From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id E2B0B1FF187
	for <inbox@lore.proxmox.com>; Tue,  2 Dec 2025 12:27:34 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 1F6FBCF2D;
	Tue,  2 Dec 2025 12:27:58 +0100 (CET)
From: Robert Obkircher <r.obkircher@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Tue,  2 Dec 2025 12:25:48 +0100
Message-ID: <20251202112700.40081-1-r.obkircher@proxmox.com>
X-Mailer: git-send-email 2.47.3
MIME-Version: 1.0
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1764674799947
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.074 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: [pve-devel] [PATCH v1 proxmox-firewall] cargo fmt
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

Signed-off-by: Robert Obkircher <r.obkircher@proxmox.com>
---
 proxmox-firewall/src/config.rs   |  2 +-
 proxmox-firewall/src/firewall.rs |  6 +++---
 proxmox-firewall/src/object.rs   |  6 +++---
 proxmox-firewall/src/rule.rs     | 30 ++++++++++++++++--------------
 4 files changed, 23 insertions(+), 21 deletions(-)

diff --git a/proxmox-firewall/src/config.rs b/proxmox-firewall/src/config.rs
index aa8829f..9d82c60 100644
--- a/proxmox-firewall/src/config.rs
+++ b/proxmox-firewall/src/config.rs
@@ -13,8 +13,8 @@ use proxmox_ve_config::firewall::guest::Config as GuestConfig;
 use proxmox_ve_config::firewall::host::Config as HostConfig;
 use proxmox_ve_config::firewall::types::alias::{Alias, AliasScope, RuleAliasName};
 
-use proxmox_ve_config::firewall::types::ipset::{IpsetScope, RuleIpsetName};
 use proxmox_ve_config::firewall::types::Ipset;
+use proxmox_ve_config::firewall::types::ipset::{IpsetScope, RuleIpsetName};
 use proxmox_ve_config::guest::types::Vmid;
 use proxmox_ve_config::guest::{GuestEntry, GuestMap};
 use proxmox_ve_config::host::types::BridgeName;
diff --git a/proxmox-firewall/src/firewall.rs b/proxmox-firewall/src/firewall.rs
index 58f4aec..2dbfef7 100644
--- a/proxmox-firewall/src/firewall.rs
+++ b/proxmox-firewall/src/firewall.rs
@@ -1,7 +1,7 @@
 use std::collections::BTreeMap;
 use std::fs;
 
-use anyhow::{bail, Error};
+use anyhow::{Error, bail};
 
 use proxmox_log as log;
 
@@ -25,17 +25,17 @@ use proxmox_ve_config::firewall::guest::Config as GuestConfig;
 use proxmox_ve_config::firewall::host::Config as HostConfig;
 
 use proxmox_network_types::ip_address::{Cidr, Ipv4Cidr, Ipv6Cidr};
+use proxmox_ve_config::firewall::types::Group;
 use proxmox_ve_config::firewall::types::ipset::{
     Ipfilter, Ipset, IpsetEntry, IpsetName, IpsetScope,
 };
 use proxmox_ve_config::firewall::types::log::{LogLevel as ConfigLogLevel, LogRateLimit};
 use proxmox_ve_config::firewall::types::rule::{Direction, Verdict as ConfigVerdict};
-use proxmox_ve_config::firewall::types::Group;
 use proxmox_ve_config::guest::types::Vmid;
 
 use crate::config::FirewallConfig;
 use crate::object::{NftObjectEnv, ToNftObjects};
-use crate::rule::{generate_verdict, NftRule, NftRuleEnv};
+use crate::rule::{NftRule, NftRuleEnv, generate_verdict};
 
 static CLUSTER_TABLE_NAME: &str = "proxmox-firewall";
 static HOST_TABLE_NAME: &str = "proxmox-firewall";
diff --git a/proxmox-firewall/src/object.rs b/proxmox-firewall/src/object.rs
index 5dde7c2..9438fe3 100644
--- a/proxmox-firewall/src/object.rs
+++ b/proxmox-firewall/src/object.rs
@@ -1,19 +1,19 @@
-use anyhow::{format_err, Error};
+use anyhow::{Error, format_err};
 
 use proxmox_log as log;
 use proxmox_nftables::{
+    Command, Expression,
     command::{Add, Flush},
     expression::Prefix,
     types::{
         AddCtHelper, AddElement, CtHelperProtocol, ElementType, L3Protocol, SetConfig, SetFlag,
         SetName, TablePart,
     },
-    Command, Expression,
 };
 use proxmox_ve_config::{
     firewall::{
         ct_helper::CtHelperMacro,
-        types::{alias::RuleAliasName, ipset::IpsetAddress, Alias, Ipset},
+        types::{Alias, Ipset, alias::RuleAliasName, ipset::IpsetAddress},
     },
     guest::types::Vmid,
 };
diff --git a/proxmox-firewall/src/rule.rs b/proxmox-firewall/src/rule.rs
index 0a4f110..b79f91c 100644
--- a/proxmox-firewall/src/rule.rs
+++ b/proxmox-firewall/src/rule.rs
@@ -1,19 +1,20 @@
 use std::ops::{Deref, DerefMut};
 
-use anyhow::{bail, format_err, Error};
+use anyhow::{Error, bail, format_err};
 
 use proxmox_log as log;
 use proxmox_nftables::{
+    Expression, Statement,
     expression::{Ct, IpFamily, Meta, Payload, Prefix},
     statement::{Log, LogLevel, Match, Operator},
     types::{AddRule, ChainPart, SetName, TableFamily, TablePart},
-    Expression, Statement,
 };
 use proxmox_ve_config::{
     firewall::{
         ct_helper::CtHelperMacro,
-        fw_macros::{get_macro, FwMacro},
+        fw_macros::{FwMacro, get_macro},
         types::{
+            Alias, Ipset, Rule,
             alias::RuleAliasName,
             ipset::{Ipfilter, IpsetName, RuleIpsetName},
             log::LogRateLimit,
@@ -21,7 +22,6 @@ use proxmox_ve_config::{
             rule_match::{
                 Icmp, Icmpv6, IpAddrMatch, IpMatch, Ports, Protocol, RuleMatch, Sctp, Tcp, Udp,
             },
-            Alias, Ipset, Rule,
         },
     },
     guest::types::Vmid,
@@ -812,16 +812,18 @@ impl ToNftRules for Ipfilter<'_> {
                 if env.contains_family(Family::V4) {
                     base_rule.set_family(Family::V4);
 
-                    base_rule.append(&mut vec![Match::new_ne(
-                        Payload::field("arp", "saddr ip"),
-                        Expression::set_name(&SetName::ipset_name(
-                            Family::V4,
-                            self.ipset().name(),
-                            env.vmid,
-                            false,
-                        )),
-                    )
-                    .into()]);
+                    base_rule.append(&mut vec![
+                        Match::new_ne(
+                            Payload::field("arp", "saddr ip"),
+                            Expression::set_name(&SetName::ipset_name(
+                                Family::V4,
+                                self.ipset().name(),
+                                env.vmid,
+                                false,
+                            )),
+                        )
+                        .into(),
+                    ]);
 
                     rules.push(base_rule);
                 }
-- 
2.47.3



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel