diff --git a/www/manager5/grid/FirewallOptions.js b/www/manager5/grid/FirewallOptions.js new file mode 100644 index 00000000..f94be6cb --- /dev/null +++ b/www/manager5/grid/FirewallOptions.js @@ -0,0 +1,231 @@ +Ext.define('PVE.FirewallOptions', { + extend: 'PVE.grid.ObjectGrid', + alias: ['widget.pveFirewallOptions'], + + fwtype: undefined, // 'dc', 'node' or 'vm' + + base_url: undefined, + + initComponent : function() { + /*jslint confusion: true */ + + var me = this; + + if (!me.base_url) { + throw "missing base_url configuration"; + } + + if (me.fwtype === 'dc' || me.fwtype === 'node' || me.fwtype === 'vm') { + if (me.fwtype === 'node') { + me.cwidth1 = 250; + } + } else { + throw "unknown firewall option type"; + } + + var rows = {}; + + var add_boolean_row = function(name, text, defaultValue, labelWidth) { + rows[name] = { + header: text, + required: true, + defaultValue: defaultValue || 0, + renderer: PVE.Utils.format_boolean, + editor: { + xtype: 'pveWindowEdit', + subject: text, + fieldDefaults: { labelWidth: labelWidth || 100 }, + items: { + xtype: 'pvecheckbox', + defaultValue: defaultValue || 0, + checked: defaultValue ? true : false, + name: name, + uncheckedValue: 0, + fieldLabel: text + } + } + }; + }; + + var add_integer_row = function(name, text, labelWidth, minValue) { + rows[name] = { + header: text, + required: true, + renderer: function(value) { + return value || PVE.Utils.defaultText; + }, + editor: { + xtype: 'pveWindowEdit', + subject: text, + fieldDefaults: { labelWidth: labelWidth || 100 }, + items: { + xtype: 'numberfield', + name: name, + minValue: minValue, + decimalPrecision: 0, + fieldLabel: text, + emptyText: gettext('Default'), + getSubmitData: function() { + var me = this; + var val = me.getSubmitValue(); + if (val !== null && val !== '') { + var data = {}; + data[name] = val; + return data; + } else { + return { 'delete' : name }; + } + } + } + } + }; + }; + + var add_log_row = function(name, labelWidth) { + rows[name] = { + header: name, + required: true, + defaultValue: 'nolog', + editor: { + xtype: 'pveWindowEdit', + subject: name, + fieldDefaults: { labelWidth: labelWidth || 100 }, + items: { + xtype: 'pveKVComboBox', + name: name, + fieldLabel: name, + data: [['nolog', 'nolog'], ['info', 'info'], ['err', 'err'], + ['warning', 'warning'], ['crit', 'crit'], ['alert', 'alert'], + ['emerg', 'emerg'], ['debug', 'debug']] + } + } + }; + }; + + + if (me.fwtype === 'node') { + add_boolean_row('enable', gettext('Enable Firewall'), 1); + add_boolean_row('nosmurfs', gettext('SMURFS filter'), 1); + add_boolean_row('tcpflags', gettext('TCP flags filter'), 0); + add_integer_row('nf_conntrack_max', 'nf_conntrack_max', 120, 32768); + add_integer_row('nf_conntrack_tcp_timeout_established', + 'nf_conntrack_tcp_timeout_established', 250, 7875); + add_log_row('log_level_in'); + add_log_row('log_level_out'); + add_log_row('tcp_flags_log_level', 120); + add_log_row('smurf_log_level'); + } else if (me.fwtype === 'vm') { + add_boolean_row('enable', gettext('Enable Firewall'), 0); + add_boolean_row('dhcp', gettext('Enable DHCP'), 0); + add_boolean_row('macfilter', gettext('MAC filter'), 1); + add_log_row('log_level_in'); + add_log_row('log_level_out'); + } else if (me.fwtype === 'dc') { + add_boolean_row('enable', gettext('Enable Firewall'), 0); + } + + if (me.fwtype === 'dc' || me.fwtype === 'vm') { + rows.policy_in = { + header: gettext('Input Policy'), + required: true, + defaultValue: 'DROP', + editor: { + xtype: 'pveWindowEdit', + subject: gettext('Input Policy'), + items: { + xtype: 'pveFirewallPolicySelector', + name: 'policy_in', + value: 'DROP', + fieldLabel: gettext('Input Policy') + } + } + }; + + rows.policy_out = { + header: gettext('Output Policy'), + required: true, + defaultValue: 'ACCEPT', + editor: { + xtype: 'pveWindowEdit', + subject: gettext('Output Policy'), + items: { + xtype: 'pveFirewallPolicySelector', + name: 'policy_out', + value: 'ACCEPT', + fieldLabel: gettext('Output Policy') + } + } + }; + } + + var reload = function() { + me.rstore.load(); + }; + + var run_editor = function() { + var sm = me.getSelectionModel(); + var rec = sm.getSelection()[0]; + if (!rec) { + return; + } + + var rowdef = rows[rec.data.key]; + if (!rowdef.editor) { + return; + } + + var win; + if (Ext.isString(rowdef.editor)) { + win = Ext.create(rowdef.editor, { + pveSelNode: me.pveSelNode, + confid: rec.data.key, + url: '/api2/extjs' + me.base_url + }); + } else { + var config = Ext.apply({ + pveSelNode: me.pveSelNode, + confid: rec.data.key, + url: '/api2/extjs' + me.base_url + }, rowdef.editor); + win = Ext.createWidget(rowdef.editor.xtype, config); + win.load(); + } + + win.show(); + win.on('destroy', reload); + }; + + var edit_btn = new Ext.Button({ + text: gettext('Edit'), + disabled: true, + handler: run_editor + }); + + var set_button_status = function() { + var sm = me.getSelectionModel(); + var rec = sm.getSelection()[0]; + + if (!rec) { + edit_btn.disable(); + return; + } + var rowdef = rows[rec.data.key]; + edit_btn.setDisabled(!rowdef.editor); + }; + + Ext.applyIf(me, { + url: "/api2/json" + me.base_url, + cwidth1: 150, + tbar: [ edit_btn ], + rows: rows, + listeners: { + itemdblclick: run_editor, + selectionchange: set_button_status + } + }); + + me.callParent(); + + me.on('show', reload); + } +});