[RFC proxmox 22/22] firewall-api-types: add FirewallIpsetListEntry and FirewallIpsetEntry api types

[Dietmar Maurer <dietmar@proxmox.com>]

FirewallIpsetListEntry represents an ipset in a listing (GET /cluster/firewall/ipset).

FirewallIpsetEntry represents a single entry within an ipset (GET /cluster/firewall/ipset/{name}).

Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
---
 proxmox-firewall-api-types/src/ipset.rs | 63 +++++++++++++++++++++++++
 proxmox-firewall-api-types/src/lib.rs   |  4 +-
 2 files changed, 66 insertions(+), 1 deletion(-)

diff --git a/proxmox-firewall-api-types/src/ipset.rs b/proxmox-firewall-api-types/src/ipset.rs
index 02659394..5b870873 100644
--- a/proxmox-firewall-api-types/src/ipset.rs
+++ b/proxmox-firewall-api-types/src/ipset.rs
@@ -2,6 +2,11 @@ use std::fmt;
 use std::str::FromStr;
 
 use anyhow::{bail, Error};
+use serde::{Deserialize, Serialize};
+
+use proxmox_config_digest::ConfigDigest;
+use proxmox_network_types::ip_address::Cidr;
+use proxmox_schema::{api, api_types::COMMENT_SCHEMA};
 
 #[cfg(feature = "enum-fallback")]
 use proxmox_fixed_string::FixedString;
@@ -107,6 +112,64 @@ impl FromStr for FirewallIpsetReference {
     }
 }
 
+#[api(
+    properties: {
+        name: {
+            type: String,
+            format: &proxmox_schema::ApiStringFormat::VerifyFn(verify_ipset_name),
+        },
+        comment: {
+            optional: true,
+            schema: COMMENT_SCHEMA,
+        },
+    },
+)]
+/// Firewall ipset list entry.
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize)]
+pub struct FirewallIpsetListEntry {
+    /// The name of the ipset entry.
+    pub name: String,
+
+    /// Digest to detect concurrent modifications.
+    pub digest: ConfigDigest,
+
+    /// Descriptive comment.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub comment: Option<String>,
+}
+
+#[api(
+    properties: {
+        cidr: {
+            type: String,
+        },
+        comment: {
+            optional: true,
+            schema: COMMENT_SCHEMA,
+        },
+        nomatch: {
+            optional: true,
+        },
+    },
+)]
+/// Firewall ipset content entry.
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize)]
+pub struct FirewallIpsetEntry {
+    /// Network/IP specification in CIDR format.
+    pub cidr: Cidr,
+
+    /// Digest to detect concurrent modifications.
+    pub digest: ConfigDigest,
+
+    /// Descriptive comment.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub comment: Option<String>,
+
+    /// If set to true, the ipset will be used as a "nomatch" ipset.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub nomatch: Option<bool>,
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;
diff --git a/proxmox-firewall-api-types/src/lib.rs b/proxmox-firewall-api-types/src/lib.rs
index 044fc761..9422def7 100644
--- a/proxmox-firewall-api-types/src/lib.rs
+++ b/proxmox-firewall-api-types/src/lib.rs
@@ -11,7 +11,9 @@ mod icmp_type;
 pub use icmp_type::{FirewallIcmpType, FirewallIcmpTypeName};
 
 mod ipset;
-pub use ipset::{FirewallIpsetReference, FirewallIpsetScope};
+pub use ipset::{
+    FirewallIpsetEntry, FirewallIpsetListEntry, FirewallIpsetReference, FirewallIpsetScope,
+};
 
 mod log;
 pub use log::{
-- 
2.47.3