From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH proxmox-firewall 1/3] run rustfmt
Date: Thu, 25 Sep 2025 12:05:07 +0200 [thread overview]
Message-ID: <20250925100514.130484-3-s.hanreich@proxmox.com> (raw)
In-Reply-To: <20250925100514.130484-1-s.hanreich@proxmox.com>
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
proxmox-firewall/src/config.rs | 6 +++---
proxmox-firewall/src/firewall.rs | 6 +++---
proxmox-firewall/src/object.rs | 6 +++---
proxmox-firewall/src/rule.rs | 30 ++++++++++++++----------------
4 files changed, 23 insertions(+), 25 deletions(-)
diff --git a/proxmox-firewall/src/config.rs b/proxmox-firewall/src/config.rs
index d6a4df5..8bd9f2a 100644
--- a/proxmox-firewall/src/config.rs
+++ b/proxmox-firewall/src/config.rs
@@ -3,7 +3,7 @@ use std::default::Default;
use std::fs::{self, DirEntry, File, ReadDir};
use std::io::{self, BufReader};
-use anyhow::{bail, format_err, Context, Error};
+use anyhow::{Context, Error, bail, format_err};
use proxmox_log as log;
@@ -17,10 +17,10 @@ use proxmox_ve_config::guest::types::Vmid;
use proxmox_ve_config::guest::{GuestEntry, GuestMap};
use proxmox_ve_config::host::types::BridgeName;
-use proxmox_network_api::{get_network_interfaces, AltnameMapping};
+use proxmox_network_api::{AltnameMapping, get_network_interfaces};
+use proxmox_nftables::NftClient;
use proxmox_nftables::command::{CommandOutput, Commands, List, ListOutput};
use proxmox_nftables::types::ListChain;
-use proxmox_nftables::NftClient;
use proxmox_ve_config::sdn::{
config::{RunningConfig, SdnConfig},
ipam::{Ipam, IpamJson},
diff --git a/proxmox-firewall/src/firewall.rs b/proxmox-firewall/src/firewall.rs
index 8cac190..5012610 100644
--- a/proxmox-firewall/src/firewall.rs
+++ b/proxmox-firewall/src/firewall.rs
@@ -1,7 +1,7 @@
use std::collections::BTreeMap;
use std::fs;
-use anyhow::{Error, bail};
+use anyhow::{bail, Error};
use proxmox_log as log;
@@ -25,17 +25,17 @@ use proxmox_ve_config::firewall::guest::Config as GuestConfig;
use proxmox_ve_config::firewall::host::Config as HostConfig;
use proxmox_network_types::ip_address::{Cidr, Ipv6Cidr};
-use proxmox_ve_config::firewall::types::Group;
use proxmox_ve_config::firewall::types::ipset::{
Ipfilter, Ipset, IpsetEntry, IpsetName, IpsetScope,
};
use proxmox_ve_config::firewall::types::log::{LogLevel as ConfigLogLevel, LogRateLimit};
use proxmox_ve_config::firewall::types::rule::{Direction, Verdict as ConfigVerdict};
+use proxmox_ve_config::firewall::types::Group;
use proxmox_ve_config::guest::types::Vmid;
use crate::config::FirewallConfig;
use crate::object::{NftObjectEnv, ToNftObjects};
-use crate::rule::{NftRule, NftRuleEnv, generate_verdict};
+use crate::rule::{generate_verdict, NftRule, NftRuleEnv};
static CLUSTER_TABLE_NAME: &str = "proxmox-firewall";
static HOST_TABLE_NAME: &str = "proxmox-firewall";
diff --git a/proxmox-firewall/src/object.rs b/proxmox-firewall/src/object.rs
index a7575bb..42423b9 100644
--- a/proxmox-firewall/src/object.rs
+++ b/proxmox-firewall/src/object.rs
