[pve-devel] [PATCH docs/proxmox-firewall v2 0/4] migrate proxmox-firewall to proxmox-log + introduce subcommands

Stefan Hanreich s.hanreich at proxmox.com
Thu Jul 24 17:09:22 CEST 2025 

ping

On 5/27/25 15:57, Stefan Hanreich wrote:
> Since we now have proxmox-log as the standard crate for logging purposes,
> migrate proxmox-firewall to the new logging crate.
> 
> The old logging setup was also tied with the debugging mechanisms described in
> the documentation. I used that opportunity to implement specific subcommands for
> debugging proxmox-firewall, instead of just relying solely on the log output.
> 
> The patch for changing to proxmox-log can be applied independently, but this
> breaks the commands included in the documentation. That's why I decided to send
> them as part of one patch series, because the change to proxmox-log prompted me
> to implement the subcommands for debugging in the first place.
> 
> I've also looked at implementing the status subcommand, but this would currently
> require a bit more work. The JSON output generated by proxmox-firewall and the
> JSON output from nftables differ, because nftables does some rule rewriting /
> optimization under the hood, so they're not 1:1 comparable. I'll look into
> adjusting the proxmox-firewall to emitting the already optimized JSON output, so
> we can compare the nft output with the output generated by proxmox-firewall.
> 
> Changes from v1:
> * print USAGE on wrong subcommands
> * add localnet subcommand
> * rustfmt
> 
> proxmox-firewall:
> 
> Stefan Hanreich (3):
>   firewall: use proxmox_log
>   proxmox-firewall: add subcommands
>   proxmox-firewall: add localnet subcommand
> 
>  debian/control                               |   4 +-
>  debian/proxmox-firewall.service              |   4 +-
>  proxmox-firewall/Cargo.toml                  |   5 +-
>  proxmox-firewall/src/bin/proxmox-firewall.rs | 135 +++++++++++++++----
>  proxmox-firewall/src/config.rs               |   2 +
>  proxmox-firewall/src/firewall.rs             |   2 +
>  proxmox-firewall/src/object.rs               |   2 +
>  proxmox-firewall/src/rule.rs                 |   2 +
>  8 files changed, 120 insertions(+), 36 deletions(-)
> 
> 
> pve-docs:
> 
> Stefan Hanreich (1):
>   firewall: update 'useful commands' section with new subcommands
> 
>  pve-firewall.adoc | 38 ++++++++++++++++++++++++--------------
>  1 file changed, 24 insertions(+), 14 deletions(-)
> 
> 
> Summary over all repositories:
>   9 files changed, 144 insertions(+), 50 deletions(-)
>

More information about the pve-devel mailing list