chore!(firewall): iptables logger level is set at FIREWALL_IPTABLES_LOG_LEVEL

- firewall log level is still fully controlled by `LOG_LEVEL` - iptables log level defaults to `info` even if global log level is `debug` to minimize the amount of debug logs - iptables log level is only set to debug if retro-compatible `FIREWALL_DEBUG=on` or if `FIREWALL_IPTABLES_LOG_LEVEL=debug`
2026-05-10 04:30:20 +02:00 · 2026-03-13 18:26:48 +00:00
parent 8aaf998fa1
commit 2438fc2c3a
11 changed files with 100 additions and 48 deletions
@@ -34,11 +34,11 @@ type Config struct {

 // NewConfig creates a new Config instance and returns an error
 // if no iptables implementation is available.
-func NewConfig(ctx context.Context, logger Logger,
+func NewConfig(ctx context.Context, logger, iptablesLogger Logger,
 	runner CmdRunner, defaultRoutes []routing.DefaultRoute,
 	localNetworks []routing.LocalNetwork,
 ) (config *Config, err error) {
-	impl, err := iptables.New(ctx, runner, logger)
+	impl, err := iptables.New(ctx, runner, iptablesLogger)
 	if err != nil {
 		return nil, fmt.Errorf("creating iptables firewall: %w", err)
 	}