From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id BF7081FF13E for ; Fri, 03 Apr 2026 09:42:18 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4C371373F7; Fri, 3 Apr 2026 09:42:48 +0200 (CEST) Date: Fri, 3 Apr 2026 09:42:41 +0200 From: Wolfgang Bumiller To: Stefan Hanreich Subject: Re: [PATCH proxmox-ve-rs v2 12/34] ve-config: frr: implement frr config generation for prefix lists Message-ID: <5n64t7cejkg2obrppbf7vcvogs27zofyhuapihnkzh2omxzezi@e5vg27uz7n76> References: <20260401143957.386809-1-s.hanreich@proxmox.com> <20260401143957.386809-13-s.hanreich@proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260401143957.386809-13-s.hanreich@proxmox.com> X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1775202102315 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.086 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: 7BIA4NIMOIZCWKCCHQRZ6B47XVEW2KWC X-Message-ID-Hash: 7BIA4NIMOIZCWKCCHQRZ6B47XVEW2KWC X-MailFrom: w.bumiller@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: pve-devel@lists.proxmox.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox VE development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: minor nit On Wed, Apr 01, 2026 at 04:39:21PM +0200, Stefan Hanreich wrote: > Implements conversion traits for all the section config types, so they > can be converted into their respective FRR template counterpart. > > Also add a helper that adds a list of prefix lists to an existing FRR > configuration. This will be used by perl-rs to generate the FRR > configuration from the section configuration. The helper will > overwrite existing prefix lists in the FRR configuration, allowing > users to override pre-defined prefix lists generated by our stack. > > Signed-off-by: Stefan Hanreich > --- > proxmox-ve-config/src/sdn/prefix_list.rs | 60 ++++++++++++++++++++++++ > 1 file changed, 60 insertions(+) > > diff --git a/proxmox-ve-config/src/sdn/prefix_list.rs b/proxmox-ve-config/src/sdn/prefix_list.rs > index f4988d9..1876799 100644 > --- a/proxmox-ve-config/src/sdn/prefix_list.rs > +++ b/proxmox-ve-config/src/sdn/prefix_list.rs > @@ -123,6 +123,66 @@ pub enum PrefixList { > PrefixList(PrefixListSection), > } > > +#[cfg(feature = "frr")] > +pub mod frr { > + use super::*; > + > + use proxmox_frr::ser::{ > + route_map::{ > + self, PrefixListName as FrrPrefixListName, PrefixListRule as FrrPrefixListRule, > + }, > + FrrConfig, > + }; > + > + impl From for FrrPrefixListName { > + fn from(value: PrefixListId) -> Self { > + FrrPrefixListName::new(value.0) > + } > + } > + > + impl From for FrrPrefixListRule { > + fn from(value: PrefixListEntry) -> Self { > + FrrPrefixListRule { > + action: match value.action { > + PrefixListAction::Permit => route_map::AccessAction::Permit, > + PrefixListAction::Deny => route_map::AccessAction::Deny, > + }, > + network: value.prefix, > + seq: value.seq, > + le: value.le, > + ge: value.ge, > + is_ipv6: value.prefix.is_ipv6(), > + } > + } > + } > + > + /// Add a list of Prefix Lists to an [`FrrConfig`]. > + /// > + /// This will overwrite existing Prefix Lists in the [`FrrConfig`]. Since this will be used for > + /// generating the FRR configuration from the SDN stack, this enables users to override Prefix > + /// Lists that are predefined by our stack. > + pub fn build_frr_prefix_lists( > + prefix_lists: impl IntoIterator, > + frr_config: &mut FrrConfig, > + ) -> Result<(), anyhow::Error> { > + for prefix_list in prefix_lists.into_iter() { Superfluous `.into_iter()` call. > + let PrefixList::PrefixList(prefix_list) = prefix_list; > + let prefix_list_name = FrrPrefixListName::new(prefix_list.id.0); > + > + frr_config.prefix_lists.insert( > + prefix_list_name, > + prefix_list > + .entries > + .into_iter() > + .map(|prefix_list| prefix_list.into_inner().into()) > + .collect(), > + ); > + } > + > + Ok(()) > + } > +} > + > pub mod api { > use super::*; > > -- > 2.47.3