]> git.proxmox.com Git - pve-firewall.git/blobdiff - src/PVE/API2/Firewall/Rules.pm
projects / pve-firewall.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix: #2123 Logging of user defined firewall rules
[pve-firewall.git] / src / PVE / API2 / Firewall / Rules.pm
diff --git a/src/PVE/API2/Firewall/Rules.pm b/src/PVE/API2/Firewall/Rules.pm
index 400cd7cdd15d30b6af3c6b03cc82a361fb18f636..f0bc562a9037cf7057c919355659b1f7c55cecd1 100644 (file)
--- a/src/PVE/API2/Firewall/Rules.pm
+++ b/src/PVE/API2/Firewall/Rules.pm
@@ -122,9 +122,58 @@ sub register_get_rule {
        returns => {
            type => "object",
            properties => {
+               action => {
+                   type => 'string',
+               },
+               comment => {
+                   type => 'string',
+                   optional => 1,
+               },
+               dest => {
+                   type => 'string',
+                   optional => 1,
+               },
+               dport => {
+                   type => 'string',
+                   optional => 1,
+               },
+               enable => {
+                   type => 'integer',
+                   optional => 1,
+               },
+               log => PVE::Firewall::get_standard_option('pve-fw-loglevel', {
+                   description => 'Log level for firewall rule',
+               }),
+               iface => {
+                   type => 'string',
+                   optional => 1,
+               },
+               ipversion => {
+                   type => 'integer',
+                   optional => 1,
+               },
+               macro => {
+                   type => 'string',
+                   optional => 1,
+               },
                pos => {
                    type => 'integer',
-               }
+               },
+               proto => {
+                   type => 'string',
+                   optional => 1,
+               },
+               source => {
+                   type => 'string',
+                   optional => 1,
+               },
+               sport => {
+                   type => 'string',
+                   optional => 1,
+               },
+               type => {
+                   type => 'string',
+               },
            },
        },
        code => sub {
@@ -359,6 +408,9 @@ __PACKAGE__->register_method({
     method => 'DELETE',
     description => "Delete security group.",
     protected => 1,
+    permissions => {
+       check => ['perm', '/', [ 'Sys.Modify' ]],
+    },
     parameters => {
        additionalProperties => 0,
        properties => { 
Firewall test scripts