]>
Commit | Line | Data |
---|---|---|
307a2fb8 | 1 | Ext.define('PVE.FirewallOptions', { |
8ea2c870 | 2 | extend: 'Proxmox.grid.ObjectGrid', |
307a2fb8 DM |
3 | alias: ['widget.pveFirewallOptions'], |
4 | ||
5 | fwtype: undefined, // 'dc', 'node' or 'vm' | |
6 | ||
7 | base_url: undefined, | |
8 | ||
8058410f | 9 | initComponent: function() { |
307a2fb8 DM |
10 | var me = this; |
11 | ||
12 | if (!me.base_url) { | |
13 | throw "missing base_url configuration"; | |
14 | } | |
15 | ||
16 | if (me.fwtype === 'dc' || me.fwtype === 'node' || me.fwtype === 'vm') { | |
17 | if (me.fwtype === 'node') { | |
18 | me.cwidth1 = 250; | |
19 | } | |
20 | } else { | |
21 | throw "unknown firewall option type"; | |
22 | } | |
23 | ||
2e37e779 AD |
24 | let caps = Ext.state.Manager.get('GuiCap'); |
25 | ||
746ebf2a | 26 | me.rows = {}; |
307a2fb8 | 27 | |
746ebf2a TL |
28 | var add_boolean_row = function(name, text, defaultValue) { |
29 | me.add_boolean_row(name, text, { defaultValue: defaultValue }); | |
307a2fb8 | 30 | }; |
aab2a64d DC |
31 | var add_integer_row = function(name, text, minValue, labelWidth) { |
32 | me.add_integer_row(name, text, { | |
33 | minValue: minValue, | |
34 | deleteEmpty: true, | |
35 | labelWidth: labelWidth, | |
36 | renderer: function(value) { | |
37 | if (value === undefined) { | |
38 | return Proxmox.Utils.defaultText; | |
39 | } | |
40 | ||
41 | return value; | |
f6710aac | 42 | }, |
aab2a64d | 43 | }); |
307a2fb8 DM |
44 | }; |
45 | ||
46 | var add_log_row = function(name, labelWidth) { | |
746ebf2a | 47 | me.rows[name] = { |
307a2fb8 DM |
48 | header: name, |
49 | required: true, | |
50 | defaultValue: 'nolog', | |
51 | editor: { | |
9fccc702 | 52 | xtype: 'proxmoxWindowEdit', |
307a2fb8 DM |
53 | subject: name, |
54 | fieldDefaults: { labelWidth: labelWidth || 100 }, | |
55 | items: { | |
3c37fe48 | 56 | xtype: 'pveFirewallLogLevels', |
307a2fb8 | 57 | name: name, |
f6710aac TL |
58 | fieldLabel: name, |
59 | }, | |
60 | }, | |
307a2fb8 DM |
61 | }; |
62 | }; | |
63 | ||
307a2fb8 | 64 | if (me.fwtype === 'node') { |
75122e54 CE |
65 | me.rows.enable = { |
66 | required: true, | |
67 | defaultValue: 1, | |
68 | header: gettext('Firewall'), | |
69 | renderer: Proxmox.Utils.format_boolean, | |
70 | editor: { | |
71 | xtype: 'pveFirewallEnableEdit', | |
f6710aac TL |
72 | defaultValue: 1, |
73 | }, | |
75122e54 | 74 | }; |
307a2fb8 DM |
75 | add_boolean_row('nosmurfs', gettext('SMURFS filter'), 1); |
76 | add_boolean_row('tcpflags', gettext('TCP flags filter'), 0); | |
c4941d5b | 77 | add_boolean_row('ndp', 'NDP', 1); |
aab2a64d | 78 | add_integer_row('nf_conntrack_max', 'nf_conntrack_max', 32768, 120); |
746ebf2a | 79 | add_integer_row('nf_conntrack_tcp_timeout_established', |
aab2a64d | 80 | 'nf_conntrack_tcp_timeout_established', 7875, 250); |
307a2fb8 DM |
81 | add_log_row('log_level_in'); |
82 | add_log_row('log_level_out'); | |
83 | add_log_row('tcp_flags_log_level', 120); | |
84 | add_log_row('smurf_log_level'); | |
85 | } else if (me.fwtype === 'vm') { | |
75122e54 CE |
86 | me.rows.enable = { |
87 | required: true, | |
88 | defaultValue: 0, | |
89 | header: gettext('Firewall'), | |
90 | renderer: Proxmox.Utils.format_boolean, | |
91 | editor: { | |
92 | xtype: 'pveFirewallEnableEdit', | |
f6710aac TL |
93 | defaultValue: 0, |
94 | }, | |
75122e54 | 95 | }; |
6a5be79f | 96 | add_boolean_row('dhcp', 'DHCP', 1); |
b9628aa5 | 97 | add_boolean_row('ndp', 'NDP', 1); |
0a3cf3d4 | 98 | add_boolean_row('radv', gettext('Router Advertisement'), 0); |
307a2fb8 | 99 | add_boolean_row('macfilter', gettext('MAC filter'), 1); |
9eef71f3 | 100 | add_boolean_row('ipfilter', gettext('IP filter'), 0); |
307a2fb8 DM |
101 | add_log_row('log_level_in'); |
102 | add_log_row('log_level_out'); | |
103 | } else if (me.fwtype === 'dc') { | |
0a3cf3d4 | 104 | add_boolean_row('enable', gettext('Firewall'), 0); |
20f8d602 | 105 | add_boolean_row('ebtables', 'ebtables', 1); |
40120a31 CE |
106 | me.rows.log_ratelimit = { |
107 | header: gettext('Log rate limit'), | |
108 | required: true, | |
671f470e | 109 | defaultValue: gettext('Default') + ' (enable=1,rate1/second,burst=5)', |
40120a31 | 110 | editor: { |
671f470e | 111 | xtype: 'pveFirewallLograteEdit', |
f6710aac TL |
112 | defaultValue: 'enable=1', |
113 | }, | |
40120a31 | 114 | }; |
746ebf2a TL |
115 | } |
116 | ||
307a2fb8 | 117 | if (me.fwtype === 'dc' || me.fwtype === 'vm') { |
746ebf2a | 118 | me.rows.policy_in = { |
307a2fb8 DM |
119 | header: gettext('Input Policy'), |
120 | required: true, | |
121 | defaultValue: 'DROP', | |
122 | editor: { | |
9fccc702 | 123 | xtype: 'proxmoxWindowEdit', |
307a2fb8 DM |
124 | subject: gettext('Input Policy'), |
125 | items: { | |
126 | xtype: 'pveFirewallPolicySelector', | |
127 | name: 'policy_in', | |
128 | value: 'DROP', | |
f6710aac TL |
129 | fieldLabel: gettext('Input Policy'), |
130 | }, | |
131 | }, | |
307a2fb8 DM |
132 | }; |
133 | ||
746ebf2a | 134 | me.rows.policy_out = { |
307a2fb8 DM |
135 | header: gettext('Output Policy'), |
136 | required: true, | |
137 | defaultValue: 'ACCEPT', | |
138 | editor: { | |
9fccc702 | 139 | xtype: 'proxmoxWindowEdit', |
307a2fb8 DM |
140 | subject: gettext('Output Policy'), |
141 | items: { | |
142 | xtype: 'pveFirewallPolicySelector', | |
143 | name: 'policy_out', | |
144 | value: 'ACCEPT', | |
f6710aac TL |
145 | fieldLabel: gettext('Output Policy'), |
146 | }, | |
147 | }, | |
307a2fb8 DM |
148 | }; |
149 | } | |
150 | ||
307a2fb8 DM |
151 | var edit_btn = new Ext.Button({ |
152 | text: gettext('Edit'), | |
153 | disabled: true, | |
f6710aac | 154 | handler: function() { me.run_editor(); }, |
307a2fb8 DM |
155 | }); |
156 | ||
157 | var set_button_status = function() { | |
158 | var sm = me.getSelectionModel(); | |
159 | var rec = sm.getSelection()[0]; | |
160 | ||
161 | if (!rec) { | |
162 | edit_btn.disable(); | |
163 | return; | |
164 | } | |
746ebf2a | 165 | var rowdef = me.rows[rec.data.key]; |
2e37e779 AD |
166 | if (caps.vms['VM.Config.Network'] || caps.dc['Sys.Modify'] || caps.nodes['Sys.Modify']) { |
167 | edit_btn.setDisabled(!rowdef.editor); | |
168 | } | |
307a2fb8 DM |
169 | }; |
170 | ||
bc5d0cf8 | 171 | Ext.apply(me, { |
307a2fb8 | 172 | url: "/api2/json" + me.base_url, |
8058410f | 173 | tbar: [edit_btn], |
746ebf2a | 174 | editorConfig: { |
f6710aac | 175 | url: '/api2/extjs/' + me.base_url, |
746ebf2a | 176 | }, |
307a2fb8 | 177 | listeners: { |
746ebf2a | 178 | itemdblclick: me.run_editor, |
f6710aac TL |
179 | selectionchange: set_button_status, |
180 | }, | |
307a2fb8 DM |
181 | }); |
182 | ||
183 | me.callParent(); | |
184 | ||
746ebf2a TL |
185 | me.on('activate', me.rstore.startUpdate); |
186 | me.on('destroy', me.rstore.stopUpdate); | |
187 | me.on('deactivate', me.rstore.stopUpdate); | |
f6710aac | 188 | }, |
307a2fb8 | 189 | }); |
3c37fe48 CE |
190 | |
191 | ||
192 | Ext.define('PVE.FirewallLogLevels', { | |
193 | extend: 'Proxmox.form.KVComboBox', | |
194 | alias: ['widget.pveFirewallLogLevels'], | |
195 | ||
196 | name: 'log', | |
197 | fieldLabel: gettext('Log level'), | |
198 | value: 'nolog', | |
199 | comboItems: [['nolog', 'nolog'], ['emerg', 'emerg'], ['alert', 'alert'], | |
200 | ['crit', 'crit'], ['err', 'err'], ['warning', 'warning'], | |
f6710aac | 201 | ['notice', 'notice'], ['info', 'info'], ['debug', 'debug']], |
3c37fe48 | 202 | }); |