From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-firewall v4 1/1] firewall: config: use proxmox-network-api
Date: Thu, 31 Jul 2025 16:08:52 +0200 [thread overview]
Message-ID: <20250731140855.573717-10-s.hanreich@proxmox.com> (raw)
In-Reply-To: <20250731140855.573717-1-s.hanreich@proxmox.com>
proxmox-network-api now provides functions for obtaining the network
interface information directly. Adapt the firewall to use the function
from proxmox-network-api instead.
The name of InterfaceMapping has changed during this, so adapt the
firewall to use the new name for the struct.
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
proxmox-firewall/Cargo.toml | 3 +-
proxmox-firewall/src/config.rs | 33 ++++++---------------
proxmox-firewall/tests/integration_tests.rs | 8 ++---
3 files changed, 14 insertions(+), 30 deletions(-)
diff --git a/proxmox-firewall/Cargo.toml b/proxmox-firewall/Cargo.toml
index f7ef47e..2f247c3 100644
--- a/proxmox-firewall/Cargo.toml
+++ b/proxmox-firewall/Cargo.toml
@@ -21,8 +21,9 @@ serde_json = "1"
signal-hook = "0.3"
proxmox-log = "1"
-proxmox-nftables = { path = "../proxmox-nftables", features = ["config-ext"] }
proxmox-network-types = { workspace = true }
+proxmox-network-api = { version = "1", features = [ "impl" ] }
+proxmox-nftables = { path = "../proxmox-nftables", features = ["config-ext"] }
proxmox-ve-config = { workspace = true }
[dev-dependencies]
diff --git a/proxmox-firewall/src/config.rs b/proxmox-firewall/src/config.rs
index 6e357a1..d6a4df5 100644
--- a/proxmox-firewall/src/config.rs
+++ b/proxmox-firewall/src/config.rs
@@ -3,7 +3,7 @@ use std::default::Default;
use std::fs::{self, DirEntry, File, ReadDir};
use std::io::{self, BufReader};
-use anyhow::{Context, Error, bail, format_err};
+use anyhow::{bail, format_err, Context, Error};
use proxmox_log as log;
@@ -15,13 +15,12 @@ use proxmox_ve_config::firewall::types::alias::{Alias, AliasName, AliasScope};
use proxmox_ve_config::guest::types::Vmid;
use proxmox_ve_config::guest::{GuestEntry, GuestMap};
-use proxmox_ve_config::host::network::InterfaceMapping;
-use proxmox_ve_config::host::network::IpLink;
use proxmox_ve_config::host::types::BridgeName;
-use proxmox_nftables::NftClient;
+use proxmox_network_api::{get_network_interfaces, AltnameMapping};
use proxmox_nftables::command::{CommandOutput, Commands, List, ListOutput};
use proxmox_nftables::types::ListChain;
+use proxmox_nftables::NftClient;
use proxmox_ve_config::sdn::{
config::{RunningConfig, SdnConfig},
ipam::{Ipam, IpamJson},
@@ -44,7 +43,7 @@ pub trait FirewallConfigLoader {
&self,
bridge_name: &BridgeName,
) -> Result<Option<Box<dyn io::BufRead>>, Error>;
- fn interface_mapping(&self) -> Result<InterfaceMapping, Error>;
+ fn interface_mapping(&self) -> Result<AltnameMapping, Error>;
}
#[derive(Default)]
@@ -227,24 +226,10 @@ impl FirewallConfigLoader for PveFirewallConfigLoader {
Ok(None)
}
- fn interface_mapping(&self) -> Result<InterfaceMapping, Error> {
- let output = std::process::Command::new("ip")
- .arg("-details")
- .arg("-json")
- .arg("link")
- .arg("show")
- .stdout(std::process::Stdio::piped())
- .output()
- .with_context(|| "could not obtain ip link output")?;
-
- if !output.status.success() {
- bail!("ip link returned non-zero exit code")
- }
-
- Ok(serde_json::from_slice::<Vec<IpLink>>(&output.stdout)
- .with_context(|| "could not deserialize ip link output")?
- .into_iter()
- .collect())
+ fn interface_mapping(&self) -> Result<AltnameMapping, Error> {
+ Ok(AltnameMapping::from_iter(
+ get_network_interfaces()?.into_values(),
+ ))
}
}
@@ -280,7 +265,7 @@ pub struct FirewallConfig {
nft_config: BTreeMap<String, ListChain>,
sdn_config: Option<SdnConfig>,
ipam_config: Option<Ipam>,
- interface_mapping: InterfaceMapping,
+ interface_mapping: AltnameMapping,
}
impl FirewallConfig {
diff --git a/proxmox-firewall/tests/integration_tests.rs b/proxmox-firewall/tests/integration_tests.rs
index 69f9cc2..2c550eb 100644
--- a/proxmox-firewall/tests/integration_tests.rs
+++ b/proxmox-firewall/tests/integration_tests.rs
@@ -1,9 +1,9 @@
use anyhow::{Context, Error};
-use proxmox_ve_config::host::network::InterfaceMapping;
use std::collections::HashMap;
use proxmox_firewall::config::{FirewallConfig, FirewallConfigLoader, NftConfigLoader};
use proxmox_firewall::firewall::Firewall;
+use proxmox_network_api::AltnameMapping;
use proxmox_nftables::command::CommandOutput;
use proxmox_sys::nodename;
use proxmox_ve_config::guest::types::Vmid;
@@ -93,10 +93,8 @@ impl FirewallConfigLoader for MockFirewallConfigLoader {
Ok(None)
}
- fn interface_mapping(
- &self,
- ) -> Result<proxmox_ve_config::host::network::InterfaceMapping, Error> {
- Ok(InterfaceMapping::from_iter(vec![]))
+ fn interface_mapping(&self) -> Result<AltnameMapping, Error> {
+ Ok(AltnameMapping::from_iter(vec![]))
}
}
--
2.47.2
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
next prev parent reply other threads:[~2025-07-31 14:08 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-31 14:08 [pbs-devel] [PATCH proxmox{-ve-rs, , -backup, -firewall, -network-interface-pinning} v4 00/10] proxmox-network-interface-pinning Stefan Hanreich
2025-07-31 14:08 ` [pbs-devel] [PATCH proxmox-ve-rs v4 1/1] host: network: move to proxmox-network-api Stefan Hanreich
2025-07-31 14:08 ` [pbs-devel] [PATCH proxmox v4 1/3] pbs-api-types: use proxmox-network-api types Stefan Hanreich
2025-07-31 14:08 ` [pbs-devel] [PATCH proxmox v4 2/3] proxmox-network-api: use ip link for querying interface information Stefan Hanreich
2025-07-31 14:08 ` [pbs-devel] [PATCH proxmox v4 3/3] network-api: add rename_interfaces method Stefan Hanreich
2025-08-04 12:55 ` Wolfgang Bumiller
2025-08-04 14:24 ` Stefan Hanreich
2025-07-31 14:08 ` [pbs-devel] [PATCH proxmox-backup v4 1/4] config: network: move to proxmox-network-api Stefan Hanreich
2025-07-31 14:08 ` [pbs-devel] [PATCH proxmox-backup v4 2/4] metric_collection: use ip link for determining the type of interfaces Stefan Hanreich
2025-07-31 14:08 ` [pbs-devel] [PATCH proxmox-backup v4 3/4] docs: add documentation for proxmox-network-interface-pinning Stefan Hanreich
2025-07-31 14:08 ` [pbs-devel] [PATCH proxmox-backup v4 4/4] ui: show altnames Stefan Hanreich
2025-07-31 14:08 ` Stefan Hanreich [this message]
2025-07-31 14:08 ` [pbs-devel] [PATCH proxmox-network-interface-pinning v4 1/1] initial commit Stefan Hanreich
2025-08-04 13:48 ` Wolfgang Bumiller
2025-08-04 14:46 ` Stefan Hanreich
2025-08-01 9:51 ` [pbs-devel] [PATCH proxmox{-ve-rs, , -backup, -firewall, -network-interface-pinning} v4 00/10] proxmox-network-interface-pinning Christian Ebner
2025-08-01 10:26 ` Christian Ebner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250731140855.573717-10-s.hanreich@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.