The issue arises because firewall depends on qemu-server but qemu-server depends on SDN. So if I try to include firewall from SDN, it will not work.
I have looked at Firewall for quite some time now. Some functions in Firewall.pm depend on QemuServer mainly for the parse_net function. I tried to extract the functions that depend on QemuServer to another package but I couldn't get the tests to pass. Firewall.pm is using several global variables and I couldn't identify what I missed. Another option would be to split the SDN module to allow QemuServer to depend only on a certain part of SDN to notify SDN about nic added to a VM and VM start. I have not analyzed if it's possible to can split the dependency cycle. I don't see a clear path to implement this at this point and I will focus on supporting Stefan Hanreich next week to finalize other aspects of SDN for a successful release. Thomas Lamprecht <t.lampre...@proxmox.com> writes: > Am 08/11/2023 um 12:35 schrieb Stefan Lendl: >> Remove require QemuConfig from Firewall.pm >> We only use it to construct the guest config paths. >> Fixes circular include when accessing Firewall::Aliases from >> pve-network. >> > > This won't work as now cfs_read_file only works by luck, if at all, as the > cfs_read_file needs the cfs_register_file that happens in PVE::QemuServer > so that the parser is actually available... > > I'd much rather see Firewall be split-up than doing broken hacks and > switching from one of our saner interfaces to manual assembly. _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