@@ -1,19 +1,19 @@
-use anyhow::{Error, format_err};
+use anyhow::{format_err, Error};
use proxmox_log as log;
use proxmox_nftables::{
- Command, Expression,
command::{Add, Flush},
expression::Prefix,
types::{
AddCtHelper, AddElement, CtHelperProtocol, ElementType, L3Protocol, SetConfig, SetFlag,
SetName, TablePart,
},
+ Command, Expression,
};
use proxmox_ve_config::{
firewall::{
ct_helper::CtHelperMacro,
- types::{Alias, Ipset, alias::AliasName, ipset::IpsetAddress},
+ types::{alias::AliasName, ipset::IpsetAddress, Alias, Ipset},
},
guest::types::Vmid,
};
diff --git a/proxmox-firewall/src/rule.rs b/proxmox-firewall/src/rule.rs
index 77bc6ea..2512537 100644
--- a/proxmox-firewall/src/rule.rs
+++ b/proxmox-firewall/src/rule.rs
@@ -1,20 +1,19 @@
use std::ops::{Deref, DerefMut};
-use anyhow::{Error, bail, format_err};
+use anyhow::{bail, format_err, Error};
use proxmox_log as log;
use proxmox_nftables::{
- Expression, Statement,
expression::{Ct, IpFamily, Meta, Payload, Prefix},
statement::{Log, LogLevel, Match, Operator},
types::{AddRule, ChainPart, SetName, TableFamily, TablePart},
+ Expression, Statement,
};
use proxmox_ve_config::{
firewall::{
ct_helper::CtHelperMacro,
- fw_macros::{FwMacro, get_macro},
+ fw_macros::{get_macro, FwMacro},
types::{
- Alias, Rule,
alias::AliasName,
ipset::{Ipfilter, IpsetName},
log::LogRateLimit,
@@ -22,6 +21,7 @@ use proxmox_ve_config::{
rule_match::{
Icmp, Icmpv6, IpAddrMatch, IpMatch, Ports, Protocol, RuleMatch, Sctp, Tcp, Udp,
},
+ Alias, Rule,
},
},
guest::types::Vmid,
@@ -691,18 +691,16 @@ impl ToNftRules for Ipfilter<'_> {
if env.contains_family(Family::V4) {
base_rule.set_family(Family::V4);
- base_rule.append(&mut vec![
- Match::new_ne(
- Payload::field("arp", "saddr ip"),
- Expression::set_name(&SetName::ipset_name(
- Family::V4,
- self.ipset().name(),
- env.vmid,
- false,
- )),
- )
- .into(),
- ]);
+ base_rule.append(&mut vec![Match::new_ne(
+ Payload::field("arp", "saddr ip"),
+ Expression::set_name(&SetName::ipset_name(
+ Family::V4,
+ self.ipset().name(),
+ env.vmid,
+ false,
+ )),
+ )
+ .into()]);
rules.push(base_rule);
}
--
2.47.3
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-09-25 10:04 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-25 10:05 [pve-devel] [PATCH proxmox{-ve-rs, -firewall} 0/4] Fix ipfilters in proxmox-firewall Stefan Hanreich
2025-09-25 10:05 ` [pve-devel] [PATCH proxmox-ve-rs 1/1] config: guest: store network devices in BTreeMap Stefan Hanreich
2025-09-25 10:05 ` Stefan Hanreich [this message]
2025-09-25 10:05 ` [pve-devel] [PATCH proxmox-firewall 2/3] ipfilter: fix wrong entries for containers Stefan Hanreich
2025-09-25 10:05 ` [pve-devel] [PATCH proxmox-firewall 3/3] fix #6336: fix ipfilter matching logic Stefan Hanreich
2025-09-25 12:22 ` [pve-devel] superseded: [PATCH proxmox{-ve-rs, -firewall} 0/4] Fix ipfilters in proxmox-firewall Stefan Hanreich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250925100514.130484-3-s.hanreich@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox