From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: Test of cleanup branch Date: Wed, 07 Aug 2024 13:18:08 +0100 Message-ID: In-Reply-To: <7aa2c25a-8431-43f0-9600-09fcb66bbb25@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5060265440644536260==" List-Id: --===============5060265440644536260== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, Yes, I removed this too. It was getting on my nerves. It servers no purpose because the GPL is not an EULA and so there is no value= in asking users to accept it. And it won=E2=80=99t stop the bad guys anyways= =E2=80=A6 -Michael > On 7 Aug 2024, at 13:04, Adolf Belka wrote: >=20 > Hi Michael, >=20 > Something I only just noticed. If I do a fresh install of the CU188 version= then I no longer see the GPL page where I am supposed to check the checkbox = that I accept the terms. That page is just completely missed. >=20 > Looking in /var/ipfire/main/ then the firstsetup_ok file is present but the= re is no gpl_accepted file but the installation completes okay and I am able = to access the WUI. >=20 > Regards, >=20 > Adolf. >=20 >=20 > On 07/08/2024 12:56, Adolf Belka wrote: >> Hi Michael, >>=20 >> Yes, some of the problems have been fixed. >>=20 >> On 06/08/2024 17:52, Michael Tremer wrote: >>> Hello, >>>=20 >>> I just pushed a bunch of changes that should hopefully resolve a few of t= he problems. >>>=20 >>> The only one that I can see remaining is that all sorts of form elements = (dropdowns, input boxes, etc.) are now 100% in width. They fill the entire ho= rizontal space. This is something I like. However, without the scaffolding ar= ound being consistent, this creates a lot of problems. Sometimes we have a ta= ble that is properly sized, sometimes we have I don=E2=80=99t even know what.= I believe cleaning that up will be weeks worth of work because it is so fidd= ly. So, maybe I will revert that change and come up with a different solution= for OpenVPN. >> For the DNS Server page you have the protocol entry box which is now the f= ull width of the page but only has three letter acronyms to be entered. I don= 't have a big problem with that but I suspect that there might be some pushba= ck from some forum members. >>>=20 >>> Please give the recent changes a test and let me know how it works. >> I made sure that I did a browser cache clear before reviewing the changes. >>=20 >> The core programs section of the Services page now has colour on it for th= e status of running or stopped. >>=20 >> The colours are not there for the status of any of the addons. >>=20 >> The Processes and Processes memory graphs that are normally on that page a= re now completely missing. >>=20 >> Screenshot attached. >>=20 >> The colour for the status is not showing for the IPSec and OpenVPN client = connections. >>=20 >> Also if you go to the Firewall Rules creation page the box to select Accep= t, Drop or Reject has no colour. >>=20 >> In the Services screenshot you can see that the Intrusion Prevention is sh= own as Stopped but on the IPS page it is showing as running but with no colou= r. See second screenshot, if you look closely you can see that it shows RUNNI= NG for the status. I checked on the command line and Suricata is running so i= t is the Services page that has somehow got confused. >>=20 >> Regards, >>=20 >> Adolf. >>>=20 >>> -Michael >>>=20 >>>> On 3 Aug 2024, at 11:48, Adolf Belka wrote: >>>>=20 >>>> Hi Michael, >>>>=20 >>>> On 02/08/2024 11:12, Michael Tremer wrote: >>>>> Hello Adolf, >>>>> Thank you for looking at this in depth :) >>>>>> On 1 Aug 2024, at 16:01, Adolf Belka wrote: >>>>>>=20 >>>>>> Hi Michael, >>>>>>=20 >>>>>> Additional note written after all of the feedback below the dashed lin= e was written. I did a shutdown of the vm with CU188 to check something in th= e CU186 vm then went back to the CU188 version and things had changed. Most o= f the longer boxes are no longer longer and don't overlap other elements. The= missing colours are back for IPSec, OpenVPN etc. >>>>> That is good news! >>>>=20 >>>> In some later emails, I indicated that I found that the browser cache wa= s the reason that the colours came back. When I cleared my browser cache I we= nt back to no colours and longer overlapping entry boxes. >>>>>> The graph period selection previously was in a horizontal line under t= he graph. Now it was still under the graph but it is now a vertical selection= choice which can't have been intended as it takes far too much space. Howeve= r the key thing is that rebooting seems to be making things change, which sho= uldn't be happening. I have started to take screenshots of things to have som= e evidence. >>>>> I think I have an explanation for this, and no, you are not going crazy= . Since I have changed the CSS, it might be that the web UI is now rendering = some different HTML, but your browser has the old CSS cached and so those thi= ngs don=E2=80=99t fit together any more. >>>>> This is a good example: https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3D= commitdiff;h=3Dfbfde0088c58c506cab80d23fc240e3cab863302 >>>>> If you don=E2=80=99t have the changes from the CSS file, then you simpl= y won=E2=80=99t see any colours here. >>>>=20 >>>> Yes, I found that the browser cache was affecting things. >>>> However, when I clear the cache the result I get is the loss of the colo= urs in the services table page as an example or the overlapping of entry boxe= s in the dhcp page as an example. I can get this effect consistently with doi= ng a fresh install and a browser cache clear. Have tested this out three time= s and always the same result. Longer boxes overlapping other elements and los= s of status colours. See attached dhcp and services screenshots. >>>>> Some of the changes I implemented a user feedback - for example that th= e headlines are hard to read on some devices that have not the best font rend= ering. Other things are probably more of my own things. The graphs used to ha= ve a grey line around them. And then we had a box with another grey line arou= nd them. And then there was the big white box. It kind of reminded me of some= mirror cabinet. >>>>> Sometimes we have multiple levels of headlines that all say the same: M= emory information -> Memory Graph -> Memory Usage per Day. >>>>>> Attached is a screenshot showing the graph period selectors which are = now vertically positioned at the bottom of the graphs. >>>>> So it is correct that the outer box is gone. The graph only has a headl= ine when it needs one. >>>>> The Hour/Day/Week/=E2=80=A6 controls should however remain the same. >>>> That is definitely different. They are now boxes containing the words at= the bottom of the graph rather than just the words at the top of the graph a= nd when first viewed all are grey (graph-example1) then become red when selec= ted (graph-example2). >>>>>> Also attached is a screenshot of the pakfire page that is still missin= g the pak_ver numbers. >>>>> This is probably a bug from my changes in the tooling. >>>> I have seen the patch. Looks like that will fix it. Will test it to conf= irm, either with build and install or using nightly build once done. >>>>=20 >>>>>> I don't know what is going on here. >>>>> Me pushing a lot of changes at a fast pace :) >>>> :-) >>>>>> ---------------------------------------------- >>>>>>=20 >>>>>> Okay, here is the feedback from reviewing a vm that actually included = the cleanup branch changes. >>>>>>=20 >>>>>> The home and ssh items look better with the change. They now use alter= nating shades of grey to highlight each line. >>>>> This is now applied automatically to every table. Before, we used to ha= ve a lot of Perl magic to make that happen. >>>> That looks good. >>>>>> All graphs have new selection buttons for Hour, Day, Weekly etc that s= how in red when selected. This looks better. The default is the Day selection= but when you start with a graph it does not indicate that it is using the Da= y option, ie all buttons are showing grey. >>>>> Okay, this would be something that needs fixing then. >>>>>> Net-Traffic and ExtraHD have the same tables but instead of being cent= red on the page they are now on the Left Hand Side of the WUI page. >>>>>>=20 >>>>>> The Zone Config page looks much busier now. Previously the dropdown bo= x for native or vlan selection was next to the vlan id box and the space was = good enough for that. Now they are placed one above the other, so wider, whic= h is not needed but they now fill the whole space of the section before the n= ext nic interface starts. I think the previous version looked clearer. >>>>>>=20 >>>>>> The IPS page and the Services page no longer show the red or green bac= kground for running or stopped. You still see the words but they are now in w= hite on a light grey background or white on a slightly darker grey. >>>>>>=20 >>>>>> On the Services page the first graph which should be titled Processes = is labelled 100%. >>>>>>=20 >>>>>> On the System page the graphs have no name at all. On the vm I used th= ey should have been labelled CPU and Load Avg. >>>>>>=20 >>>>>> On the Pakfire page the list of available or installed addons do not s= how the pak_ver number so that you get alsa-1.2.10- instead of alsa-1.2.10-20 >>>>>>=20 >>>>>> The IPSec and OpenVPN pages no longer show the green, red or blue colo= urs for the connection status. >>>>>>=20 >>>>>> On the Firewall Rules page the table has no colours for Accept, Reject= or Drop for any of the rules. The alternate grey shading has got mixed up as= it is considering that if there is a remark line for a firewall rule that is= a separate line and the grey shading has to be changed. Definitely not right= . Some of the Destinations have not had the right colour code applied for the= zone colour - left grey. The boxes giving the policy applied for each firewa= ll section are not colour coded for Allow or Blocked. >>>>>>=20 >>>>>> On the actual firewall creation page, there are longer boxes that over= lap labels or other