From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 28F201FF16F for ; Fri, 15 Nov 2024 13:10:36 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id EB962123B7; Fri, 15 Nov 2024 13:10:19 +0100 (CET) From: Stefan Hanreich To: pve-devel@lists.proxmox.com Date: Fri, 15 Nov 2024 13:09:35 +0100 Message-Id: <20241115120937.169342-8-s.hanreich@proxmox.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241115120937.169342-1-s.hanreich@proxmox.com> References: <20241115120937.169342-1-s.hanreich@proxmox.com> MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.239 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH proxmox-perl-rs v4 7/9] add PVE::RS::Firewall::SDN module X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Cc: Wolfgang Bumiller Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" VXNlZCBmb3Igb2J0YWluaW5nIHRoZSBJUFNldHMgdGhhdCBnZXQgYXV0b2dlbmVyYXRlZCBieSB0 aGUgbmZ0YWJsZXMKZmlyZXdhbGwuIFRoZSByZXR1cm5lZCBjb25maWd1cmF0aW9uIGhhcyB0aGUg c2FtZSBmb3JtYXQgYXMgdGhlCnB2ZS1maXJld2FsbCB1c2VzIGludGVybmFsbHksIG1ha2luZyBp dCBjb21wYXRpYmxlIHdpdGggdGhlIGV4aXN0aW5nCnB2ZS1maXJld2FsbCBjb2RlLgoKU2lnbmVk LW9mZi1ieTogU3RlZmFuIEhhbnJlaWNoIDxzLmhhbnJlaWNoQHByb3htb3guY29tPgpSZXZpZXdl ZC1ieTogV29sZmdhbmcgQnVtaWxsZXIgPHcuYnVtaWxsZXJAcHJveG1veC5jb20+ClRlc3RlZC1i eTogR2FicmllbCBHb2xsZXIgPGcuZ29sbGVyQHByb3htb3guY29tPgpUZXN0ZWQtYnk6IEhhbm5l cyBEw7xyciA8aC5kdWVyckBwcm94bW94LmNvbT4KLS0tCiBwdmUtcnMvQ2FyZ28udG9tbCAgICAg ICAgICB8ICAgMSArCiBwdmUtcnMvTWFrZWZpbGUgICAgICAgICAgICB8ICAgMSArCiBwdmUtcnMv c3JjL2ZpcmV3YWxsL21vZC5ycyB8ICAgMSArCiBwdmUtcnMvc3JjL2ZpcmV3YWxsL3Nkbi5ycyB8 IDEzMCArKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrCiBwdmUtcnMvc3JjL2xp Yi5ycyAgICAgICAgICB8ICAgMSArCiA1IGZpbGVzIGNoYW5nZWQsIDEzNCBpbnNlcnRpb25zKCsp CiBjcmVhdGUgbW9kZSAxMDA2NDQgcHZlLXJzL3NyYy9maXJld2FsbC9tb2QucnMKIGNyZWF0ZSBt b2RlIDEwMDY0NCBwdmUtcnMvc3JjL2ZpcmV3YWxsL3Nkbi5ycwoKZGlmZiAtLWdpdCBhL3B2ZS1y cy9DYXJnby50b21sIGIvcHZlLXJzL0NhcmdvLnRvbWwKaW5kZXggOTQ3MGNiNy4uYzBhZjJiMyAx