[pve-devel] [PATCH v4 manager] 1145 Warn if datacenter firewall is disabled
Christian Ebner
c.ebner at proxmox.com
Mon Mar 4 10:29:49 CET 2019
This warns the user that the datacenter firewall is disabled when editing the
host or the VM/CT firewall status.
Signed-off-by: Christian Ebner <c.ebner at proxmox.com>
---
Version 4:
* Code refactored to be more declarative as suggested
* Removed warning about pve-firewall service not running
* Fixed logic of checkbox being checked/unchecked
www/manager6/Makefile | 1 +
www/manager6/grid/FirewallEnableEdit.js | 52 +++++++++++++++++++++++++++++++++
www/manager6/grid/FirewallOptions.js | 25 ++++++++++++++--
3 files changed, 75 insertions(+), 3 deletions(-)
create mode 100644 www/manager6/grid/FirewallEnableEdit.js
diff --git a/www/manager6/Makefile b/www/manager6/Makefile
index e75f0de6..951242d4 100644
--- a/www/manager6/Makefile
+++ b/www/manager6/Makefile
@@ -89,6 +89,7 @@ JSSRC= \
grid/FirewallRules.js \
grid/FirewallAliases.js \
grid/FirewallOptions.js \
+ grid/FirewallEnableEdit.js \
tree/ResourceTree.js \
panel/IPSet.js \
panel/ConfigPanel.js \
diff --git a/www/manager6/grid/FirewallEnableEdit.js b/www/manager6/grid/FirewallEnableEdit.js
new file mode 100644
index 00000000..ff73f948
--- /dev/null
+++ b/www/manager6/grid/FirewallEnableEdit.js
@@ -0,0 +1,52 @@
+Ext.define('PVE.FirewallEnableEdit', {
+ extend: 'Proxmox.window.Edit',
+ alias: ['widget.pveFirewallEnableEdit'],
+
+ subject: gettext('Firewall'),
+ fieldDefaults: {
+ labelWidth: 100
+ },
+
+ items: [
+ {
+ xtype: 'proxmoxcheckbox',
+ name: 'enable',
+ itemId: 'enablecheckbox',
+ uncheckedValue: 0,
+ defaultValue: 0,
+ checked: false,
+ deleteDefaultValue: false,
+ labelWidth: 120,
+ fieldLabel: gettext('Firewall')
+ },
+ {
+ xtype: 'displayfield',
+ name: 'warning',
+ itemId: 'warning',
+ userCls: 'pve-hint',
+ value: 'Warning! Firewall disabled at datacenter level!',
+ hidden: true
+ }
+ ],
+
+ beforeShow: function() {
+ var me = this;
+
+ var checkbox = me.down('#enablecheckbox');
+ checkbox.defaultValue = me.defaultValue;
+ checkbox.checked = me.defaultValue ? true : false;
+
+ Proxmox.Utils.API2Request({
+ url: '/api2/extjs/cluster/firewall/options',
+ method: 'GET',
+ failure: function(response, opts) {
+ Ext.Msg.alert(gettext('Error'), response.htmlStatus);
+ },
+ success: function(response, opts) {
+ if (!response.result.data.enable) {
+ me.down('#warning').setVisible(true);
+ }
+ }
+ });
+ }
+});
diff --git a/www/manager6/grid/FirewallOptions.js b/www/manager6/grid/FirewallOptions.js
index cddbdbbf..bb83742f 100644
--- a/www/manager6/grid/FirewallOptions.js
+++ b/www/manager6/grid/FirewallOptions.js
@@ -64,9 +64,18 @@ Ext.define('PVE.FirewallOptions', {
};
};
-
if (me.fwtype === 'node') {
- add_boolean_row('enable', gettext('Firewall'), 1);
+ me.rows.enable = {
+ required: true,
+ defaultValue: 1,
+ header: gettext('Firewall'),
+ renderer: Proxmox.Utils.format_boolean,
+ editor: {
+ xtype: 'pveFirewallEnableEdit',
+ fwtype: me.fwtype,
+ defaultValue: 1
+ }
+ };
add_boolean_row('nosmurfs', gettext('SMURFS filter'), 1);
add_boolean_row('tcpflags', gettext('TCP flags filter'), 0);
add_boolean_row('ndp', 'NDP', 1);
@@ -78,7 +87,17 @@ Ext.define('PVE.FirewallOptions', {
add_log_row('tcp_flags_log_level', 120);
add_log_row('smurf_log_level');
} else if (me.fwtype === 'vm') {
- add_boolean_row('enable', gettext('Firewall'), 0);
+ me.rows.enable = {
+ required: true,
+ defaultValue: 0,
+ header: gettext('Firewall'),
+ renderer: Proxmox.Utils.format_boolean,
+ editor: {
+ xtype: 'pveFirewallEnableEdit',
+ fwtype: me.fwtype,
+ defaultValue: 0
+ }
+ };
add_boolean_row('dhcp', 'DHCP', 1);
add_boolean_row('ndp', 'NDP', 1);
add_boolean_row('radv', gettext('Router Advertisement'), 0);
--
2.11.0
More information about the pve-devel
mailing list