elements. There is no colour in the Drop, Reject, Accept = selection box just one shade of grey. >>>>>>=20 >>>>>> The vulnerabilities page has the left hand section now in black backgr= ound with white lettering. Different but probably okay. >>>>> Okay, this is all very useful. I will install a machine and go through = all of this and see what I can fix. >>>>>> The following menu items showed longer entry boxes that overlap labels= or other elements >>>>>> DHCP >>>>>> DNS Forward >>>>>> Static Routes >>>>>> Wake on LAN >>>>>> Time Server >>>>>> Log Settings >>>>>> Proxy Logs >>>>>>=20 >>>>>>=20 >>>>>> The following menu items showed longer entry boxes that did not overla= p other elements but you end up with a much longer box length than is needed = for a day number for example >>>>>> Firewall Groups >>>>>> Firewall Options >>>>>> Blue Access >>>>>> Log Summary >>>>>> Dynamic DNS >>>>>> Proxy reports >>>>>> Firewall logs >>>>>> Firewall graphs - IP, Port & Country >>>>>> IPS Logs >>>>>> IP Address blocklist logs >>>>>> OpenVPN RW logs >>>>>> URL Filter Logs >>>>>> System Logs >>>>>> Captive portal >>>>>> Connection Scheduler >>>>>> Assign MAC Address >>>>>>=20 >>>>>>=20 >>>>>> The following menu items showed no change/issues except maybe for the = graph period selection buttons . >>>>>> Backup >>>>>> Shutdown >>>>>> Credits >>>>>> Mailservice >>>>>> Memory >>>>>> Media >>>>>> Network External, Internal and Other >>>>>> OpenVPN RW and N2N Statistics >>>>>> WIO >>>>>> Hardware graphs >>>>>> Connections >>>>>> Mdstat >>>>>> DNS >>>>>> Web Proxy >>>>>> URL Filter >>>>>> Update Accelerator >>>>>> Edit Hosts >>>>>> QOS >>>>>> IP Address Blocklist >>>>>> Location Block >>>>>> IPTables >>>>>>=20 >>>>>> I am really sorry for giving false hope that the cleanup branch had go= ne really well. >>>>> Well, it happens :) That is why next is called next. >>>> Yes but me providing the original first review feedback on a vm system t= hat did not have the cleanup changes actually in it, really shouldn't have ha= ppened. >>>>=20 >>>> Regards, >>>> Adolf. >>>>> -Michael >>>>>>=20 >>>>>> Regards, >>>>>>=20 >>>>>> Adolf. >>>>>>=20 >>>>>> On 01/08/2024 12:50, Adolf Belka wrote: >>>>>>> Hi Michael, >>>>>>>=20 >>>>>>> On 25/07/2024 12:28, Adolf Belka wrote: >>>>>>>> Hi Michael, >>>>>>>>=20 >>>>>>>> On 25/07/2024 10:44, Michael Tremer wrote: >>>>>>>>> Hello Adolf, >>>>>>>>>=20 >>>>>>>>> Thank you for getting back on this so quickly. >>>>>>>>>=20 >>>>>>> Maybe I got back too quickly!! >>>>>>>=20 >>>>>>> I have just done a build with next for a bugfix patch and installed i= t into my vm and the pages look quite different with some things missing, lik= e the green and red colours for if services are running or not and some graph= titles are incorrect. >>>>>>>=20 >>>>>>> I took the iso from the latest directory in the nightly build but it = looks like it was still linked to the previous version when I downloaded it a= s the b2 sum is for build 6460dbbf from the day before. >>>>>>>=20 >>>>>>> Downloading the iso today from the latest directory gives me the buil= d ed2c97b7. >>>>>>>=20 >>>>>>> I am going to install that version now but I suspect it will show the= same as I found with my build. >>>>>>>=20 >>>>>>> So it looks like my original review was based on the version before t= he cleanup branch changes were included. >>>>>>>=20 >>>>>>> I will come back with new feedback of what I find from the latest bra= nch that I have now downloaded. >>>>>>>=20 >>>>>>> Sorry. In future maybe I should wait till the following day, or downl= oad from the build named directory instead of the directory named latest. >>>>>>>=20 >>>>>>> Regards, >>>>>>>=20 >>>>>>> Adolf >>>>>>>=20 >>>>>>>>> I suppose this also means that the ISO in the next branch boots jus= t fine, too? >>>>>>>>=20 >>>>>>>> Yes, that is correct. I used the iso from the nightly next latest di= rectory. No problems with the install at all. >>>>>>>> This tested out raid and all 4 interfaces. >>>>>>>>=20 >>>>>>>> Regards, >>>>>>>> Adolf. >>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>> Best, >>>>>>>>> -Michael >>>>>>>>>=20 >>>>>>>>>> On 25 Jul 2024, at 09:07, Adolf Belka w= rote: >>>>>>>>>>=20 >>>>>>>>>> Hi Michael, >>>>>>>>>>=20 >>>>>>>>>> I installed CU188 from the nightly onto a vm system and looked tho= ugh all the WUI pages and everything looked fine. >>>>>>>>>>=20 >>>>>>>>>> I then restored a CU187 backup from my testing and then checked th= e OpenVPN RW and N2N. Both worked fine with no problems. Also the logging for= that all worked with no problems. >>>>>>>>>>=20 >>>>>>>>>> Also checked out the IPS, IP Blocklists, Firewall groups and rules= , DNS ... >>>>>>>>>>=20 >>>>>>>>>> Everything I have looked at shows no impact from the cleanup branc= h changes. It looks good to me. >>>>>>>>>>=20 >>>>>>>>>> Of course good for others to also evaluate. >>>>>>>>>>=20 >>>>>>>>>> Regards, >>>>>>>>>>=20 >>>>>>>>>> Adolf. >>>>>>>>>>=20 >>>>>> >>>> >>>=20 --===============5060265440644536260==--