MDA2NDQKLS0tIGEvcHZlLXJzL0NhcmdvLnRvbWwKKysrIGIvcHZlLXJzL0NhcmdvLnRvbWwKQEAg LTQ1LDMgKzQ1LDQgQEAgcHJveG1veC1zdWJzY3JpcHRpb24gPSAiMC41IgogcHJveG1veC1zeXMg PSAiMC42IgogcHJveG1veC10ZmEgPSB7IHZlcnNpb24gPSAiNSIsIGZlYXR1cmVzID0gWyJhcGki XSB9CiBwcm94bW94LXRpbWUgPSAiMiIKK3Byb3htb3gtdmUtY29uZmlnID0geyB2ZXJzaW9uID0g IjAuMS4wIiB9CmRpZmYgLS1naXQgYS9wdmUtcnMvTWFrZWZpbGUgYi9wdmUtcnMvTWFrZWZpbGUK aW5kZXggYzZiNGUwOC4uZDAxZGE2OSAxMDA2NDQKLS0tIGEvcHZlLXJzL01ha2VmaWxlCisrKyBi L3B2ZS1ycy9NYWtlZmlsZQpAQCAtMjgsNiArMjgsNyBAQCBQRVJMTU9EX0dFTlBBQ0tBR0UgOj0g L3Vzci9saWIvcGVybG1vZC9nZW5wYWNrYWdlLnBsIFwKIAogUEVSTE1PRF9QQUNLQUdFUyA6PSBc CiAJICBQVkU6OlJTOjpBUFQ6OlJlcG9zaXRvcmllcyBcCisJICBQVkU6OlJTOjpGaXJld2FsbDo6 U0ROIFwKIAkgIFBWRTo6UlM6Ok9wZW5JZCBcCiAJICBQVkU6OlJTOjpSZXNvdXJjZVNjaGVkdWxp bmc6OlN0YXRpYyBcCiAJICBQVkU6OlJTOjpURkEKZGlmZiAtLWdpdCBhL3B2ZS1ycy9zcmMvZmly ZXdhbGwvbW9kLnJzIGIvcHZlLXJzL3NyYy9maXJld2FsbC9tb2QucnMKbmV3IGZpbGUgbW9kZSAx MDA2NDQKaW5kZXggMDAwMDAwMC4uOGJkMThhOAotLS0gL2Rldi9udWxsCisrKyBiL3B2ZS1ycy9z cmMvZmlyZXdhbGwvbW9kLnJzCkBAIC0wLDAgKzEgQEAKK3B1YiBtb2Qgc2RuOwpkaWZmIC0tZ2l0 IGEvcHZlLXJzL3NyYy9maXJld2FsbC9zZG4ucnMgYi9wdmUtcnMvc3JjL2ZpcmV3YWxsL3Nkbi5y cwpuZXcgZmlsZSBtb2RlIDEwMDY0NAppbmRleCAwMDAwMDAwLi41MDQ5Zjc0Ci0tLSAvZGV2L251 bGwKKysrIGIvcHZlLXJzL3NyYy9maXJld2FsbC9zZG4ucnMKQEAgLTAsMCArMSwxMzAgQEAKKyNb cGVybG1vZDo6cGFja2FnZShuYW1lID0gIlBWRTo6UlM6OkZpcmV3YWxsOjpTRE4iLCBsaWIgPSAi cHZlX3JzIildCittb2QgZXhwb3J0IHsKKyAgICB1c2Ugc3RkOjpjb2xsZWN0aW9uczo6SGFzaE1h cDsKKyAgICB1c2Ugc3RkOjp7ZnMsIGlvfTsKKworICAgIHVzZSBhbnlob3c6OntiYWlsLCBDb250 ZXh0LCBFcnJvcn07CisgICAgdXNlIHNlcmRlOjpTZXJpYWxpemU7CisKKyAgICB1c2UgcHJveG1v eF92ZV9jb25maWc6OnsKKyAgICAgICAgY29tbW9uOjpBbGxvd2xpc3QsCisgICAgICAgIGZpcmV3 YWxsOjp0eXBlczo6aXBzZXQ6OntJcHNldEFkZHJlc3MsIElwc2V0RW50cnl9LAorICAgICAgICBm aXJld2FsbDo6dHlwZXM6Oklwc2V0LAorICAgICAgICBndWVzdDo6dHlwZXM6OlZtaWQsCisgICAg ICAgIHNkbjo6eworICAgICAgICAgICAgY29uZmlnOjp7UnVubmluZ0NvbmZpZywgU2RuQ29uZmln fSwKKyAgICAgICAgICAgIGlwYW06OntJcGFtLCBJcGFtSnNvbn0sCisgICAgICAgICAgICBWbmV0 TmFtZSwKKyAgICAgICAgfSwKKyAgICB9OworCisgICAgI1tkZXJpdmUoQ2xvbmUsIERlYnVnLCBE ZWZhdWx0LCBTZXJpYWxpemUpXQorICAgIHB1YiBzdHJ1Y3QgTGVnYWN5SXBzZXRFbnRyeSB7Cisg ICAgICAgIG5vbWF0Y2g6IGJvb2wsCisgICAgICAgIGNpZHI6IFN0cmluZywKKyAgICAgICAgY29t bWVudDogT3B0aW9uPFN0cmluZz4sCisgICAgfQorCisgICAgaW1wbCBMZWdhY3lJcHNldEVudHJ5 IHsKKyAgICAgICAgcHViIGZuIGZyb21faXBzZXRfZW50cnkoZW50cnk6ICZJcHNldEVudHJ5KSAt PiBWZWM8TGVnYWN5SXBzZXRFbnRyeT4geworICAgICAgICAgICAgbGV0IG11dCBlbnRyaWVzID0g VmVjOjpuZXcoKTsKKworICAgICAgICAgICAgbWF0Y2ggJmVudHJ5LmFkZHJlc3MgeworICAgICAg ICAgICAgICAgIElwc2V0QWRkcmVzczo6QWxpYXMobmFtZSkgPT4geworICAgICAgICAgICAgICAg ICAgICBlbnRyaWVzLnB1c2goU2VsZiB7CisgICAgICAgICAgICAgICAgICAgICAgICBub21hdGNo OiBlbnRyeS5ub21hdGNoLAorICAgICAgICAgICAgICAgICAgICAgICAgY2lkcjogbmFtZS50b19z dHJpbmcoKSwKKyAgICAgICAgICAgICAgICAgICAgICAgIGNvbW1lbnQ6IGVudHJ5LmNvbW1lbnQu Y2xvbmUoKSwKKyAgICAgICAgICAgICAgICAgICAgfSk7CisgICAgICAgICAgICAgICAgfQorICAg ICAgICAgICAgICAgIElwc2V0QWRkcmVzczo6Q2lkcihjaWRyKSA9PiB7CisgICAgICAgICAgICAg ICAgICAgIGVudHJpZXMucHVzaChTZWxmIHsKKyAgICAgICAgICAgICAgICAgICAgICAgIG5vbWF0 Y2g6IGVudHJ5Lm5vbWF0Y2gsCisgICAgICAgICAgICAgICAgICAgICAgICBjaWRyOiBjaWRyLnRv X3N0cmluZygpLAorICAgICAgICAgICAgICAgICAgICAgICAgY29tbWVudDogZW50cnkuY29tbWVu dC5jbG9uZSgpLAorICAgICAgICAgICAgICAgICAgICB9KTsKKyAgICAgICAgICAgICAgICB9Cisg ICAgICAgICAgICAgICAgSXBzZXRBZGRyZXNzOjpSYW5nZShyYW5nZSkgPT4geworICAgICAgICAg ICAgICAgICAgICBlbnRyaWVzLmV4dGVuZChyYW5nZS50b19jaWRycygpLmludG9faXRlcigpLm1h cCh8Y2lkcnwgU2VsZiB7CisgICAgICAgICAgICAgICAgICAgICAgICBub21hdGNoOiBlbnRyeS5u b21hdGNoLAorICAgICAgICAgICAgICAgICAgICAgICAgY2lkcjogY2lkci50b19zdHJpbmcoKSwK KyAgICAgICAgICAgICAgICAgICAgICAgIGNvbW1lbnQ6IGVudHJ5LmNvbW1lbnQuY2xvbmUoKSwK KyAgICAgICAgICAgICAgICAgICAgfSkpCisgICAgICAgICAgICAgICAgfQorICAgICAgICAgICAg fTsKKworICAgICAgICAgICAgZW50cmllcworICAgICAgICB9CisgICAgfQorCisgICAgI1tkZXJp dmUoQ2xvbmUsIERlYnVnLCBEZWZhdWx0LCBTZXJpYWxpemUpXQorICAgIHB1YiBzdHJ1Y3QgU2Ru RmlyZXdhbGxDb25maWcgeworICAgICAgICBpcHNldDogSGFzaE1hcDxTdHJpbmcsIFZlYzxMZWdh Y3lJcHNldEVudHJ5Pj4sCisgICAgICAgIGlwc2V0X2NvbW1lbnRzOiBIYXNoTWFwPFN0cmluZywg U3RyaW5nPiwKKyAgICB9CisKKyAgICBpbXBsIFNkbkZpcmV3YWxsQ29uZmlnIHsKKyAgICAgICAg cHViIGZuIG5ldygpIC0+IFNlbGYgeworICAgICAgICAgICAgRGVmYXVsdDo6ZGVmYXVsdCgpCisg ICAgICAgIH0KKworICAgICAgICBwdWIgZm4gZXh0ZW5kX2lwc2V0cygmbXV0IHNlbGYsIGlwc2V0 czogaW1wbCBJbnRvSXRlcmF0b3I8SXRlbSA9IElwc2V0PikgeworICAgICAgICAgICAgZm9yIGlw c2V0IGluIGlwc2V0cyB7CisgICAgICAgICAgICAgICAgbGV0IGVudHJpZXMgPSBpcHNldAorICAg ICAgICAgICAgICAgICAgICAuaXRlcigpCisgICAgICAgICAgICAgICAgICAgIC5mbGF0X21hcChM ZWdhY3lJcHNldEVudHJ5Ojpmcm9tX2lwc2V0X2VudHJ5KQorICAgICAgICAgICAgICAgICAgICAu Y29sbGVjdCgpOworCisgICAgICAgICAgICAgICAgc2VsZi5pcHNldC5pbnNlcnQoaXBzZXQubmFt ZSgpLm5hbWUoKS50b19zdHJpbmcoKSwgZW50cmllcyk7CisKKyAgICAgICAgICAgICAgICBpZiBs ZXQgU29tZShjb21tZW50KSA9ICZpcHNldC5jb21tZW50IHsKKyAgICAgICAgICAgICAgICAgICAg c2VsZi5pcHNldF9jb21tZW50cworICAgICAgICAgICAgICAgICAgICAgICAgLmluc2VydChpcHNl dC5uYW1lKCkubmFtZSgpLnRvX3N0cmluZygpLCBjb21tZW50LnRvX3N0cmluZygpKTsKKyAgICAg ICAgICAgICAgICB9CisgICAgICAgICAgICB9CisgICAgICAgIH0KKyAgICB9CisKKyAgICBjb25z dCBTRE5fUlVOTklOR19DT05GSUc6ICZzdHIgPSAiL2V0Yy9wdmUvc2RuLy5ydW5uaW5nLWNvbmZp ZyI7CisgICAgY29uc3QgU0ROX0lQQU06ICZzdHIgPSAiL2V0Yy9wdmUvcHJpdi9pcGFtLmRiIjsK KworICAgICNbZXhwb3J0XQorICAgIHB1YiBmbiBjb25maWcoCisgICAgICAgIHZuZXRfZmlsdGVy OiBPcHRpb248VmVjPFZuZXROYW1lPj4sCisgICAgICAgIHZtX2ZpbHRlcjogT3B0aW9uPFZlYzxW bWlkPj4sCisgICAgKSAtPiBSZXN1bHQ8U2RuRmlyZXdhbGxDb25maWcsIEVycm9yPiB7CisgICAg ICAgIGxldCBtdXQgcmVmcyA9IFNkbkZpcmV3YWxsQ29uZmlnOjpuZXcoKTsKKworICAgICAgICBt YXRjaCBmczo6cmVhZF90b19zdHJpbmcoU0ROX1JVTk5JTkdfQ09ORklHKSB7CisgICAgICAgICAg ICBPayhkYXRhKSA9PiB7CisgICAgICAgICAgICAgICAgbGV0IHJ1bm5pbmdfY29uZmlnOiBSdW5u aW5nQ29uZmlnID0gc2VyZGVfanNvbjo6ZnJvbV9zdHIoJmRhdGEpPzsKKyAgICAgICAgICAgICAg ICBsZXQgc2RuX2NvbmZpZyA9IFNkbkNvbmZpZzo6dHJ5X2Zyb20ocnVubmluZ19jb25maWcpCisg ICAgICAgICAgICAgICAgICAgIC53aXRoX2NvbnRleHQofHwgIkZhaWxlZCB0byBwYXJzZSBTRE4g Y29uZmlnIi50b19zdHJpbmcoKSk/OworCisgICAgICAgICAgICAgICAgbGV0IGFsbG93bGlzdCA9 IHZuZXRfZmlsdGVyLm1hcChBbGxvd2xpc3Q6OmZyb21faXRlcik7CisgICAgICAgICAgICAgICAg cmVmcy5leHRlbmRfaXBzZXRzKHNkbl9jb25maWcuaXBzZXRzKGFsbG93bGlzdC5hc19yZWYoKSkp OworICAgICAgICAgICAgfQorICAgICAgICAgICAgRXJyKGUpIGlmIGUua2luZCgpID09IGlvOjpF cnJvcktpbmQ6Ok5vdEZvdW5kID0+ICgpLAorICAgICAgICAgICAgRXJyKGUpID0+IHsKKyAgICAg ICAgICAgICAgICBiYWlsISgiQ2Fubm90IG9wZW4gU0ROIHJ1bm5pbmcgY29uZmlnOiB7ZTojfSIp OworICAgICAgICAgICAgfQorICAgICAgICB9OworCisgICAgICAgIG1hdGNoIGZzOjpyZWFkX3Rv X3N0cmluZyhTRE5fSVBBTSkgeworICAgICAgICAgICAgT2soZGF0YSkgPT4geworICAgICAgICAg ICAgICAgIGxldCBpcGFtX2pzb246IElwYW1Kc29uID0gc2VyZGVfanNvbjo6ZnJvbV9zdHIoJmRh dGEpPzsKKyAgICAgICAgICAgICAgICBsZXQgaXBhbTogSXBhbSA9IElwYW06OnRyeV9mcm9tKGlw YW1fanNvbikKKyAgICAgICAgICAgICAgICAgICAgLndpdGhfY29udGV4dCh8fCAiRmFpbGVkIHRv IHBhcnNlIElQQU0iLnRvX3N0cmluZygpKT87CisKKyAgICAgICAgICAgICAgICBsZXQgYWxsb3ds aXN0ID0gdm1fZmlsdGVyLm1hcChBbGxvd2xpc3Q6OmZyb21faXRlcik7CisgICAgICAgICAgICAg ICAgcmVmcy5leHRlbmRfaXBzZXRzKGlwYW0uaXBzZXRzKGFsbG93bGlzdC5hc19yZWYoKSkpOwor ICAgICAgICAgICAgfQorICAgICAgICAgICAgRXJyKGUpIGlmIGUua2luZCgpID09IGlvOjpFcnJv cktpbmQ6Ok5vdEZvdW5kID0+ICgpLAorICAgICAgICAgICAgRXJyKGUpID0+IHsKKyAgICAgICAg ICAgICAgICBiYWlsISgiQ2Fubm90IG9wZW4gSVBBTSBkYXRhYmFzZToge2U6I30iKTsKKyAgICAg ICAgICAgIH0KKyAgICAgICAgfTsKKworICAgICAgICBPayhyZWZzKQorICAgIH0KK30KZGlmZiAt LWdpdCBhL3B2ZS1ycy9zcmMvbGliLnJzIGIvcHZlLXJzL3NyYy9saWIucnMKaW5kZXggNWU0N2Fj Ni4uM2RlMzdkMSAxMDA2NDQKLS0tIGEvcHZlLXJzL3NyYy9saWIucnMKKysrIGIvcHZlLXJzL3Ny Yy9saWIucnMKQEAgLTEyLDYgKzEyLDcgQEAgdXNlIHByb3htb3hfbm90aWZ5Ojp7Q29uZmlnLCBO b3RpZmljYXRpb24sIFNldmVyaXR5fTsKIHB1YiBtb2QgY29tbW9uOwogCiBwdWIgbW9kIGFwdDsK K3B1YiBtb2QgZmlyZXdhbGw7CiBwdWIgbW9kIG9wZW5pZDsKIHB1YiBtb2QgcmVzb3VyY2Vfc2No ZWR1bGluZzsKIHB1YiBtb2QgdGZhOwotLSAKMi4zOS41CgoKX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX18KcHZlLWRldmVsIG1haWxpbmcgbGlzdApwdmUtZGV2 ZWxAbGlzdHMucHJveG1veC5jb20KaHR0cHM6Ly9saXN0cy5wcm94bW94LmNvbS9jZ2ktYmluL21h aWxtYW4vbGlzdGluZm8vcHZlLWRldmVsCg==