From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 484CF1FF161 for ; Tue, 13 Aug 2024 18:09:46 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 42E356A9F; Tue, 13 Aug 2024 18:10:01 +0200 (CEST) Date: Tue, 13 Aug 2024 18:09:22 +0200 Message-Id: To: "Proxmox VE development discussion" From: "Max Carrara" Mime-Version: 1.0 X-Mailer: aerc 0.17.0-72-g6a84f1331f1c References: <20240626121550.292290-1-s.hanreich@proxmox.com> <20240626121550.292290-6-s.hanreich@proxmox.com> In-Reply-To: <20240626121550.292290-6-s.hanreich@proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL 0.039 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: Re: [pve-devel] [PATCH proxmox-ve-rs 05/21] iprange: add methods for converting an ip range to cidrs X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" On Wed Jun 26, 2024 at 2:15 PM CEST, Stefan Hanreich wrote: > This is mainly used in proxmox-perl-rs, so the generated ipsets can be > used in pve-firewall where only CIDRs are supported. > > Signed-off-by: Stefan Hanreich > --- > .../src/firewall/types/address.rs | 818 ++++++++++++++++++ > 1 file changed, 818 insertions(+) > > diff --git a/proxmox-ve-config/src/firewall/types/address.rs b/proxmox-ve-config/src/firewall/types/address.rs > index 8db3942..3238601 100644 > --- a/proxmox-ve-config/src/firewall/types/address.rs > +++ b/proxmox-ve-config/src/firewall/types/address.rs > @@ -303,6 +303,17 @@ impl IpRange { > ) -> Result { > Ok(IpRange::V6(AddressRange::new_v6(start, end)?)) > } > + > + /// converts an IpRange into the minimal amount of CIDRs > + /// > + /// see the concrete implementations of [`AddressRange`] or [`AddressRange`] > + /// respectively > + pub fn to_cidrs(&self) -> Vec { > + match self { > + IpRange::V4(range) => range.to_cidrs().into_iter().map(Cidr::from).collect(), > + IpRange::V6(range) => range.to_cidrs().into_iter().map(Cidr::from).collect(), > + } > + } > } > > impl std::str::FromStr for IpRange { > @@ -362,6 +373,71 @@ impl AddressRange { > > Ok(Self { start, end }) > } > + > + /// returns the minimum amount of CIDRs that exactly represent the range > + /// > + /// The idea behind this algorithm is as follows: > + /// > + /// Start iterating with current = start of the IP range > + /// > + /// Find two netmasks > + /// * The largest CIDR that the current IP can be the first of > + /// * The largest CIDR that *only* contains IPs from current - end > + /// > + /// Add the smaller of the two CIDRs to our result and current to the first IP that is in > + /// the range but not in the CIDR we just added. Proceed until we reached the end of the IP > + /// range. Would maaaaybe prefer some more inline formatting / minor rewording regarding the algorithm's steps above, simply for readability's sake (e.g. when rendering the docs). Sort of like: 1. Start iteration: Set `current` to `start` of the IP range 2. Find two netmasks: - The largest CIDR that the `current` IP can be the first of - The largest CIDR that *only* contains IPs from `current` to `end` 3. Add the smaller of the two CIDRs to our result and `current` to the first IP that is in the range but *not* in the CIDR we just added. Proceed until we reached the end of the IP range. Again, just a small thing, but thought I'd mention it. > + /// > + pub fn to_cidrs(&self) -> Vec { > + let mut cidrs = Vec::new(); > + > + let mut current = u32::from_be_bytes(self.start.octets()); > + let end = u32::from_be_bytes(self.end.octets()); > + > + if current == end { > + // valid Ipv4 since netmask is 32 > + cidrs.push(Ipv4Cidr::new(current, 32).unwrap()); > + return cidrs; > + } > + > + // special case this, since this is the only possibility of overflow > + // when calculating delta_min_mask - makes everything a lot easier > + if current == u32::MIN && end == u32::MAX { > + // valid Ipv4 since it is `0.0.0.0/0` > + cidrs.push(Ipv4Cidr::new(current, 0).unwrap()); > + return cidrs; > + } > + > + while current <= end { > + // netmask of largest CIDR that current IP can be the first of > + // cast is safe, because trailing zeroes can at most be 32 > + let current_max_mask = IPV4_LENGTH - (current.trailing_zeros() as u8); > + > + // netmask of largest CIDR that *only* contains IPs of the remaining range > + // is at most 32 due to unwrap_or returning 32 and ilog2 being at most 31 > + let delta_min_mask = ((end - current) + 1) // safe due to special case above > + .checked_ilog2() // should never occur due to special case, but for good measure > + .map(|mask| IPV4_LENGTH - mask as u8) > + .unwrap_or(IPV4_LENGTH); > + > + // at most 32, due to current/delta being at most 32 > + let netmask = u8::max(current_max_mask, delta_min_mask); > + > + // netmask is at most 32, therefore safe to unwrap > + cidrs.push(Ipv4Cidr::new(current, netmask).unwrap()); > + > + let delta = 2u32.saturating_pow((IPV4_LENGTH - netmask).into()); > + > + if let Some(result) = current.checked_add(delta) { > + current = result > + } else { > + // we reached the end of IP address space > + break; > + } > + } > + > + cidrs > + } > } > > impl AddressRange { > @@ -377,6 +453,61 @@ impl AddressRange { > > Ok(Self { start, end }) > } > + > + /// returns the minimum amount of CIDRs that exactly represent the range > + /// > + /// This function works analogous to the IPv4 version, please refer to the respective > + /// documentation of [`AddressRange`] > + pub fn to_cidrs(&self) -> Vec { > + let mut cidrs = Vec::new(); > + > + let mut current = u128::from_be_bytes(self.start.octets()); > + let end = u128::from_be_bytes(self.end.octets()); > + > + if current == end { > + // valid Ipv6 since netmask is 128 > + cidrs.push(Ipv6Cidr::new(current, 128).unwrap()); > + return cidrs; > + } > + > + // special case this, since this is the only possibility of overflow > + // when calculating delta_min_mask - makes everything a lot easier > + if current == u128::MIN && end == u128::MAX { > + // valid Ipv6 since it is `::/0` > + cidrs.push(Ipv6Cidr::new(current, 0).unwrap()); > + return cidrs; > + } > + > + while current <= end { > + // netmask of largest CIDR that current IP can be the first of > + // cast is safe, because trailing zeroes can at most be 128 > + let current_max_mask = IPV6_LENGTH - (current.trailing_zeros() as u8); > + > + // netmask of largest CIDR that *only* contains IPs of the remaining range > + // is at most 128 due to unwrap_or returning 128 and ilog2 being at most 31 > + let delta_min_mask = ((end - current) + 1) // safe due to special case above > + .checked_ilog2() // should never occur due to special case, but for good measure > + .map(|mask| IPV6_LENGTH - mask as u8) > + .unwrap_or(IPV6_LENGTH); > + > + // at most 128, due to current/delta being at most 128 > + let netmask = u8::max(current_max_mask, delta_min_mask); > + > + // netmask is at most 128, therefore safe to unwrap > + cidrs.push(Ipv6Cidr::new(current, netmask).unwrap()); > + > + let delta = 2u128.saturating_pow((IPV6_LENGTH - netmask).into()); > + > + if let Some(result) = current.checked_add(delta) { > + current = result > + } else { > + // we reached the end of IP address space > + break; > + } > + } > + > + cidrs > + } > } > > impl AddressRange { > @@ -811,4 +942,691 @@ mod tests { > "10.0.0.1-10.0.0.0".parse::().unwrap_err(); > "2001:db8::1-2001:db8::0".parse::().unwrap_err(); > } > + > + #[test] > + fn test_ipv4_to_cidrs() { > + let range = AddressRange::new_v4([192, 168, 0, 100], [192, 168, 0, 100]).unwrap(); > + > + assert_eq!( > + [Ipv4Cidr::new([192, 168, 0, 100], 32).unwrap()], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([192, 168, 0, 100], [192, 168, 0, 200]).unwrap(); > + > + assert_eq!( > + [ > + Ipv4Cidr::new([192, 168, 0, 100], 30).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 104], 29).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 112], 28).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 128], 26).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 192], 29).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 200], 32).unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([192, 168, 0, 101], [192, 168, 0, 200]).unwrap(); > + > + assert_eq!( > + [ > + Ipv4Cidr::new([192, 168, 0, 101], 32).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 102], 31).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 104], 29).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 112], 28).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 128], 26).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 192], 29).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 200], 32).unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([192, 168, 0, 101], [192, 168, 0, 101]).unwrap(); > + > + assert_eq!( > + [Ipv4Cidr::new([192, 168, 0, 101], 32).unwrap()], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([192, 168, 0, 101], [192, 168, 0, 201]).unwrap(); > + > + assert_eq!( > + [ > + Ipv4Cidr::new([192, 168, 0, 101], 32).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 102], 31).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 104], 29).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 112], 28).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 128], 26).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 192], 29).unwrap(), > + Ipv4Cidr::new([192, 168, 0, 200], 31).unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([192, 168, 0, 0], [192, 168, 0, 255]).unwrap(); > + > + assert_eq!( > + [Ipv4Cidr::new([192, 168, 0, 0], 24).unwrap(),], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([0, 0, 0, 0], [255, 255, 255, 255]).unwrap(); > + > + assert_eq!( > + [Ipv4Cidr::new([0, 0, 0, 0], 0).unwrap(),], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([0, 0, 0, 1], [255, 255, 255, 255]).unwrap(); > + > + assert_eq!( > + [ > + Ipv4Cidr::new([0, 0, 0, 1], 32).unwrap(), > + Ipv4Cidr::new([0, 0, 0, 2], 31).unwrap(), > + Ipv4Cidr::new([0, 0, 0, 4], 30).unwrap(), > + Ipv4Cidr::new([0, 0, 0, 8], 29).unwrap(), > + Ipv4Cidr::new([0, 0, 0, 16], 28).unwrap(), > + Ipv4Cidr::new([0, 0, 0, 32], 27).unwrap(), > + Ipv4Cidr::new([0, 0, 0, 64], 26).unwrap(), > + Ipv4Cidr::new([0, 0, 0, 128], 25).unwrap(), > + Ipv4Cidr::new([0, 0, 1, 0], 24).unwrap(), > + Ipv4Cidr::new([0, 0, 2, 0], 23).unwrap(), > + Ipv4Cidr::new([0, 0, 4, 0], 22).unwrap(), > + Ipv4Cidr::new([0, 0, 8, 0], 21).unwrap(), > + Ipv4Cidr::new([0, 0, 16, 0], 20).unwrap(), > + Ipv4Cidr::new([0, 0, 32, 0], 19).unwrap(), > + Ipv4Cidr::new([0, 0, 64, 0], 18).unwrap(), > + Ipv4Cidr::new([0, 0, 128, 0], 17).unwrap(), > + Ipv4Cidr::new([0, 1, 0, 0], 16).unwrap(), > + Ipv4Cidr::new([0, 2, 0, 0], 15).unwrap(), > + Ipv4Cidr::new([0, 4, 0, 0], 14).unwrap(), > + Ipv4Cidr::new([0, 8, 0, 0], 13).unwrap(), > + Ipv4Cidr::new([0, 16, 0, 0], 12).unwrap(), > + Ipv4Cidr::new([0, 32, 0, 0], 11).unwrap(), > + Ipv4Cidr::new([0, 64, 0, 0], 10).unwrap(), > + Ipv4Cidr::new([0, 128, 0, 0], 9).unwrap(), > + Ipv4Cidr::new([1, 0, 0, 0], 8).unwrap(), > + Ipv4Cidr::new([2, 0, 0, 0], 7).unwrap(), > + Ipv4Cidr::new([4, 0, 0, 0], 6).unwrap(), > + Ipv4Cidr::new([8, 0, 0, 0], 5).unwrap(), > + Ipv4Cidr::new([16, 0, 0, 0], 4).unwrap(), > + Ipv4Cidr::new([32, 0, 0, 0], 3).unwrap(), > + Ipv4Cidr::new([64, 0, 0, 0], 2).unwrap(), > + Ipv4Cidr::new([128, 0, 0, 0], 1).unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([0, 0, 0, 0], [255, 255, 255, 254]).unwrap(); > + > + assert_eq!( > + [ > + Ipv4Cidr::new([0, 0, 0, 0], 1).unwrap(), > + Ipv4Cidr::new([128, 0, 0, 0], 2).unwrap(), > + Ipv4Cidr::new([192, 0, 0, 0], 3).unwrap(), > + Ipv4Cidr::new([224, 0, 0, 0], 4).unwrap(), > + Ipv4Cidr::new([240, 0, 0, 0], 5).unwrap(), > + Ipv4Cidr::new([248, 0, 0, 0], 6).unwrap(), > + Ipv4Cidr::new([252, 0, 0, 0], 7).unwrap(), > + Ipv4Cidr::new([254, 0, 0, 0], 8).unwrap(), > + Ipv4Cidr::new([255, 0, 0, 0], 9).unwrap(), > + Ipv4Cidr::new([255, 128, 0, 0], 10).unwrap(), > + Ipv4Cidr::new([255, 192, 0, 0], 11).unwrap(), > + Ipv4Cidr::new([255, 224, 0, 0], 12).unwrap(), > + Ipv4Cidr::new([255, 240, 0, 0], 13).unwrap(), > + Ipv4Cidr::new([255, 248, 0, 0], 14).unwrap(), > + Ipv4Cidr::new([255, 252, 0, 0], 15).unwrap(), > + Ipv4Cidr::new([255, 254, 0, 0], 16).unwrap(), > + Ipv4Cidr::new([255, 255, 0, 0], 17).unwrap(), > + Ipv4Cidr::new([255, 255, 128, 0], 18).unwrap(), > + Ipv4Cidr::new([255, 255, 192, 0], 19).unwrap(), > + Ipv4Cidr::new([255, 255, 224, 0], 20).unwrap(), > + Ipv4Cidr::new([255, 255, 240, 0], 21).unwrap(), > + Ipv4Cidr::new([255, 255, 248, 0], 22).unwrap(), > + Ipv4Cidr::new([255, 255, 252, 0], 23).unwrap(), > + Ipv4Cidr::new([255, 255, 254, 0], 24).unwrap(), > + Ipv4Cidr::new([255, 255, 255, 0], 25).unwrap(), > + Ipv4Cidr::new([255, 255, 255, 128], 26).unwrap(), > + Ipv4Cidr::new([255, 255, 255, 192], 27).unwrap(), > + Ipv4Cidr::new([255, 255, 255, 224], 28).unwrap(), > + Ipv4Cidr::new([255, 255, 255, 240], 29).unwrap(), > + Ipv4Cidr::new([255, 255, 255, 248], 30).unwrap(), > + Ipv4Cidr::new([255, 255, 255, 252], 31).unwrap(), > + Ipv4Cidr::new([255, 255, 255, 254], 32).unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([0, 0, 0, 0], [0, 0, 0, 0]).unwrap(); > + > + assert_eq!( > + [Ipv4Cidr::new([0, 0, 0, 0], 32).unwrap(),], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v4([255, 255, 255, 255], [255, 255, 255, 255]).unwrap(); > + > + assert_eq!( > + [Ipv4Cidr::new([255, 255, 255, 255], 32).unwrap(),], > + range.to_cidrs().as_slice() > + ); > + } > + > + #[test] > + fn test_ipv6_to_cidrs() { > + let range = AddressRange::new_v6( > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1000], > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1000], > + ) > + .unwrap(); > + > + assert_eq!( > + [Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1000], 128).unwrap()], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v6( > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1000], > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x2000], > + ) > + .unwrap(); > + > + assert_eq!( > + [ > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1000], 116).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x2000], 128).unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v6( > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1001], > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x2000], > + ) > + .unwrap(); > + > + assert_eq!( > + [ > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1001], 128).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1002], 127).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1004], 126).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1008], 125).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1010], 124).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1020], 123).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1040], 122).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1080], 121).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1100], 120).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1200], 119).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1400], 118).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1800], 117).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x2000], 128).unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v6( > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1001], > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1001], > + ) > + .unwrap(); > + > + assert_eq!( > + [Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1001], 128).unwrap(),], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v6( > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1001], > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x2001], > + ) > + .unwrap(); > + > + assert_eq!( > + [ > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1001], 128).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1002], 127).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1004], 126).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1008], 125).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1010], 124).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1020], 123).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1040], 122).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1080], 121).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1100], 120).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1200], 119).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1400], 118).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x1800], 117).unwrap(), > + Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0x2000], 127).unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v6( > + [0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0], > + [0x2001, 0x0DB8, 0, 0, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF], > + ) > + .unwrap(); > + > + assert_eq!( > + [Ipv6Cidr::new([0x2001, 0x0DB8, 0, 0, 0, 0, 0, 0], 64).unwrap()], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v6( > + [0, 0, 0, 0, 0, 0, 0, 0], > + [ > + 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, > + ], > + ) > + .unwrap(); > + > + assert_eq!( > + [Ipv6Cidr::new([0, 0, 0, 0, 0, 0, 0, 0], 0).unwrap(),], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v6( > + [0, 0, 0, 0, 0, 0, 0, 0x0001], > + [ > + 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, > + ], > + ) > + .unwrap(); > + > + assert_eq!( > + [ > + "::1/128".parse::().unwrap(), > + "::2/127".parse::().unwrap(), > + "::4/126".parse::().unwrap(), > + "::8/125".parse::().unwrap(), > + "::10/124".parse::().unwrap(), > + "::20/123".parse::().unwrap(), > + "::40/122".parse::().unwrap(), > + "::80/121".parse::().unwrap(), > + "::100/120".parse::().unwrap(), > + "::200/119".parse::().unwrap(), > + "::400/118".parse::().unwrap(), > + "::800/117".parse::().unwrap(), > + "::1000/116".parse::().unwrap(), > + "::2000/115".parse::().unwrap(), > + "::4000/114".parse::().unwrap(), > + "::8000/113".parse::().unwrap(), > + "::1:0/112".parse::().unwrap(), > + "::2:0/111".parse::().unwrap(), > + "::4:0/110".parse::().unwrap(), > + "::8:0/109".parse::().unwrap(), > + "::10:0/108".parse::().unwrap(), > + "::20:0/107".parse::().unwrap(), > + "::40:0/106".parse::().unwrap(), > + "::80:0/105".parse::().unwrap(), > + "::100:0/104".parse::().unwrap(), > + "::200:0/103".parse::().unwrap(), > + "::400:0/102".parse::().unwrap(), > + "::800:0/101".parse::().unwrap(), > + "::1000:0/100".parse::().unwrap(), > + "::2000:0/99".parse::().unwrap(), > + "::4000:0/98".parse::().unwrap(), > + "::8000:0/97".parse::().unwrap(), > + "::1:0:0/96".parse::().unwrap(), > + "::2:0:0/95".parse::().unwrap(), > + "::4:0:0/94".parse::().unwrap(), > + "::8:0:0/93".parse::().unwrap(), > + "::10:0:0/92".parse::().unwrap(), > + "::20:0:0/91".parse::().unwrap(), > + "::40:0:0/90".parse::().unwrap(), > + "::80:0:0/89".parse::().unwrap(), > + "::100:0:0/88".parse::().unwrap(), > + "::200:0:0/87".parse::().unwrap(), > + "::400:0:0/86".parse::().unwrap(), > + "::800:0:0/85".parse::().unwrap(), > + "::1000:0:0/84".parse::().unwrap(), > + "::2000:0:0/83".parse::().unwrap(), > + "::4000:0:0/82".parse::().unwrap(), > + "::8000:0:0/81".parse::().unwrap(), > + "::1:0:0:0/80".parse::().unwrap(), > + "::2:0:0:0/79".parse::().unwrap(), > + "::4:0:0:0/78".parse::().unwrap(), > + "::8:0:0:0/77".parse::().unwrap(), > + "::10:0:0:0/76".parse::().unwrap(), > + "::20:0:0:0/75".parse::().unwrap(), > + "::40:0:0:0/74".parse::().unwrap(), > + "::80:0:0:0/73".parse::().unwrap(), > + "::100:0:0:0/72".parse::().unwrap(), > + "::200:0:0:0/71".parse::().unwrap(), > + "::400:0:0:0/70".parse::().unwrap(), > + "::800:0:0:0/69".parse::().unwrap(), > + "::1000:0:0:0/68".parse::().unwrap(), > + "::2000:0:0:0/67".parse::().unwrap(), > + "::4000:0:0:0/66".parse::().unwrap(), > + "::8000:0:0:0/65".parse::().unwrap(), > + "0:0:0:1::/64".parse::().unwrap(), > + "0:0:0:2::/63".parse::().unwrap(), > + "0:0:0:4::/62".parse::().unwrap(), > + "0:0:0:8::/61".parse::().unwrap(), > + "0:0:0:10::/60".parse::().unwrap(), > + "0:0:0:20::/59".parse::().unwrap(), > + "0:0:0:40::/58".parse::().unwrap(), > + "0:0:0:80::/57".parse::().unwrap(), > + "0:0:0:100::/56".parse::().unwrap(), > + "0:0:0:200::/55".parse::().unwrap(), > + "0:0:0:400::/54".parse::().unwrap(), > + "0:0:0:800::/53".parse::().unwrap(), > + "0:0:0:1000::/52".parse::().unwrap(), > + "0:0:0:2000::/51".parse::().unwrap(), > + "0:0:0:4000::/50".parse::().unwrap(), > + "0:0:0:8000::/49".parse::().unwrap(), > + "0:0:1::/48".parse::().unwrap(), > + "0:0:2::/47".parse::().unwrap(), > + "0:0:4::/46".parse::().unwrap(), > + "0:0:8::/45".parse::().unwrap(), > + "0:0:10::/44".parse::().unwrap(), > + "0:0:20::/43".parse::().unwrap(), > + "0:0:40::/42".parse::().unwrap(), > + "0:0:80::/41".parse::().unwrap(), > + "0:0:100::/40".parse::().unwrap(), > + "0:0:200::/39".parse::().unwrap(), > + "0:0:400::/38".parse::().unwrap(), > + "0:0:800::/37".parse::().unwrap(), > + "0:0:1000::/36".parse::().unwrap(), > + "0:0:2000::/35".parse::().unwrap(), > + "0:0:4000::/34".parse::().unwrap(), > + "0:0:8000::/33".parse::().unwrap(), > + "0:1::/32".parse::().unwrap(), > + "0:2::/31".parse::().unwrap(), > + "0:4::/30".parse::().unwrap(), > + "0:8::/29".parse::().unwrap(), > + "0:10::/28".parse::().unwrap(), > + "0:20::/27".parse::().unwrap(), > + "0:40::/26".parse::().unwrap(), > + "0:80::/25".parse::().unwrap(), > + "0:100::/24".parse::().unwrap(), > + "0:200::/23".parse::().unwrap(), > + "0:400::/22".parse::().unwrap(), > + "0:800::/21".parse::().unwrap(), > + "0:1000::/20".parse::().unwrap(), > + "0:2000::/19".parse::().unwrap(), > + "0:4000::/18".parse::().unwrap(), > + "0:8000::/17".parse::().unwrap(), > + "1::/16".parse::().unwrap(), > + "2::/15".parse::().unwrap(), > + "4::/14".parse::().unwrap(), > + "8::/13".parse::().unwrap(), > + "10::/12".parse::().unwrap(), > + "20::/11".parse::().unwrap(), > + "40::/10".parse::().unwrap(), > + "80::/9".parse::().unwrap(), > + "100::/8".parse::().unwrap(), > + "200::/7".parse::().unwrap(), > + "400::/6".parse::().unwrap(), > + "800::/5".parse::().unwrap(), > + "1000::/4".parse::().unwrap(), > + "2000::/3".parse::().unwrap(), > + "4000::/2".parse::().unwrap(), > + "8000::/1".parse::().unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v6( > + [0, 0, 0, 0, 0, 0, 0, 0], > + [ > + 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFE, > + ], > + ) > + .unwrap(); > + > + assert_eq!( > + [ > + "::/1".parse::().unwrap(), > + "8000::/2".parse::().unwrap(), > + "c000::/3".parse::().unwrap(), > + "e000::/4".parse::().unwrap(), > + "f000::/5".parse::().unwrap(), > + "f800::/6".parse::().unwrap(), > + "fc00::/7".parse::().unwrap(), > + "fe00::/8".parse::().unwrap(), > + "ff00::/9".parse::().unwrap(), > + "ff80::/10".parse::().unwrap(), > + "ffc0::/11".parse::().unwrap(), > + "ffe0::/12".parse::().unwrap(), > + "fff0::/13".parse::().unwrap(), > + "fff8::/14".parse::().unwrap(), > + "fffc::/15".parse::().unwrap(), > + "fffe::/16".parse::().unwrap(), > + "ffff::/17".parse::().unwrap(), > + "ffff:8000::/18".parse::().unwrap(), > + "ffff:c000::/19".parse::().unwrap(), > + "ffff:e000::/20".parse::().unwrap(), > + "ffff:f000::/21".parse::().unwrap(), > + "ffff:f800::/22".parse::().unwrap(), > + "ffff:fc00::/23".parse::().unwrap(), > + "ffff:fe00::/24".parse::().unwrap(), > + "ffff:ff00::/25".parse::().unwrap(), > + "ffff:ff80::/26".parse::().unwrap(), > + "ffff:ffc0::/27".parse::().unwrap(), > + "ffff:ffe0::/28".parse::().unwrap(), > + "ffff:fff0::/29".parse::().unwrap(), > + "ffff:fff8::/30".parse::().unwrap(), > + "ffff:fffc::/31".parse::().unwrap(), > + "ffff:fffe::/32".parse::().unwrap(), > + "ffff:ffff::/33".parse::().unwrap(), > + "ffff:ffff:8000::/34".parse::().unwrap(), > + "ffff:ffff:c000::/35".parse::().unwrap(), > + "ffff:ffff:e000::/36".parse::().unwrap(), > + "ffff:ffff:f000::/37".parse::().unwrap(), > + "ffff:ffff:f800::/38".parse::().unwrap(), > + "ffff:ffff:fc00::/39".parse::().unwrap(), > + "ffff:ffff:fe00::/40".parse::().unwrap(), > + "ffff:ffff:ff00::/41".parse::().unwrap(), > + "ffff:ffff:ff80::/42".parse::().unwrap(), > + "ffff:ffff:ffc0::/43".parse::().unwrap(), > + "ffff:ffff:ffe0::/44".parse::().unwrap(), > + "ffff:ffff:fff0::/45".parse::().unwrap(), > + "ffff:ffff:fff8::/46".parse::().unwrap(), > + "ffff:ffff:fffc::/47".parse::().unwrap(), > + "ffff:ffff:fffe::/48".parse::().unwrap(), > + "ffff:ffff:ffff::/49".parse::().unwrap(), > + "ffff:ffff:ffff:8000::/50".parse::().unwrap(), > + "ffff:ffff:ffff:c000::/51".parse::().unwrap(), > + "ffff:ffff:ffff:e000::/52".parse::().unwrap(), > + "ffff:ffff:ffff:f000::/53".parse::().unwrap(), > + "ffff:ffff:ffff:f800::/54".parse::().unwrap(), > + "ffff:ffff:ffff:fc00::/55".parse::().unwrap(), > + "ffff:ffff:ffff:fe00::/56".parse::().unwrap(), > + "ffff:ffff:ffff:ff00::/57".parse::().unwrap(), > + "ffff:ffff:ffff:ff80::/58".parse::().unwrap(), > + "ffff:ffff:ffff:ffc0::/59".parse::().unwrap(), > + "ffff:ffff:ffff:ffe0::/60".parse::().unwrap(), > + "ffff:ffff:ffff:fff0::/61".parse::().unwrap(), > + "ffff:ffff:ffff:fff8::/62".parse::().unwrap(), > + "ffff:ffff:ffff:fffc::/63".parse::().unwrap(), > + "ffff:ffff:ffff:fffe::/64".parse::().unwrap(), > + "ffff:ffff:ffff:ffff::/65".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:8000::/66".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:c000::/67".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:e000::/68".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:f000::/69".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:f800::/70".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:fc00::/71".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:fe00::/72".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:ff00::/73".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:ff80::/74".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:ffc0::/75".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:ffe0::/76".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:fff0::/77".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:fff8::/78".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:fffc::/79".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:fffe::/80".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:ffff::/81".parse::().unwrap(), > + "ffff:ffff:ffff:ffff:ffff:8000::/82" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:c000::/83" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:e000::/84" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:f000::/85" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:f800::/86" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:fc00::/87" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:fe00::/88" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ff00::/89" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ff80::/90" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffc0::/91" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffe0::/92" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:fff0::/93" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:fff8::/94" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:fffc::/95" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:fffe::/96" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff::/97" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:8000:0/98" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:c000:0/99" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:e000:0/100" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:f000:0/101" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:f800:0/102" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:fc00:0/103" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:fe00:0/104" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ff00:0/105" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ff80:0/106" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffc0:0/107" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffe0:0/108" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:fff0:0/109" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:fff8:0/110" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:fffc:0/111" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:fffe:0/112" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:0/113" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:8000/114" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:c000/115" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:e000/116" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:f000/117" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:f800/118" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:fc00/119" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:fe00/120" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00/121" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff80/122" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffc0/123" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffe0/124" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:fff0/125" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:fff8/126" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:fffc/127" > + .parse::() > + .unwrap(), > + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:fffe/128" > + .parse::() > + .unwrap(), > + ], > + range.to_cidrs().as_slice() > + ); > + > + let range = > + AddressRange::new_v6([0, 0, 0, 0, 0, 0, 0, 0], [0, 0, 0, 0, 0, 0, 0, 0]).unwrap(); > + > + assert_eq!( > + [Ipv6Cidr::new([0, 0, 0, 0, 0, 0, 0, 0], 128).unwrap(),], > + range.to_cidrs().as_slice() > + ); > + > + let range = AddressRange::new_v6( > + [ > + 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, > + ], > + [ > + 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, > + ], > + ) > + .unwrap(); > + > + assert_eq!( > + [Ipv6Cidr::new( > + [0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF], > + 128 > + ) > + .unwrap(),], > + range.to_cidrs().as_slice() > + ); > + } > } _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel