Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use nftables to configure firewall #800

Open
wants to merge 50 commits into
base: v2.6.x
Choose a base branch
from
Open

Use nftables to configure firewall #800

wants to merge 50 commits into from

Conversation

badrogger
Copy link
Contributor

@badrogger badrogger commented Nov 18, 2024

Changes

  • Use nftables to configure firewall.

Performance

  • No performance related changes was introduced.

Testing

  • Tested on local network.
  • Added unit tests.

@badrogger badrogger linked an issue Nov 25, 2024 that may be closed by this pull request
@badrogger badrogger marked this pull request as ready for review December 5, 2024 20:19
from collections import namedtuple # hotfix for tests
iptc = namedtuple('nftables', ['Chain', 'Rule'])
else:
logger.error(f'Unable to import iptc due to an error {err}')
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should be Unable to import nftables... instead of iptc

@@ -25,5 +25,6 @@
turn_off as turn_off_op,
turn_on as turn_on_op,
restore as restore_op,
repair_sync as repair_sync_op
repair_sync as repair_sync_op,
configure_nftables as configure_firewall
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what is the point of exporting this function under a different name here?

it is used 6 times as configure_nftables and 1 time as configure_firewall - suggesting keeping just one version for consistency.

@@ -294,13 +259,16 @@ def update(env_filepath: str, pull_config_for_schain: str, unsafe_ok: bool = Fal
error_msg = 'Cannot update safely'
error_exit(error_msg, exit_code=CLIExitCodes.UNSAFE_UPDATE)

prev_version = get_meta_info().version
logger.info('HERE %s %s', __version__, prev_version)
if (__version__ == 'test' or __version__.startswith('2.6')) and prev_version == '2.5.0':
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will it work ok if migrate will be executed multiple times? (let's say for 2.6.1, 2.6.2, etc)

@@ -0,0 +1,105 @@
import logging
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no license header

return DEFAULT_SSH_PORT


def remove_between_brackets(text: str, pattern: str) -> str:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

confusing name - maybe let's use a small docstring with a function explanation?

@dmytrotkk dmytrotkk self-requested a review December 23, 2024 16:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add support of Ubuntu 22
2 participants