On 3/18/19 5:05 PM, Christian Ebner wrote: > This allows a user to log traffic filtered by a self defined firewall rule. > Therefore the API is extended to include a 'log' option allow to specify the > log level for each rule individually. > > The 'log' option can also be specified in the fw config. In order to reduce > the > log amount, logging is limited to 1 entry per second. > > For now the rule has to be created or edited via the pvesh API call or via the > firewall config in order to set the log level. > > Signed-off-by: Christian Ebner <c.eb...@proxmox.com> > --- > > Version 2: > * Added missing $logmsg to PVEFW-FWBRR-IN and PVEFW-FWBR-OUT rules > * Added '--limit-burst 1' to rate limit NFLOG to 1 packet per second > > src/PVE/API2/Firewall/Rules.pm | 3 ++ > src/PVE/Firewall.pm | 63 > +++++++++++++++++++++++++----------------- > 2 files changed, 40 insertions(+), 26 deletions(-) >
applied, with a followup to change the burst limit back to the default of 5. Thanks! _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
