[pve-devel] [PATCH v4 manager] 1145 Warn if datacenter firewall is disabled

Christian Ebner c.ebner at proxmox.com
Mon Mar 4 10:29:49 CET 2019


This warns the user that the datacenter firewall is disabled when editing the
host or the VM/CT firewall status.

Signed-off-by: Christian Ebner <c.ebner at proxmox.com>
---

Version 4:
    * Code refactored to be more declarative as suggested
    * Removed warning about pve-firewall service not running
    * Fixed logic of checkbox being checked/unchecked

 www/manager6/Makefile                   |  1 +
 www/manager6/grid/FirewallEnableEdit.js | 52 +++++++++++++++++++++++++++++++++
 www/manager6/grid/FirewallOptions.js    | 25 ++++++++++++++--
 3 files changed, 75 insertions(+), 3 deletions(-)
 create mode 100644 www/manager6/grid/FirewallEnableEdit.js

diff --git a/www/manager6/Makefile b/www/manager6/Makefile
index e75f0de6..951242d4 100644
--- a/www/manager6/Makefile
+++ b/www/manager6/Makefile
@@ -89,6 +89,7 @@ JSSRC= 				                 	\
 	grid/FirewallRules.js				\
 	grid/FirewallAliases.js				\
 	grid/FirewallOptions.js				\
+	grid/FirewallEnableEdit.js		    	\
 	tree/ResourceTree.js				\
 	panel/IPSet.js					\
 	panel/ConfigPanel.js				\
diff --git a/www/manager6/grid/FirewallEnableEdit.js b/www/manager6/grid/FirewallEnableEdit.js
new file mode 100644
index 00000000..ff73f948
--- /dev/null
+++ b/www/manager6/grid/FirewallEnableEdit.js
@@ -0,0 +1,52 @@
+Ext.define('PVE.FirewallEnableEdit', {
+    extend: 'Proxmox.window.Edit',
+    alias: ['widget.pveFirewallEnableEdit'],
+
+    subject: gettext('Firewall'),
+    fieldDefaults: {
+	labelWidth: 100
+    },
+
+    items: [
+	{
+	    xtype: 'proxmoxcheckbox',
+	    name: 'enable',
+	    itemId: 'enablecheckbox',
+	    uncheckedValue: 0,
+	    defaultValue: 0,
+	    checked: false,
+	    deleteDefaultValue: false,
+	    labelWidth: 120,
+	    fieldLabel: gettext('Firewall')
+	},
+	{
+	    xtype: 'displayfield',
+	    name: 'warning',
+	    itemId: 'warning',
+	    userCls: 'pve-hint',
+	    value: 'Warning! Firewall disabled at datacenter level!',
+	    hidden: true
+	}
+    ],
+
+    beforeShow: function() {
+	var me = this;
+
+	var checkbox = me.down('#enablecheckbox');
+	checkbox.defaultValue = me.defaultValue;
+	checkbox.checked = me.defaultValue ? true : false;
+
+	Proxmox.Utils.API2Request({
+	    url: '/api2/extjs/cluster/firewall/options',
+	    method: 'GET',
+	    failure: function(response, opts) {
+		Ext.Msg.alert(gettext('Error'), response.htmlStatus);
+	    },
+	    success: function(response, opts) {
+		if (!response.result.data.enable) {
+		    me.down('#warning').setVisible(true);
+		}
+	    }
+	});
+    }
+});
diff --git a/www/manager6/grid/FirewallOptions.js b/www/manager6/grid/FirewallOptions.js
index cddbdbbf..bb83742f 100644
--- a/www/manager6/grid/FirewallOptions.js
+++ b/www/manager6/grid/FirewallOptions.js
@@ -64,9 +64,18 @@ Ext.define('PVE.FirewallOptions', {
 	    };
 	};
 
-
 	if (me.fwtype === 'node') {
-	    add_boolean_row('enable', gettext('Firewall'), 1);
+	    me.rows.enable = {
+		required: true,
+		defaultValue: 1,
+		header: gettext('Firewall'),
+		renderer: Proxmox.Utils.format_boolean,
+		editor: {
+		    xtype: 'pveFirewallEnableEdit',
+		    fwtype: me.fwtype,
+		    defaultValue: 1
+		}
+	    };
 	    add_boolean_row('nosmurfs', gettext('SMURFS filter'), 1);
 	    add_boolean_row('tcpflags', gettext('TCP flags filter'), 0);
 	    add_boolean_row('ndp', 'NDP', 1);
@@ -78,7 +87,17 @@ Ext.define('PVE.FirewallOptions', {
 	    add_log_row('tcp_flags_log_level', 120);
 	    add_log_row('smurf_log_level');
 	} else if (me.fwtype === 'vm') {
-	    add_boolean_row('enable', gettext('Firewall'), 0);
+	    me.rows.enable = {
+		required: true,
+		defaultValue: 0,
+		header: gettext('Firewall'),
+		renderer: Proxmox.Utils.format_boolean,
+		editor: {
+		    xtype: 'pveFirewallEnableEdit',
+		    fwtype: me.fwtype,
+		    defaultValue: 0
+		}
+	    };
 	    add_boolean_row('dhcp', 'DHCP', 1);
 	    add_boolean_row('ndp', 'NDP', 1);
 	    add_boolean_row('radv', gettext('Router Advertisement'), 0);
-- 
2.11.0




More information about the pve-devel mailing list