From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 1B2821FF16F for ; Fri, 15 Nov 2024 13:10:02 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 5989D12202; Fri, 15 Nov 2024 13:09:47 +0100 (CET) From: Stefan Hanreich To: pve-devel@lists.proxmox.com Date: Fri, 15 Nov 2024 13:09:34 +0100 Message-Id: <20241115120937.169342-7-s.hanreich@proxmox.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241115120937.169342-1-s.hanreich@proxmox.com> References: <20241115120937.169342-1-s.hanreich@proxmox.com> MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.239 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH pve-firewall v4 6/9] api: load sdn ipsets X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Cc: Wolfgang Bumiller Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" U2luY2UgdGhlIFNETiBjb25maWd1cmF0aW9uIHJlYWRzIHRoZSBJUEFNIGNvbmZpZyBmaWxlLCB3 aGljaCByZXNpZGVzCmluIC9ldGMvcHZlL3ByaXYgd2UgbmVlZCB0byBhZGQgdGhlIHByb3RlY3Rl ZCBmbGFnIHRvIHNldmVyYWwKZW5kcG9pbnRzLgoKU2lnbmVkLW9mZi1ieTogU3RlZmFuIEhhbnJl aWNoIDxzLmhhbnJlaWNoQHByb3htb3guY29tPgpSZXZpZXdlZC1ieTogV29sZmdhbmcgQnVtaWxs ZXIgPHcuYnVtaWxsZXJAcHJveG1veC5jb20+ClRlc3RlZC1CeTogR2FicmllbCBHb2xsZXIgPGcu Z29sbGVyQHByb3htb3guY29tPgpUZXN0ZWQtQnk6IEhhbm5lcyBEw7xyciA8aC5kdWVyckBwcm94 bW94LmNvbT4KLS0tCiBzcmMvUFZFL0FQSTIvRmlyZXdhbGwvQWxpYXNlcy5wbSB8IDIgKysKIHNy Yy9QVkUvQVBJMi9GaXJld2FsbC9DbHVzdGVyLnBtIHwgNyArKysrKystCiBzcmMvUFZFL0FQSTIv RmlyZXdhbGwvR3JvdXBzLnBtICB8IDEgKwogc3JjL1BWRS9BUEkyL0ZpcmV3YWxsL0hvc3QucG0g ICAgfCAxICsKIHNyYy9QVkUvQVBJMi9GaXJld2FsbC9JUFNldC5wbSAgIHwgMiArKwogc3JjL1BW RS9BUEkyL0ZpcmV3YWxsL1J1bGVzLnBtICAgfCAyICsrCiBzcmMvUFZFL0FQSTIvRmlyZXdhbGwv Vk0ucG0gICAgICB8IDUgKysrKy0KIDcgZmlsZXMgY2hhbmdlZCwgMTggaW5zZXJ0aW9ucygrKSwg MiBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS9zcmMvUFZFL0FQSTIvRmlyZXdhbGwvQWxpYXNl cy5wbSBiL3NyYy9QVkUvQVBJMi9GaXJld2FsbC9BbGlhc2VzLnBtCmluZGV4IDMzYWM2NjkuLjJm OTQ3YWEgMTAwNjQ0Ci0tLSBhL3NyYy9QVkUvQVBJMi9GaXJld2FsbC9BbGlhc2VzLnBtCisrKyBi L3NyYy9QVkUvQVBJMi9GaXJld2FsbC9BbGlhc2VzLnBtCkBAIC04Nyw2ICs4Nyw3IEBAIHN1YiBy ZWdpc3Rlcl9nZXRfYWxpYXNlcyB7CiAJcGF0aCA9PiAnJywKIAltZXRob2QgPT4gJ0dFVCcsCiAJ ZGVzY3JpcHRpb24gPT4gIkxpc3QgYWxpYXNlcyIsCisJcHJvdGVjdGVkID0+IDEsCiAJcGVybWlz c2lvbnMgPT4gUFZFOjpGaXJld2FsbDo6cnVsZXNfYXVkaXRfcGVybWlzc2lvbnMoJGNsYXNzLT5y dWxlX2VudigpKSwKIAlwYXJhbWV0ZXJzID0+IHsKIAkgICAgYWRkaXRpb25hbFByb3BlcnRpZXMg PT4gMCwKQEAgLTE3Nyw2ICsxNzgsNyBAQCBzdWIgcmVnaXN0ZXJfcmVhZF9hbGlhcyB7CiAJcGF0 aCA9PiAne25hbWV9JywKIAltZXRob2QgPT4gJ0dFVCcsCiAJZGVzY3JpcHRpb24gPT4gIlJlYWQg YWxpYXMuIiwKKwlwcm90ZWN0ZWQgPT4gMSwKIAlwZXJtaXNzaW9ucyA9PiBQVkU6OkZpcmV3YWxs OjpydWxlc19hdWRpdF9wZXJtaXNzaW9ucygkY2xhc3MtPnJ1bGVfZW52KCkpLAogCXBhcmFtZXRl cnMgPT4gewogCSAgICBhZGRpdGlvbmFsUHJvcGVydGllcyA9PiAwLApkaWZmIC0tZ2l0IGEvc3Jj L1BWRS9BUEkyL0ZpcmV3YWxsL0NsdXN0ZXIucG0gYi9zcmMvUFZFL0FQSTIvRmlyZXdhbGwvQ2x1 c3Rlci5wbQppbmRleCA0OGFkOTBkLi5lNTE5YWI5IDEwMDY0NAotLS0gYS9zcmMvUFZFL0FQSTIv RmlyZXdhbGwvQ2x1c3Rlci5wbQorKysgYi9zcmMvUFZFL0FQSTIvRmlyZXdhbGwvQ2x1c3Rlci5w bQpAQCAtODgsNiArODgsNyBAQCBfX1BBQ0tBR0VfXy0+cmVnaXN0ZXJfbWV0aG9kKHsKICAgICBw YXRoID0+ICdvcHRpb25zJywKICAgICBtZXRob2QgPT4gJ0dFVCcsCiAgICAgZGVzY3JpcHRpb24g PT4gIkdldCBGaXJld2FsbCBvcHRpb25zLiIsCisgICAgcHJvdGVjdGVkID0+IDEsCiAgICAgcGVy bWlzc2lvbnMgPT4gewogCWNoZWNrID0+IFsncGVybScsICcvJywgWyAnU3lzLkF1ZGl0JyBdXSwK ICAgICB9LApAQCAtMjE0LDYgKzIxNSw3IEBAIF9fUEFDS0FHRV9fLT5yZWdpc3Rlcl9tZXRob2Qo ewogICAgIHBlcm1pc3Npb25zID0+IHsKIAljaGVjayA9PiBbJ3Blcm0nLCAnLycsIFsgJ1N5cy5B dWRpdCcgXV0sCiAgICAgfSwKKyAgICBwcm90ZWN0ZWQgPT4gMSwKICAgICBwYXJhbWV0ZXJzID0+ IHsKIAlhZGRpdGlvbmFsUHJvcGVydGllcyA9PiAwLAogCXByb3BlcnRpZXMgPT4gewpAQCAtMjU1 LDcgKzI1NywxMCBAQCBfX1BBQ0tBR0VfXy0+cmVnaXN0ZXJfbWV0aG9kKHsKIAogCW15ICRjb25m ID0gUFZFOjpGaXJld2FsbDo6bG9hZF9jbHVzdGVyZndfY29uZigpOwogCi0JcmV0dXJuIFBWRTo6 RmlyZXdhbGw6OkhlbHBlcnM6OmNvbGxlY3RfcmVmcygkY29uZiwgJHBhcmFtLT57dHlwZX0sICJk YyIpOworCW15ICRjbHVzdGVyX3JlZnMgPSBQVkU6OkZpcmV3YWxsOjpIZWxwZXJzOjpjb2xsZWN0 X3JlZnMoJGNvbmYsICRwYXJhbS0+e3R5cGV9LCAiZGMiKTsKKwlteSAkc2RuX3JlZnMgPSBQVkU6 OkZpcmV3YWxsOjpIZWxwZXJzOjpjb2xsZWN0X3JlZnMoJGNvbmYtPntzZG59LCAkcGFyYW0tPnt0 eXBlfSwgInNkbiIpOworCisJcmV0dXJuIFtAJHNkbl9yZWZzLCBAJGNsdXN0ZXJfcmVmc107CiAg ICAgfX0pOwogCiAxOwpkaWZmIC0tZ2l0IGEvc3JjL1BWRS9BUEkyL0ZpcmV3YWxsL0dyb3Vwcy5w bSBiL3NyYy9QVkUvQVBJMi9GaXJld2FsbC9Hcm91cHMucG0KaW5kZXggZmZkYzQ1Yy4uOThiMDc0 NyAxMDA2NDQKLS0tIGEvc3JjL1BWRS9BUEkyL0ZpcmV3YWxsL0dyb3Vwcy5wbQorKysgYi9zcmMv UFZFL0FQSTIvRmlyZXdhbGwvR3JvdXBzLnBtCkBAIC00NCw2ICs0NCw3IEBAIF9fUEFDS0FHRV9f LT5yZWdpc3Rlcl9tZXRob2QoewogICAgIHBhdGggPT4gJycsCiAgICAgbWV0aG9kID0+ICdHRVQn LAogICAgIGRlc2NyaXB0aW9uID0+ICJMaXN0IHNlY3VyaXR5IGdyb3Vwcy4iLAorICAgIHByb3Rl Y3RlZCA9PiAxLAogICAgIHBlcm1pc3Npb25zID0+IHsgdXNlciA9PiAnYWxsJyB9LAogICAgIHBh cmFtZXRlcnMgPT4gewogICAgIAlhZGRpdGlvbmFsUHJvcGVydGllcyA9PiAwLApkaWZmIC0tZ2l0 IGEvc3JjL1BWRS9BUEkyL0ZpcmV3YWxsL0hvc3QucG0gYi9zcmMvUFZFL0FQSTIvRmlyZXdhbGwv SG9zdC5wbQppbmRleCAwNDMyZGUyLi44YmQ1ZGExIDEwMDY0NAotLS0gYS9zcmMvUFZFL0FQSTIv RmlyZXdhbGwvSG9zdC5wbQorKysgYi9zcmMvUFZFL0FQSTIvRmlyZXdhbGwvSG9zdC5wbQpAQCAt NjgsNiArNjgsNyBAQCBfX1BBQ0tBR0VfXy0+cmVnaXN0ZXJfbWV0aG9kKHsKICAgICBwYXRoID0+ ICdvcHRpb25zJywKICAgICBtZXRob2QgPT4gJ0dFVCcsCiAgICAgZGVzY3JpcHRpb24gPT4gIkdl dCBob3N0IGZpcmV3YWxsIG9wdGlvbnMuIiwKKyAgICBwcm90ZWN0ZWQgPT4gMSwKICAgICBwcm94 eXRvID0+ICdub2RlJywKICAgICBwZXJtaXNzaW9ucyA9PiB7CiAJY2hlY2sgPT4gWydwZXJtJywg Jy9ub2Rlcy97bm9kZX0nLCBbICdTeXMuQXVkaXQnIF1dLApkaWZmIC0tZ2l0IGEvc3JjL1BWRS9B UEkyL0ZpcmV3YWxsL0lQU2V0LnBtIGIvc3JjL1BWRS9BUEkyL0ZpcmV3YWxsL0lQU2V0LnBtCmlu