From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: Re: [pve-devel] [PATCH docs/proxmox-firewall v2 0/4] migrate proxmox-firewall to proxmox-log + introduce subcommands
Date: Thu, 24 Jul 2025 17:09:22 +0200 [thread overview]
Message-ID: <6aab2424-0db7-4be8-b612-1b22469422a7@proxmox.com> (raw)
In-Reply-To: <20250527135800.190084-1-s.hanreich@proxmox.com>
ping
On 5/27/25 15:57, Stefan Hanreich wrote:
> Since we now have proxmox-log as the standard crate for logging purposes,
> migrate proxmox-firewall to the new logging crate.
>
> The old logging setup was also tied with the debugging mechanisms described in
> the documentation. I used that opportunity to implement specific subcommands for
> debugging proxmox-firewall, instead of just relying solely on the log output.
>
> The patch for changing to proxmox-log can be applied independently, but this
> breaks the commands included in the documentation. That's why I decided to send
> them as part of one patch series, because the change to proxmox-log prompted me
> to implement the subcommands for debugging in the first place.
>
> I've also looked at implementing the status subcommand, but this would currently
> require a bit more work. The JSON output generated by proxmox-firewall and the
> JSON output from nftables differ, because nftables does some rule rewriting /
> optimization under the hood, so they're not 1:1 comparable. I'll look into
> adjusting the proxmox-firewall to emitting the already optimized JSON output, so
> we can compare the nft output with the output generated by proxmox-firewall.
>
> Changes from v1:
> * print USAGE on wrong subcommands
> * add localnet subcommand
> * rustfmt
>
> proxmox-firewall:
>
> Stefan Hanreich (3):
> firewall: use proxmox_log
> proxmox-firewall: add subcommands
> proxmox-firewall: add localnet subcommand
>
> debian/control | 4 +-
> debian/proxmox-firewall.service | 4 +-
> proxmox-firewall/Cargo.toml | 5 +-
> proxmox-firewall/src/bin/proxmox-firewall.rs | 135 +++++++++++++++----
> proxmox-firewall/src/config.rs | 2 +
> proxmox-firewall/src/firewall.rs | 2 +
> proxmox-firewall/src/object.rs | 2 +
> proxmox-firewall/src/rule.rs | 2 +
> 8 files changed, 120 insertions(+), 36 deletions(-)
>
>
> pve-docs:
>
> Stefan Hanreich (1):
> firewall: update 'useful commands' section with new subcommands
>
> pve-firewall.adoc | 38 ++++++++++++++++++++++++--------------
> 1 file changed, 24 insertions(+), 14 deletions(-)
>
>
> Summary over all repositories:
> 9 files changed, 144 insertions(+), 50 deletions(-)
>
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-07-24 15:08 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-27 13:57 Stefan Hanreich
2025-05-27 13:57 ` [pve-devel] [PATCH proxmox-firewall v2 1/3] firewall: use proxmox_log Stefan Hanreich
2025-05-27 13:57 ` [pve-devel] [PATCH proxmox-firewall v2 2/3] proxmox-firewall: add subcommands Stefan Hanreich
2025-05-27 13:57 ` [pve-devel] [PATCH proxmox-firewall v2 3/3] proxmox-firewall: add localnet subcommand Stefan Hanreich
2025-05-27 13:58 ` [pve-devel] [PATCH pve-docs v2 1/1] firewall: update 'useful commands' section with new subcommands Stefan Hanreich
2025-07-24 15:09 ` Stefan Hanreich [this message]
2025-07-29 6:21 ` [pve-devel] [PATCH docs/proxmox-firewall v2 0/4] migrate proxmox-firewall to proxmox-log + introduce subcommands Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6aab2424-0db7-4be8-b612-1b22469422a7@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox