* [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs
@ 2024-01-16 14:30 Stefan Hanreich
2024-01-16 14:30 ` [pve-devel] [PATCH pve-manager v2 2/2] firewall: properly detect changes when ip / cidr is used in rule Stefan Hanreich
` (4 more replies)
0 siblings, 5 replies; 7+ messages in thread
From: Stefan Hanreich @ 2024-01-16 14:30 UTC (permalink / raw)
To: pve-devel
fall back to using v.ref as value when we do not have an alias or ipset
since scope and name are not set for ips / cidrs
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
Changes from v1:
* Added fix for an additional bug causing changes to IPs not being
picked up by the input panel
www/manager6/form/IPRefSelector.js | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/www/manager6/form/IPRefSelector.js b/www/manager6/form/IPRefSelector.js
index b50ac1e10..7e5eea63a 100644
--- a/www/manager6/form/IPRefSelector.js
+++ b/www/manager6/form/IPRefSelector.js
@@ -37,8 +37,10 @@ Ext.define('PVE.form.IPRefSelector', {
calculate: function(v) {
if (v.type === 'alias') {
return `${v.scope}/${v.name}`;
- } else {
+ } else if (v.type === 'ipset') {
return `+${v.scope}/${v.name}`;
+ } else {
+ return v.ref;
}
},
},
--
2.39.2
^ permalink raw reply [flat|nested] 7+ messages in thread
* [pve-devel] [PATCH pve-manager v2 2/2] firewall: properly detect changes when ip / cidr is used in rule
2024-01-16 14:30 [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs Stefan Hanreich
@ 2024-01-16 14:30 ` Stefan Hanreich
2024-01-16 14:57 ` Mira Limbeck
2024-01-16 14:52 ` [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs Mira Limbeck
` (3 subsequent siblings)
4 siblings, 1 reply; 7+ messages in thread
From: Stefan Hanreich @ 2024-01-16 14:30 UTC (permalink / raw)
To: pve-devel
With the current implementation using queryDelay, this means that the
change event for the input never completes. This in turn leads to
the input panel never changing its dirty status. By using the
beforequery event we can simply cancel the query without resorting to
the queryDelay hack.
Reported-By: Mira Limbeck <m.limbeck@proxmox.com>
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
www/manager6/form/IPRefSelector.js | 13 +++----------
1 file changed, 3 insertions(+), 10 deletions(-)
diff --git a/www/manager6/form/IPRefSelector.js b/www/manager6/form/IPRefSelector.js
index 7e5eea63a..d41cde5f5 100644
--- a/www/manager6/form/IPRefSelector.js
+++ b/www/manager6/form/IPRefSelector.js
@@ -56,15 +56,6 @@ Ext.define('PVE.form.IPRefSelector', {
},
});
- var disable_query_for_ips = function(f, value) {
- if (value === null ||
- value.match(/^\d/)) { // IP address starts with \d
- f.queryDelay = 9999999999; // hack: disable with long delay
- } else {
- f.queryDelay = 10;
- }
- };
-
var columns = [];
if (!me.ref_type) {
@@ -109,7 +100,9 @@ Ext.define('PVE.form.IPRefSelector', {
},
});
- me.on('change', disable_query_for_ips);
+ me.on('beforequery', function(queryPlan) {
+ return !(queryPlan.query === null || queryPlan.query.match(/^\d/));
+ });
me.callParent();
},
--
2.39.2
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs
2024-01-16 14:30 [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs Stefan Hanreich
2024-01-16 14:30 ` [pve-devel] [PATCH pve-manager v2 2/2] firewall: properly detect changes when ip / cidr is used in rule Stefan Hanreich
@ 2024-01-16 14:52 ` Mira Limbeck
2024-02-14 11:39 ` Filip Schauer
` (2 subsequent siblings)
4 siblings, 0 replies; 7+ messages in thread
From: Mira Limbeck @ 2024-01-16 14:52 UTC (permalink / raw)
To: pve-devel
On 1/16/24 15:30, Stefan Hanreich wrote:
> fall back to using v.ref as value when we do not have an alias or ipset
