From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 745131FF13A for ; Wed, 01 Apr 2026 16:41:24 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 3D38F31800; Wed, 1 Apr 2026 16:40:49 +0200 (CEST) From: Stefan Hanreich To: pve-devel@lists.proxmox.com Subject: [PATCH proxmox-ve-rs v2 15/34] ve-config: add prefix lists integration tests Date: Wed, 1 Apr 2026 16:39:24 +0200 Message-ID: <20260401143957.386809-16-s.hanreich@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260401143957.386809-1-s.hanreich@proxmox.com> References: <20260401143957.386809-1-s.hanreich@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1775054348871 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.708 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: GDKX4EEML44ZKORLVQFYDG7FLKCDBRNZ X-Message-ID-Hash: GDKX4EEML44ZKORLVQFYDG7FLKCDBRNZ X-MailFrom: s.hanreich@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox VE development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Add full integration test for reading prefix list configuration from a section config, parsing it and then writing a new FRR configuration from the section config file. Signed-off-by: Stefan Hanreich --- proxmox-ve-config/tests/prefix_lists/main.rs | 112 +++++++++++++++++++ 1 file changed, 112 insertions(+) create mode 100644 proxmox-ve-config/tests/prefix_lists/main.rs diff --git a/proxmox-ve-config/tests/prefix_lists/main.rs b/proxmox-ve-config/tests/prefix_lists/main.rs new file mode 100644 index 0000000..2ed4894 --- /dev/null +++ b/proxmox-ve-config/tests/prefix_lists/main.rs @@ -0,0 +1,112 @@ +#![cfg(feature = "frr")] + +use proxmox_ve_config::sdn::prefix_list::{frr::build_frr_prefix_lists, *}; + +use proxmox_frr::ser::{route_map::PrefixListRule as FrrPrefixListRule, FrrConfig}; + +use proxmox_frr::ser::route_map::{AccessAction, PrefixListName}; +use proxmox_frr::ser::serializer::dump; +use proxmox_network_types::Cidr; +use proxmox_section_config::typed::ApiSectionDataEntry; + +#[test] +fn test_build_prefix_list() -> Result<(), anyhow::Error> { + let section_config = r#" +prefix-list: example-1 + entries action=permit,prefix=192.0.2.0/24 + entries action=permit,prefix=192.0.2.0/24,le=32 + entries action=permit,prefix=192.0.2.0/24,le=32,ge=24,seq=123 + entries action=permit,prefix=192.0.2.0/24,ge=24 + entries action=permit,prefix=192.0.2.0/24,ge=24,le=31 + +prefix-list: example-3 + entries action=permit,prefix=192.0.2.0/24,seq=333 + entries action=permit,prefix=198.51.100.0/24,seq=222 + entries action=permit,prefix=203.0.113.0/24,seq=111 + +prefix-list: example-2 + entries action=deny,prefix=192.0.2.0/24,le=25 + entries action=permit,prefix=192.0.2.0/24 +"#; + + let config = PrefixList::parse_section_config("prefix-lists.cfg", section_config)?; + let mut frr_config = FrrConfig::default(); + + build_frr_prefix_lists( + config + .into_iter() + .map(|(_, route_map_entry)| route_map_entry), + &mut frr_config, + )?; + + assert_eq!( + dump(&frr_config)?, + r#"! +ip prefix-list example-1 permit 192.0.2.0/24 +ip prefix-list example-1 permit 192.0.2.0/24 le 32 +ip prefix-list example-1 seq 123 permit 192.0.2.0/24 le 32 ge 24 +ip prefix-list example-1 permit 192.0.2.0/24 ge 24 +ip prefix-list example-1 permit 192.0.2.0/24 le 31 ge 24 +! +ip prefix-list example-2 deny 192.0.2.0/24 le 25 +ip prefix-list example-2 permit 192.0.2.0/24 +! +ip prefix-list example-3 seq 333 permit 192.0.2.0/24 +ip prefix-list example-3 seq 222 permit 198.51.100.0/24 +ip prefix-list example-3 seq 111 permit 203.0.113.0/24 +"# + ); + + Ok(()) +} + +#[test] +fn test_build_prefix_list_overwrite() -> Result<(), anyhow::Error> { + let section_config = r#" +prefix-list: example-1 + entries action=permit,prefix=192.0.2.0/24 +"#; + + let config = PrefixList::parse_section_config("prefix-lists.cfg", section_config)?; + + let example_1_prefix_list = vec![FrrPrefixListRule { + action: AccessAction::Deny, + network: Cidr::new_v4([198, 51, 100, 0], 24).unwrap(), + seq: None, + le: None, + ge: None, + is_ipv6: false, + }]; + + let mut frr_config = FrrConfig::default(); + + frr_config.prefix_lists.insert( + PrefixListName::new("example-1".to_string()), + example_1_prefix_list.clone(), + ); + + build_frr_prefix_lists( + config + .into_iter() + .map(|(_, route_map_entry)| route_map_entry), + &mut frr_config, + )?; + + let new_prefix_list = frr_config + .prefix_lists + .get(&PrefixListName::new("example-1".to_string())) + .expect("'example-1' prefix list exists"); + + assert_ne!(&example_1_prefix_list, new_prefix_list); + + let generated_frr_config = dump(&frr_config)?; + + assert_eq!( + generated_frr_config, + r#"! +ip prefix-list example-1 permit 192.0.2.0/24 +"# + ); + + Ok(()) +} -- 2.47.3