ZGV4IGVkOTJkODcuLjk4YzU0NDMgMTAwNjQ0Ci0tLSBhL3NyYy9QVkUvQVBJMi9GaXJld2FsbC9J UFNldC5wbQorKysgYi9zcmMvUFZFL0FQSTIvRmlyZXdhbGwvSVBTZXQucG0KQEAgLTkxLDYgKzkx LDcgQEAgc3ViIHJlZ2lzdGVyX2dldF9pcHNldCB7CiAJcGF0aCA9PiAnJywKIAltZXRob2QgPT4g J0dFVCcsCiAJZGVzY3JpcHRpb24gPT4gIkxpc3QgSVBTZXQgY29udGVudCIsCisJcHJvdGVjdGVk ID0+IDEsCiAJcGVybWlzc2lvbnMgPT4gUFZFOjpGaXJld2FsbDo6cnVsZXNfYXVkaXRfcGVybWlz c2lvbnMoJGNsYXNzLT5ydWxlX2VudigpKSwKIAlwYXJhbWV0ZXJzID0+IHsKIAkgICAgYWRkaXRp b25hbFByb3BlcnRpZXMgPT4gMCwKQEAgLTU4Niw2ICs1ODcsNyBAQCBzdWIgcmVnaXN0ZXJfaW5k ZXggewogCXBhdGggPT4gJycsCiAJbWV0aG9kID0+ICdHRVQnLAogCWRlc2NyaXB0aW9uID0+ICJM aXN0IElQU2V0cyIsCisJcHJvdGVjdGVkID0+IDEsCiAJcGVybWlzc2lvbnMgPT4gUFZFOjpGaXJl d2FsbDo6cnVsZXNfYXVkaXRfcGVybWlzc2lvbnMoJGNsYXNzLT5ydWxlX2VudigpKSwKIAlwYXJh bWV0ZXJzID0+IHsKIAkgICAgYWRkaXRpb25hbFByb3BlcnRpZXMgPT4gMCwKZGlmZiAtLWdpdCBh L3NyYy9QVkUvQVBJMi9GaXJld2FsbC9SdWxlcy5wbSBiL3NyYy9QVkUvQVBJMi9GaXJld2FsbC9S dWxlcy5wbQppbmRleCA5ZmNmYjIwLi45ZTkwM2Q0IDEwMDY0NAotLS0gYS9zcmMvUFZFL0FQSTIv RmlyZXdhbGwvUnVsZXMucG0KKysrIGIvc3JjL1BWRS9BUEkyL0ZpcmV3YWxsL1J1bGVzLnBtCkBA IC03Miw2ICs3Miw3IEBAIHN1YiByZWdpc3Rlcl9nZXRfcnVsZXMgewogCXBhdGggPT4gJycsCiAJ bWV0aG9kID0+ICdHRVQnLAogCWRlc2NyaXB0aW9uID0+ICJMaXN0IHJ1bGVzLiIsCisJcHJvdGVj dGVkID0+IDEsCiAJcGVybWlzc2lvbnMgPT4gUFZFOjpGaXJld2FsbDo6cnVsZXNfYXVkaXRfcGVy bWlzc2lvbnMoJHJ1bGVfZW52KSwKIAlwYXJhbWV0ZXJzID0+IHsKIAkgICAgYWRkaXRpb25hbFBy b3BlcnRpZXMgPT4gMCwKQEAgLTEyMCw2ICsxMjEsNyBAQCBzdWIgcmVnaXN0ZXJfZ2V0X3J1bGUg ewogCXBhdGggPT4gJ3twb3N9JywKIAltZXRob2QgPT4gJ0dFVCcsCiAJZGVzY3JpcHRpb24gPT4g IkdldCBzaW5nbGUgcnVsZSBkYXRhLiIsCisJcHJvdGVjdGVkID0+IDEsCiAJcGVybWlzc2lvbnMg PT4gUFZFOjpGaXJld2FsbDo6cnVsZXNfYXVkaXRfcGVybWlzc2lvbnMoJHJ1bGVfZW52KSwKIAlw YXJhbWV0ZXJzID0+IHsKIAkgICAgYWRkaXRpb25hbFByb3BlcnRpZXMgPT4gMCwKZGlmZiAtLWdp dCBhL3NyYy9QVkUvQVBJMi9GaXJld2FsbC9WTS5wbSBiL3NyYy9QVkUvQVBJMi9GaXJld2FsbC9W TS5wbQppbmRleCA0MjIyMTAzLi43NWI0MzQ1IDEwMDY0NAotLS0gYS9zcmMvUFZFL0FQSTIvRmly ZXdhbGwvVk0ucG0KKysrIGIvc3JjL1BWRS9BUEkyL0ZpcmV3YWxsL1ZNLnBtCkBAIC02OSw2ICs2 OSw3IEBAIHN1YiByZWdpc3Rlcl9oYW5kbGVycyB7CiAJcGF0aCA9PiAnb3B0aW9ucycsCiAJbWV0 aG9kID0+ICdHRVQnLAogCWRlc2NyaXB0aW9uID0+ICJHZXQgVk0gZmlyZXdhbGwgb3B0aW9ucy4i LAorCXByb3RlY3RlZCA9PiAxLAogCXByb3h5dG8gPT4gJ25vZGUnLAogCXBlcm1pc3Npb25zID0+ IHsKIAkgICAgY2hlY2sgPT4gWydwZXJtJywgJy92bXMve3ZtaWR9JywgWyAnVk0uQXVkaXQnIF1d LApAQCAtMjM0LDYgKzIzNSw3IEBAIHN1YiByZWdpc3Rlcl9oYW5kbGVycyB7CiAJcGF0aCA9PiAn cmVmcycsCiAJbWV0aG9kID0+ICdHRVQnLAogCWRlc2NyaXB0aW9uID0+ICJMaXN0cyBwb3NzaWJs ZSBJUFNldC9BbGlhcyByZWZlcmVuY2Ugd2hpY2ggYXJlIGFsbG93ZWQgaW4gc291cmNlL2Rlc3Qg cHJvcGVydGllcy4iLAorCXByb3RlY3RlZCA9PiAxLAogCXBlcm1pc3Npb25zID0+IHsKIAkgICAg Y2hlY2sgPT4gWydwZXJtJywgJy92bXMve3ZtaWR9JywgWyAnVk0uQXVkaXQnIF1dLAogCX0sCkBA IC0yODIsOSArMjg0LDEwIEBAIHN1YiByZWdpc3Rlcl9oYW5kbGVycyB7CiAJICAgIG15ICRmd19j b25mID0gUFZFOjpGaXJld2FsbDo6bG9hZF92bWZ3X2NvbmYoJGNsdXN0ZXJfY29uZiwgJHJ1bGVf ZW52LCAkcGFyYW0tPnt2bWlkfSk7CiAKIAkgICAgbXkgJGRjX3JlZnMgPSBQVkU6OkZpcmV3YWxs OjpIZWxwZXJzOjpjb2xsZWN0X3JlZnMoJGNsdXN0ZXJfY29uZiwgJHBhcmFtLT57dHlwZX0sICdk YycpOworCSAgICBteSAkc2RuX3JlZnMgPSBQVkU6OkZpcmV3YWxsOjpIZWxwZXJzOjpjb2xsZWN0 X3JlZnMoJGNsdXN0ZXJfY29uZi0+e3Nkbn0sICRwYXJhbS0+e3R5cGV9LCAnc2RuJyk7CiAJICAg IG15ICR2bV9yZWZzID0gUFZFOjpGaXJld2FsbDo6SGVscGVyczo6Y29sbGVjdF9yZWZzKCRmd19j b25mLCAkcGFyYW0tPnt0eXBlfSwgJ2d1ZXN0Jyk7CiAKLQkgICAgcmV0dXJuIFtAJGRjX3JlZnMs IEAkdm1fcmVmc107CisJICAgIHJldHVybiBbQCRkY19yZWZzLCBAJHNkbl9yZWZzLCBAJHZtX3Jl ZnNdOwogCX19KTsKIH0KIAotLSAKMi4zOS41CgoKX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX18KcHZlLWRldmVsIG1haWxpbmcgbGlzdApwdmUtZGV2ZWxAbGlz dHMucHJveG1veC5jb20KaHR0cHM6Ly9saXN0cy5wcm94bW94LmNvbS9jZ2ktYmluL21haWxtYW4v bGlzdGluZm8vcHZlLWRldmVsCg==