> since scope and name are not set for ips / cidrs
>
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
>
> Changes from v1:
> * Added fix for an additional bug causing changes to IPs not being
> picked up by the input panel
>
> www/manager6/form/IPRefSelector.js | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/www/manager6/form/IPRefSelector.js b/www/manager6/form/IPRefSelector.js
> index b50ac1e10..7e5eea63a 100644
> --- a/www/manager6/form/IPRefSelector.js
> +++ b/www/manager6/form/IPRefSelector.js
> @@ -37,8 +37,10 @@ Ext.define('PVE.form.IPRefSelector', {
> calculate: function(v) {
> if (v.type === 'alias') {
> return `${v.scope}/${v.name}`;
> - } else {
> + } else if (v.type === 'ipset') {
> return `+${v.scope}/${v.name}`;
> + } else {
> + return v.ref;
> }
> },
> },
lgtm, consider this:
Reviewed-by: Mira Limbeck <m.limbeck@proxmox.com>
Tested-by: Mira Limbeck <m.limbeck@proxmox.com>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [pve-devel] [PATCH pve-manager v2 2/2] firewall: properly detect changes when ip / cidr is used in rule
2024-01-16 14:30 ` [pve-devel] [PATCH pve-manager v2 2/2] firewall: properly detect changes when ip / cidr is used in rule Stefan Hanreich
@ 2024-01-16 14:57 ` Mira Limbeck
0 siblings, 0 replies; 7+ messages in thread
From: Mira Limbeck @ 2024-01-16 14:57 UTC (permalink / raw)
To: pve-devel
On 1/16/24 15:30, Stefan Hanreich wrote:
> With the current implementation using queryDelay, this means that the
> change event for the input never completes. This in turn leads to
> the input panel never changing its dirty status. By using the
> beforequery event we can simply cancel the query without resorting to
> the queryDelay hack.
>
> Reported-By: Mira Limbeck <m.limbeck@proxmox.com>
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
> www/manager6/form/IPRefSelector.js | 13 +++----------
> 1 file changed, 3 insertions(+), 10 deletions(-)
>
> diff --git a/www/manager6/form/IPRefSelector.js b/www/manager6/form/IPRefSelector.js
> index 7e5eea63a..d41cde5f5 100644
> --- a/www/manager6/form/IPRefSelector.js
> +++ b/www/manager6/form/IPRefSelector.js
> @@ -56,15 +56,6 @@ Ext.define('PVE.form.IPRefSelector', {
> },
> });
>
> - var disable_query_for_ips = function(f, value) {
> - if (value === null ||
> - value.match(/^\d/)) { // IP address starts with \d
> - f.queryDelay = 9999999999; // hack: disable with long delay
> - } else {
> - f.queryDelay = 10;
> - }
> - };
> -
> var columns = [];
>
> if (!me.ref_type) {
> @@ -109,7 +100,9 @@ Ext.define('PVE.form.IPRefSelector', {
> },
> });
>
> - me.on('change', disable_query_for_ips);
> + me.on('beforequery', function(queryPlan) {
> + return !(queryPlan.query === null || queryPlan.query.match(/^\d/));
> + });
>
> me.callParent();
> },
Tested this with ~900 ipsets and ~1000 aliases.
Did not notice any worse delay or issues with this patch applied.
Tested-by: Mira Limbeck <m.limbeck@proxmox.com>
Reviewed-by: Mira Limbeck <m.limbeck@proxmox.com>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs
2024-01-16 14:30 [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs Stefan Hanreich
2024-01-16 14:30 ` [pve-devel] [PATCH pve-manager v2 2/2] firewall: properly detect changes when ip / cidr is used in rule Stefan Hanreich
2024-01-16 14:52 ` [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs Mira Limbeck
@ 2024-02-14 11:39 ` Filip Schauer
2024-04-12 8:34 ` Stefan Hanreich
2024-04-12 12:21 ` [pve-devel] applied-series: " Fabian Grünbichler
4 siblings, 0 replies; 7+ messages in thread
From: Filip Schauer @ 2024-02-14 11:39 UTC (permalink / raw)
To: pve-devel
Tested with ipset, alias and direct IPv4 addresses as source and
destination. It all works for me.
