[pve-devel] [PATCH firewall 7/7] Display corosync rule info on localnet call
Stefan Reiter
s.reiter at proxmox.com
Mon Jul 22 15:21:55 CEST 2019
If no corosync.conf exists (i.e. a standalone node), the output is left
the same.
(cherry picked from commit 5305cfad594d8aada080a6a877241ca0493c1161)
Signed-off-by: Stefan Reiter <s.reiter at proxmox.com>
---
src/PVE/Service/pve_firewall.pm | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/src/PVE/Service/pve_firewall.pm b/src/PVE/Service/pve_firewall.pm
index d8e42ec..3c1254b 100755
--- a/src/PVE/Service/pve_firewall.pm
+++ b/src/PVE/Service/pve_firewall.pm
@@ -10,6 +10,7 @@ use PVE::Tools qw(dir_glob_foreach file_read_firstline);
use PVE::ProcFSTools;
use PVE::INotify;
use PVE::Cluster qw(cfs_read_file);
+use PVE::Corosync;
use PVE::RPCEnvironment;
use PVE::CLIHandler;
use PVE::Firewall;
@@ -264,6 +265,28 @@ __PACKAGE__->register_method ({
print "using detected local_network: $localnet\n";
}
+ if (PVE::Corosync::check_conf_exists(1)) {
+ my $corosync_conf = PVE::Cluster::cfs_read_file("corosync.conf");
+ my $corosync_node_found = 0;
+
+ print "\naccepting corosync traffic from/to:\n";
+
+ PVE::Corosync::for_all_corosync_addresses($corosync_conf, undef, sub {
+ my ($node_name, $node_ip, $node_ipversion, $key) = @_;
+
+ if (!$corosync_node_found) {
+ $corosync_node_found = 1;
+ }
+
+ $key =~ m/(?:ring|link)(\d+)_addr/;
+ print " - $node_name: $node_ip (link: $1)\n";
+ });
+
+ if (!$corosync_node_found) {
+ print " - no nodes found\n";
+ }
+ }
+
return undef;
}});
--
2.20.1
More information about the pve-devel
mailing list