ui: firewall: rule: maxlength for source and dest

Limiting the length of the source and dest paramters helps to avoid
problems with iptables-restore which would not apply a rule if a
parameter is larger than the parameter buffer (1024)[0]. As the API is
already limiting this, we should also reflect that in the GUI and give
people a hint that IP sets are most likely the better approach.

[0] http://git.netfilter.org/iptables/tree/iptables/xshared.c?h=v1.8.7#n469

Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>

diff --git a/www/manager6/grid/FirewallRules.js b/www/manager6/grid/FirewallRules.js
index 424bdfcbe60b442270d106ef50b6bbe891526b36..f32a1ea13193a3d7d85c78fee1d47e9bce536381 100644 (file)
--- a/www/manager6/grid/FirewallRules.js
+++ b/www/manager6/grid/FirewallRules.js
@@ -135,7 +135,8 @@ Ext.define('PVE.FirewallRulePanel', {
                base_url: me.list_refs_url,
                value: '',
                fieldLabel: gettext('Source'),
-
+               maxLength: 512,
+               maxLengthText: gettext('Too long, consider using IP sets.'),
            },
            {
                xtype: 'pveIPRefSelector',
@@ -145,6 +146,8 @@ Ext.define('PVE.FirewallRulePanel', {
                base_url: me.list_refs_url,
                value: '',
                fieldLabel: gettext('Destination'),
+               maxLength: 512,
+               maxLengthText: gettext('Too long, consider using IP sets.'),
            },
        );