[docs] docs: fix iptables logging references after simplification#1292
Open
github-actions[bot] wants to merge 1 commit intomainfrom
Open
[docs] docs: fix iptables logging references after simplification#1292github-actions[bot] wants to merge 1 commit intomainfrom
github-actions[bot] wants to merge 1 commit intomainfrom
Conversation
- Correct LOG rule attribution from setup-iptables.sh to src/host-iptables.ts (FW_BLOCKED_UDP, FW_BLOCKED_OTHER are host-level DOCKER-USER chain rules) - Remove FW_DNS_QUERY section from logging quickref (prefix no longer exists) - Remove incorrect docker exec awf-agent dmesg commands (host kernel logs are not visible from inside the container) - Remove incorrect --log-uid reference (flag not used in host-iptables.ts) - Remove stale UID=0 field from iptables log example - Remove stale line number reference (src/squid-config.ts:40) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
github-actions
bot
added
ai-generated
documentation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Documentation Sync - March 7–13, 2026
This PR synchronizes documentation with the code changes from commit
5d2ef18("fix(docker): simplify to localhost+Squid-only iptables (#1270)").Changes Made
AGENTS.md: Corrected the### iptables Loggingsectioncontainers/agent/setup-iptables.shtosrc/host-iptables.ts(whereFW_BLOCKED_UDPandFW_BLOCKED_OTHERrules actually live, in the DOCKER-USER chain)--log-uidflag reference (this flag is not used)src/squid-config.ts:40line number referencedocs/logging_quickref.md: Removed outdated DNS query logging section and fixed container dmesg note[FW_DNS_QUERY]log prefix no longer exists anywhere in the codebasedocker exec awf-agent dmesg | grep FW_BLOCKEDcommand (host DOCKER-USER chain logs are only visible on the host)UID=0from the iptables log example (not logged since--log-uidis not used)docs/troubleshooting.md: Removed incorrect container dmesg commanddocker exec awf-agent dmesg | grep FW_BLOCKED(same reason as above)Code Changes Referenced
5d2ef18: "fix(docker): simplify to localhost+Squid-only iptables (fix(docker): simplify to localhost+Squid-only iptables #1270)" — this PR simplified the container-level iptables insetup-iptables.sh. The LOG rules (FW_BLOCKED_UDP,FW_BLOCKED_OTHER) were never insetup-iptables.sh; they exist insrc/host-iptables.ts. TheFW_DNS_QUERYlog prefix was removed entirely.Verification
FW_BLOCKED_UDP/FW_BLOCKED_OTHERexist only insrc/host-iptables.ts(lines 400, 412)FW_DNS_QUERYdoes not exist anywhere in the codebase--log-uidflag is not used insrc/host-iptables.tsorcontainers/agent/setup-iptables.shdocker exec awf-agent dmesgcannot show host DOCKER-USER chain kernel logs