.isCreate) {
+	    // on create we never change the values, so we need to trigger this
+	    // manually
+	    me.setValidActions(me.getValues().type);
+	    me.setForwardWarning(me.getValues().type);
+	}
     },
 });
 
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel