]>
git.proxmox.com Git - pve-manager.git/blob - www/manager6/grid/FirewallOptions.js
1 Ext
.define('PVE.FirewallOptions', {
2 extend
: 'Proxmox.grid.ObjectGrid',
3 alias
: ['widget.pveFirewallOptions'],
5 fwtype
: undefined, // 'dc', 'node' or 'vm'
9 initComponent: function() {
13 throw "missing base_url configuration";
16 if (me
.fwtype
=== 'dc' || me
.fwtype
=== 'node' || me
.fwtype
=== 'vm') {
17 if (me
.fwtype
=== 'node') {
21 throw "unknown firewall option type";
24 let caps
= Ext
.state
.Manager
.get('GuiCap');
25 let canEdit
= caps
.vms
['VM.Config.Network'] || caps
.dc
['Sys.Modify'] || caps
.nodes
['Sys.Modify'];
29 var add_boolean_row = function(name
, text
, defaultValue
) {
30 me
.add_boolean_row(name
, text
, { defaultValue
: defaultValue
});
32 var add_integer_row = function(name
, text
, minValue
, labelWidth
) {
33 me
.add_integer_row(name
, text
, {
36 labelWidth
: labelWidth
,
37 renderer: function(value
) {
38 if (value
=== undefined) {
39 return Proxmox
.Utils
.defaultText
;
47 var add_log_row = function(name
, labelWidth
) {
51 defaultValue
: 'nolog',
53 xtype
: 'proxmoxWindowEdit',
55 fieldDefaults
: { labelWidth
: labelWidth
|| 100 },
57 xtype
: 'pveFirewallLogLevels',
65 if (me
.fwtype
=== 'node') {
69 header
: gettext('Firewall'),
70 renderer
: Proxmox
.Utils
.format_boolean
,
72 xtype
: 'pveFirewallEnableEdit',
76 add_boolean_row('nosmurfs', gettext('SMURFS filter'), 1);
77 add_boolean_row('tcpflags', gettext('TCP flags filter'), 0);
78 add_boolean_row('ndp', 'NDP', 1);
79 add_integer_row('nf_conntrack_max', 'nf_conntrack_max', 32768, 120);
80 add_integer_row('nf_conntrack_tcp_timeout_established',
81 'nf_conntrack_tcp_timeout_established', 7875, 250);
82 add_log_row('log_level_in');
83 add_log_row('log_level_out');
84 add_log_row('tcp_flags_log_level', 120);
85 add_log_row('smurf_log_level');
86 } else if (me
.fwtype
=== 'vm') {
90 header
: gettext('Firewall'),
91 renderer
: Proxmox
.Utils
.format_boolean
,
93 xtype
: 'pveFirewallEnableEdit',
97 add_boolean_row('dhcp', 'DHCP', 1);
98 add_boolean_row('ndp', 'NDP', 1);
99 add_boolean_row('radv', gettext('Router Advertisement'), 0);
100 add_boolean_row('macfilter', gettext('MAC filter'), 1);
101 add_boolean_row('ipfilter', gettext('IP filter'), 0);
102 add_log_row('log_level_in');
103 add_log_row('log_level_out');
104 } else if (me
.fwtype
=== 'dc') {
105 add_boolean_row('enable', gettext('Firewall'), 0);
106 add_boolean_row('ebtables', 'ebtables', 1);
107 me
.rows
.log_ratelimit
= {
108 header
: gettext('Log rate limit'),
110 defaultValue
: gettext('Default') + ' (enable=1,rate1/second,burst=5)',
112 xtype
: 'pveFirewallLograteEdit',
113 defaultValue
: 'enable=1',
118 if (me
.fwtype
=== 'dc' || me
.fwtype
=== 'vm') {
119 me
.rows
.policy_in
= {
120 header
: gettext('Input Policy'),
122 defaultValue
: 'DROP',
124 xtype
: 'proxmoxWindowEdit',
125 subject
: gettext('Input Policy'),
127 xtype
: 'pveFirewallPolicySelector',
130 fieldLabel
: gettext('Input Policy'),
135 me
.rows
.policy_out
= {
136 header
: gettext('Output Policy'),
138 defaultValue
: 'ACCEPT',
140 xtype
: 'proxmoxWindowEdit',
141 subject
: gettext('Output Policy'),
143 xtype
: 'pveFirewallPolicySelector',
146 fieldLabel
: gettext('Output Policy'),
152 var edit_btn
= new Ext
.Button({
153 text
: gettext('Edit'),
155 handler: function() { me
.run_editor(); },
158 var set_button_status = function() {
159 var sm
= me
.getSelectionModel();
160 var rec
= sm
.getSelection()[0];
166 var rowdef
= me
.rows
[rec
.data
.key
];
168 edit_btn
.setDisabled(!rowdef
.editor
);
173 url
: "/api2/json" + me
.base_url
,
176 url
: '/api2/extjs/' + me
.base_url
,
179 itemdblclick
: () => { if (canEdit
) { me
.run_editor(); } },
180 selectionchange
: set_button_status
,
186 me
.on('activate', me
.rstore
.startUpdate
);
187 me
.on('destroy', me
.rstore
.stopUpdate
);
188 me
.on('deactivate', me
.rstore
.stopUpdate
);
193 Ext
.define('PVE.FirewallLogLevels', {
194 extend
: 'Proxmox.form.KVComboBox',
195 alias
: ['widget.pveFirewallLogLevels'],
198 fieldLabel
: gettext('Log level'),
200 comboItems
: [['nolog', 'nolog'], ['emerg', 'emerg'], ['alert', 'alert'],
201 ['crit', 'crit'], ['err', 'err'], ['warning', 'warning'],
202 ['notice', 'notice'], ['info', 'info'], ['debug', 'debug']],