]> git.proxmox.com Git - pve-manager.git/blame - www/manager6/grid/FirewallOptions.js
firewall: add ipfilter option
[pve-manager.git] / www / manager6 / grid / FirewallOptions.js
CommitLineData
307a2fb8
DM
1Ext.define('PVE.FirewallOptions', {
2 extend: 'PVE.grid.ObjectGrid',
3 alias: ['widget.pveFirewallOptions'],
4
5 fwtype: undefined, // 'dc', 'node' or 'vm'
6
7 base_url: undefined,
8
9 initComponent : function() {
10 /*jslint confusion: true */
11
12 var me = this;
13
14 if (!me.base_url) {
15 throw "missing base_url configuration";
16 }
17
18 if (me.fwtype === 'dc' || me.fwtype === 'node' || me.fwtype === 'vm') {
19 if (me.fwtype === 'node') {
20 me.cwidth1 = 250;
21 }
22 } else {
23 throw "unknown firewall option type";
24 }
25
26 var rows = {};
27
28 var add_boolean_row = function(name, text, defaultValue, labelWidth) {
29 rows[name] = {
30 header: text,
31 required: true,
32 defaultValue: defaultValue || 0,
33 renderer: PVE.Utils.format_boolean,
34 editor: {
35 xtype: 'pveWindowEdit',
36 subject: text,
37 fieldDefaults: { labelWidth: labelWidth || 100 },
38 items: {
39 xtype: 'pvecheckbox',
40 defaultValue: defaultValue || 0,
41 checked: defaultValue ? true : false,
42 name: name,
43 uncheckedValue: 0,
44 fieldLabel: text
45 }
46 }
47 };
48 };
49
50 var add_integer_row = function(name, text, labelWidth, minValue) {
51 rows[name] = {
52 header: text,
53 required: true,
54 renderer: function(value) {
55 return value || PVE.Utils.defaultText;
56 },
57 editor: {
58 xtype: 'pveWindowEdit',
59 subject: text,
60 fieldDefaults: { labelWidth: labelWidth || 100 },
61 items: {
62 xtype: 'numberfield',
63 name: name,
64 minValue: minValue,
65 decimalPrecision: 0,
66 fieldLabel: text,
67 emptyText: gettext('Default'),
68 getSubmitData: function() {
69 var me = this;
70 var val = me.getSubmitValue();
71 if (val !== null && val !== '') {
72 var data = {};
73 data[name] = val;
74 return data;
75 } else {
76 return { 'delete' : name };
77 }
78 }
79 }
80 }
81 };
82 };
83
84 var add_log_row = function(name, labelWidth) {
85 rows[name] = {
86 header: name,
87 required: true,
88 defaultValue: 'nolog',
89 editor: {
90 xtype: 'pveWindowEdit',
91 subject: name,
92 fieldDefaults: { labelWidth: labelWidth || 100 },
93 items: {
94 xtype: 'pveKVComboBox',
95 name: name,
96 fieldLabel: name,
734b3795 97 comboItems: [['nolog', 'nolog'], ['info', 'info'], ['err', 'err'],
307a2fb8
DM
98 ['warning', 'warning'], ['crit', 'crit'], ['alert', 'alert'],
99 ['emerg', 'emerg'], ['debug', 'debug']]
100 }
101 }
102 };
103 };
104
105
106 if (me.fwtype === 'node') {
107 add_boolean_row('enable', gettext('Enable Firewall'), 1);
108 add_boolean_row('nosmurfs', gettext('SMURFS filter'), 1);
109 add_boolean_row('tcpflags', gettext('TCP flags filter'), 0);
bda8855a 110 add_boolean_row('ndp', gettext('Enable NDP'), 1);
307a2fb8
DM
111 add_integer_row('nf_conntrack_max', 'nf_conntrack_max', 120, 32768);
112 add_integer_row('nf_conntrack_tcp_timeout_established',
113 'nf_conntrack_tcp_timeout_established', 250, 7875);
114 add_log_row('log_level_in');
115 add_log_row('log_level_out');
116 add_log_row('tcp_flags_log_level', 120);
117 add_log_row('smurf_log_level');
118 } else if (me.fwtype === 'vm') {
119 add_boolean_row('enable', gettext('Enable Firewall'), 0);
120 add_boolean_row('dhcp', gettext('Enable DHCP'), 0);
bda8855a 121 add_boolean_row('ndp', gettext('Enable NDP'), 1);
41380b4d 122 add_boolean_row('radv', gettext('Allow Router Advertisement'), 0);
307a2fb8 123 add_boolean_row('macfilter', gettext('MAC filter'), 1);
9eef71f3 124 add_boolean_row('ipfilter', gettext('IP filter'), 0);
307a2fb8
DM
125 add_log_row('log_level_in');
126 add_log_row('log_level_out');
127 } else if (me.fwtype === 'dc') {
128 add_boolean_row('enable', gettext('Enable Firewall'), 0);
129 }
130
131 if (me.fwtype === 'dc' || me.fwtype === 'vm') {
132 rows.policy_in = {
133 header: gettext('Input Policy'),
134 required: true,
135 defaultValue: 'DROP',
136 editor: {
137 xtype: 'pveWindowEdit',
138 subject: gettext('Input Policy'),
139 items: {
140 xtype: 'pveFirewallPolicySelector',
141 name: 'policy_in',
142 value: 'DROP',
143 fieldLabel: gettext('Input Policy')
144 }
145 }
146 };
147
148 rows.policy_out = {
149 header: gettext('Output Policy'),
150 required: true,
151 defaultValue: 'ACCEPT',
152 editor: {
153 xtype: 'pveWindowEdit',
154 subject: gettext('Output Policy'),
155 items: {
156 xtype: 'pveFirewallPolicySelector',
157 name: 'policy_out',
158 value: 'ACCEPT',
159 fieldLabel: gettext('Output Policy')
160 }
161 }
162 };
163 }
164
165 var reload = function() {
166 me.rstore.load();
167 };
168
169 var run_editor = function() {
170 var sm = me.getSelectionModel();
171 var rec = sm.getSelection()[0];
172 if (!rec) {
173 return;
174 }
175
176 var rowdef = rows[rec.data.key];
177 if (!rowdef.editor) {
178 return;
179 }
180
181 var win;
182 if (Ext.isString(rowdef.editor)) {
183 win = Ext.create(rowdef.editor, {
184 pveSelNode: me.pveSelNode,
185 confid: rec.data.key,
186 url: '/api2/extjs' + me.base_url
187 });
188 } else {
189 var config = Ext.apply({
190 pveSelNode: me.pveSelNode,
191 confid: rec.data.key,
192 url: '/api2/extjs' + me.base_url
193 }, rowdef.editor);
194 win = Ext.createWidget(rowdef.editor.xtype, config);
195 win.load();
196 }
197
198 win.show();
199 win.on('destroy', reload);
200 };
201
202 var edit_btn = new Ext.Button({
203 text: gettext('Edit'),
204 disabled: true,
205 handler: run_editor
206 });
207
208 var set_button_status = function() {
209 var sm = me.getSelectionModel();
210 var rec = sm.getSelection()[0];
211
212 if (!rec) {
213 edit_btn.disable();
214 return;
215 }
216 var rowdef = rows[rec.data.key];
217 edit_btn.setDisabled(!rowdef.editor);
218 };
219
bc5d0cf8 220 Ext.apply(me, {
307a2fb8
DM
221 url: "/api2/json" + me.base_url,
222 cwidth1: 150,
223 tbar: [ edit_btn ],
224 rows: rows,
225 listeners: {
226 itemdblclick: run_editor,
227 selectionchange: set_button_status
228 }
229 });
230
231 me.callParent();
232
734b3795 233 me.on('activate', reload);
307a2fb8
DM
234 }
235});