Tested-by: Filip Schauer <f.schauer@proxmox.com>
On 16/01/2024 15:30, Stefan Hanreich wrote:
> fall back to using v.ref as value when we do not have an alias or ipset
> since scope and name are not set for ips / cidrs
>
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
>
> Changes from v1:
> * Added fix for an additional bug causing changes to IPs not being
> picked up by the input panel
>
> www/manager6/form/IPRefSelector.js | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/www/manager6/form/IPRefSelector.js b/www/manager6/form/IPRefSelector.js
> index b50ac1e10..7e5eea63a 100644
> --- a/www/manager6/form/IPRefSelector.js
> +++ b/www/manager6/form/IPRefSelector.js
> @@ -37,8 +37,10 @@ Ext.define('PVE.form.IPRefSelector', {
> calculate: function(v) {
> if (v.type === 'alias') {
> return `${v.scope}/${v.name}`;
> - } else {
> + } else if (v.type === 'ipset') {
> return `+${v.scope}/${v.name}`;
> + } else {
> + return v.ref;
> }
> },
> },
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs
2024-01-16 14:30 [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs Stefan Hanreich
` (2 preceding siblings ...)
2024-02-14 11:39 ` Filip Schauer
@ 2024-04-12 8:34 ` Stefan Hanreich
2024-04-12 12:21 ` [pve-devel] applied-series: " Fabian Grünbichler
4 siblings, 0 replies; 7+ messages in thread
From: Stefan Hanreich @ 2024-04-12 8:34 UTC (permalink / raw)
To: pve-devel
ping!
would be nice to have this included, since currently editing FW rules is
a bit painful.
On 1/16/24 15:30, Stefan Hanreich wrote:
> fall back to using v.ref as value when we do not have an alias or ipset
> since scope and name are not set for ips / cidrs
>
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
>
> Changes from v1:
> * Added fix for an additional bug causing changes to IPs not being
> picked up by the input panel
>
> www/manager6/form/IPRefSelector.js | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/www/manager6/form/IPRefSelector.js b/www/manager6/form/IPRefSelector.js
> index b50ac1e10..7e5eea63a 100644
> --- a/www/manager6/form/IPRefSelector.js
> +++ b/www/manager6/form/IPRefSelector.js
> @@ -37,8 +37,10 @@ Ext.define('PVE.form.IPRefSelector', {
> calculate: function(v) {
> if (v.type === 'alias') {
> return `${v.scope}/${v.name}`;
> - } else {
> + } else if (v.type === 'ipset') {
> return `+${v.scope}/${v.name}`;
> + } else {
> + return v.ref;
> }
> },
> },
^ permalink raw reply [flat|nested] 7+ messages in thread
* [pve-devel] applied-series: [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs
2024-01-16 14:30 [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs Stefan Hanreich
` (3 preceding siblings ...)
2024-04-12 8:34 ` Stefan Hanreich
@ 2024-04-12 12:21 ` Fabian Grünbichler
4 siblings, 0 replies; 7+ messages in thread
From: Fabian Grünbichler @ 2024-04-12 12:21 UTC (permalink / raw)
To: Proxmox VE development discussion
with T-B/R-B as provided, thanks!
On January 16, 2024 3:30 pm, Stefan Hanreich wrote:
> fall back to using v.ref as value when we do not have an alias or ipset
> since scope and name are not set for ips / cidrs
>
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
>
> Changes from v1:
> * Added fix for an additional bug causing changes to IPs not being
> picked up by the input panel
>
> www/manager6/form/IPRefSelector.js | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/www/manager6/form/IPRefSelector.js b/www/manager6/form/IPRefSelector.js
> index b50ac1e10..7e5eea63a 100644
> --- a/www/manager6/form/IPRefSelector.js
> +++ b/www/manager6/form/IPRefSelector.js
> @@ -37,8 +37,10 @@ Ext.define('PVE.form.IPRefSelector', {
> calculate: function(v) {
> if (v.type === 'alias') {
> return `${v.scope}/${v.name}`;
> - } else {
> + } else if (v.type === 'ipset') {
> return `+${v.scope}/${v.name}`;
> + } else {
> + return v.ref;
> }
> },
> },
> --
> 2.39.2
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
>
>
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2024-04-12 12:21 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-01-16 14:30 [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs Stefan Hanreich
2024-01-16 14:30 ` [pve-devel] [PATCH pve-manager v2 2/2] firewall: properly detect changes when ip / cidr is used in rule Stefan Hanreich
2024-01-16 14:57 ` Mira Limbeck
2024-01-16 14:52 ` [pve-devel] [PATCH pve-manager v2 1/2] fix #4963: firewall: fix editing firewall rules using ips / cidrs Mira Limbeck
2024-02-14 11:39 ` Filip Schauer
2024-04-12 8:34 ` Stefan Hanreich
2024-04-12 12:21 ` [pve-devel] applied-series: " Fabian Grünbichler
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox