From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 6CA621FF183 for ; Wed, 30 Jul 2025 23:35:30 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id AD6BB1B3F3; Wed, 30 Jul 2025 23:36:46 +0200 (CEST) To: pve-devel@lists.proxmox.com Date: Wed, 30 Jul 2025 23:26:14 +0200 In-Reply-To: <20250730212614.1264010-1-trygvis@inamo.no> References: <20250730212614.1264010-1-trygvis@inamo.no> MIME-Version: 1.0 Message-ID: List-Id: Proxmox VE development discussion List-Post: From: =?utf-8?q?Trygve_Laugst=C3=B8l_via_pve-devel?= Precedence: list Cc: =?UTF-8?q?Trygve=20Laugst=C3=B8l?= X-Mailman-Version: 2.1.29 X-BeenThere: pve-devel@lists.proxmox.com List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Proxmox VE development discussion List-Help: Subject: [pve-devel] [PATCH pve-network 1/1] fix #6569: ipam: netbox: better prefix lookup Content-Type: multipart/mixed; boundary="===============5645884316934354800==" Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" --===============5645884316934354800== Content-Type: message/rfc822 Content-Disposition: inline Return-Path: X-Original-To: pve-devel@lists.proxmox.com Delivered-To: pve-devel@lists.proxmox.com Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 1D123CEC50 for ; Wed, 30 Jul 2025 23:36:45 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id EA54B1AC7F for ; Wed, 30 Jul 2025 23:36:14 +0200 (CEST) Received: from fout-b1-smtp.messagingengine.com (fout-b1-smtp.messagingengine.com [202.12.124.144]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 30 Jul 2025 23:36:11 +0200 (CEST) Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfout.stl.internal (Postfix) with ESMTP id B14DB1D007BF; Wed, 30 Jul 2025 17:26:22 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-01.internal (MEProxy); Wed, 30 Jul 2025 17:26:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=inamo.no; h=cc :cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1753910782; x=1753997182; bh=I8P8O1SDbicT3QdsFY9qfLbe0m96TxcIEY8ZCJeY5aw=; b= suAVr32HeOEHHHUuuJl+JnxRAjYTAr8+pOOJKO3W7RjLjQqR4Ikpt80ZF8DnXIwj GgUZPVuqwQCuTVQH0B74GJdW2/1fKD0zfDA2FwIen1+GQk21XOm+D52TnAqwD/Rv WTXvZb0JmGpEW8Zak7TgcsDzyI6GZwWHJDRZFm1SI4046vDS9q1GD1Crrsi1IYJG G9pFkE0JY6eqv2Natuvalu1xZgrEdKHkxxg4LTYenUoPOHitDKEahPBVVDY8EwiB 6qpkYLb0inl7PFTsU5oJuGNtPVdgeHKt1HQtgPOpX0nT+hzZFYa2NZsd3rORBNFp ObZpN+qoPh5nRUrW3vGvzQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1753910782; x= 1753997182; bh=I8P8O1SDbicT3QdsFY9qfLbe0m96TxcIEY8ZCJeY5aw=; b=k DV2KiKzQwFq3r/i0tajsvFLJ3KqOQIdLhmbBfnl/LQOH5EcyKhaOKQoURoED5TUi eZZ5j++xN3VdP7EGJMq73GgTaaJKzoSBgHdeALG+2RSEvBDROUksYG3VxE+ac0Z+ Hm1K2phAYa0pjvETiA64O9gZCl2LWY0VpUydlqvdIx2B7hq/cXRVfoztY5o8uQB9 EMBFw/KZz3sBPg2x5IhpGyIRiJBFUxQ7IsdJ7IouE9J6Sbdvhjik8Mg3SelkOyJB 0b3AsTBD+FGZwU1Li/4QF1JlZMoeFs4fT0azwkPRqMNaeTThtT8kMVtVrVtdxXS8 xq8F97ZsD9CKVGdR5c4eA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdefgdelledttdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgjfhggtgfgsehtkeertd ertdejnecuhfhrohhmpefvrhihghhvvgcunfgruhhgshhtpphluceothhrhihgvhhishes ihhnrghmohdrnhhoqeenucggtffrrghtthgvrhhnpeeutefhveegvddutedthfdtlefhle ehhefgheeihfeuvddvudfgieetfeeitdetveenucevlhhushhtvghrufhiiigvpedtnecu rfgrrhgrmhepmhgrihhlfhhrohhmpehtrhihghhvihhssehinhgrmhhordhnohdpnhgspg hrtghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepphhvvgdquggv vhgvlheslhhishhtshdrphhrohigmhhogidrtghomhdprhgtphhtthhopehtrhihghhvih hssehinhgrmhhordhnoh X-ME-Proxy: Feedback-ID: i6cf1495c:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 30 Jul 2025 17:26:21 -0400 (EDT) From: =?UTF-8?q?Trygve=20Laugst=C3=B8l?= To: pve-devel@lists.proxmox.com Subject: [PATCH pve-network 1/1] fix #6569: ipam: netbox: better prefix lookup Date: Wed, 30 Jul 2025 23:26:14 +0200 Message-ID: <20250730212614.1264010-2-trygvis@inamo.no> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250730212614.1264010-1-trygvis@inamo.no> References: <20250730212614.1264010-1-trygvis@inamo.no> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.592 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain DMARC_PASS -0.1 DMARC pass policy JMQ_SPF_NEUTRAL 0.5 SPF set to ?all KAM_MAILER 2 Automated Mailer Tag Left in Email RCVD_IN_DNSWL_LOW -0.7 Sender listed at https://www.dnswl.org/, low trust RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_PASS -0.001 SPF: HELO matches SPF record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [inamo.no,messagingengine.com,netboxplugin.pm] The problem description in #6569 is correct, but instead of depending on the freetext query parameter "q", this uses the "prefix" parameter for an explicit lookup. This also checks if there are multiple prefixes that matched. This will happen if the same prefix is registered in multiple VRFs. Signed-off-by: Trygve Laugstøl --- src/PVE/Network/SDN/Ipams/NetboxPlugin.pm | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/src/PVE/Network/SDN/Ipams/NetboxPlugin.pm b/src/PVE/Network/SDN/Ipams/NetboxPlugin.pm index e118d03..3799e47 100644 --- a/src/PVE/Network/SDN/Ipams/NetboxPlugin.pm +++ b/src/PVE/Network/SDN/Ipams/NetboxPlugin.pm @@ -423,18 +423,25 @@ sub on_update_hook { sub get_prefix_id { my ($config, $cidr, $noerr) = @_; - # we need to supply any IP inside the prefix, without supplying the mask, so - # just take the one from the cidr - my ($ip, undef) = split(/\//, $cidr); - - my $result = eval { netbox_api_request($config, "GET", "/ipam/prefixes/?q=$ip") }; + # look up the prefix by matching the prefix exactly. + my $result = eval { netbox_api_request($config, "GET", "/ipam/prefixes/?prefix=$cidr") }; if ($@) { return if $noerr; die "could not obtain ID for prefix $cidr: $@"; } - my $data = @{ $result->{results} }[0]; - return $data->{id}; + # we can get multiple prefixes returned if the netbox configuration allows + # it, or if the prefix is registered in different VRFs. + my $count = $result->{count} || 0; + if ($count > 1) { + die "ambiguous prefix lookup for $cidr: found $count matches"; + } + + if ($count == 0) { + return; + } + + return $result->{results}[0]{id}; } sub get_iprange_id { -- 2.47.2 --===============5645884316934354800== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel --===============5645884316934354800==--