network-api: new crate, split out from system-management-api
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
This commit is contained in:
parent
83b6f673b3
commit
6bb74338b4
@ -19,6 +19,7 @@ members = [
|
||||
"proxmox-ldap",
|
||||
"proxmox-login",
|
||||
"proxmox-metrics",
|
||||
"proxmox-network-api",
|
||||
"proxmox-notify",
|
||||
"proxmox-openid",
|
||||
"proxmox-product-config",
|
||||
|
35
proxmox-network-api/Cargo.toml
Normal file
35
proxmox-network-api/Cargo.toml
Normal file
@ -0,0 +1,35 @@
|
||||
[package]
|
||||
name = "proxmox-network-api"
|
||||
version = "0.1.0"
|
||||
authors.workspace = true
|
||||
edition.workspace = true
|
||||
license.workspace = true
|
||||
repository.workspace = true
|
||||
exclude.workspace = true
|
||||
description = "Network Management API implementation"
|
||||
|
||||
[dependencies]
|
||||
anyhow.workspace = true
|
||||
const_format.workspace = true
|
||||
lazy_static.workspace = true
|
||||
regex.workspace = true
|
||||
|
||||
serde = { workspace = true, features = ["derive"] }
|
||||
nix = { workspace = true, optional = true }
|
||||
libc = { workspace = true, optional = true }
|
||||
|
||||
proxmox-sys = { workspace = true, optional = true }
|
||||
proxmox-schema = { workspace = true, features = ["api-macro", "api-types"] }
|
||||
proxmox-config-digest = { workspace = true, optional = true }
|
||||
proxmox-product-config = { workspace = true, optional = true }
|
||||
|
||||
[features]
|
||||
default = []
|
||||
impl = [
|
||||
"dep:proxmox-config-digest",
|
||||
"proxmox-config-digest?/openssl",
|
||||
"dep:proxmox-product-config",
|
||||
"dep:nix",
|
||||
"dep:libc",
|
||||
"dep:proxmox-sys",
|
||||
]
|
6
proxmox-network-api/debian/changelog
Normal file
6
proxmox-network-api/debian/changelog
Normal file
@ -0,0 +1,6 @@
|
||||
rust-proxmox-network-api (0.1.0-1) bookworm; urgency=medium
|
||||
|
||||
* initial packaging (split out from proxmox-system-management-api)
|
||||
|
||||
-- Proxmox Support Team <support@proxmox.com> Thu, 30 May 2024 09:10:54 +0200
|
||||
|
18
proxmox-network-api/debian/copyright
Normal file
18
proxmox-network-api/debian/copyright
Normal file
@ -0,0 +1,18 @@
|
||||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
|
||||
Files:
|
||||
*
|
||||
Copyright: 2019 - 2023 Proxmox Server Solutions GmbH <support@proxmox.com>
|
||||
License: AGPL-3.0-or-later
|
||||
This program is free software: you can redistribute it and/or modify it under
|
||||
the terms of the GNU Affero General Public License as published by the Free
|
||||
Software Foundation, either version 3 of the License, or (at your option) any
|
||||
later version.
|
||||
.
|
||||
This program is distributed in the hope that it will be useful, but WITHOUT
|
||||
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
||||
FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
|
||||
details.
|
||||
.
|
||||
You should have received a copy of the GNU Affero General Public License along
|
||||
with this program. If not, see <https://www.gnu.org/licenses/>.
|
7
proxmox-network-api/debian/debcargo.toml
Normal file
7
proxmox-network-api/debian/debcargo.toml
Normal file
@ -0,0 +1,7 @@
|
||||
overlay = "."
|
||||
crate_src_path = ".."
|
||||
maintainer = "Proxmox Support Team <support@proxmox.com>"
|
||||
|
||||
[source]
|
||||
vcs_git = "git://git.proxmox.com/git/proxmox.git"
|
||||
vcs_browser = "https://git.proxmox.com/?p=proxmox.git"
|
347
proxmox-network-api/src/api_impl.rs
Normal file
347
proxmox-network-api/src/api_impl.rs
Normal file
@ -0,0 +1,347 @@
|
||||
use anyhow::{bail, Error};
|
||||
|
||||
use proxmox_config_digest::ConfigDigest;
|
||||
|
||||
use crate::{parse_vlan_id_from_name, parse_vlan_raw_device_from_name};
|
||||
use crate::{
|
||||
DeletableInterfaceProperty, Interface, InterfaceUpdater, LinuxBondMode, NetworkConfigMethod,
|
||||
NetworkInterfaceType,
|
||||
};
|
||||
|
||||
/// Create network interface configuration.
|
||||
pub fn create_interface(iface: String, config: InterfaceUpdater) -> Result<(), Error> {
|
||||
let interface_type = match config.interface_type {
|
||||
Some(interface_type) => interface_type,
|
||||
None => bail!("missing parameter 'type'"),
|
||||
};
|
||||
|
||||
let _lock = crate::lock_config()?;
|
||||
|
||||
let (mut network_config, _digest) = crate::config()?;
|
||||
|
||||
if network_config.interfaces.contains_key(&iface) {
|
||||
bail!("interface '{}' already exists", iface);
|
||||
}
|
||||
|
||||
let mut interface = Interface::new(iface.clone());
|
||||
interface.interface_type = interface_type;
|
||||
|
||||
if let Some(autostart) = config.autostart {
|
||||
interface.autostart = autostart;
|
||||
}
|
||||
if config.method.is_some() {
|
||||
interface.method = config.method;
|
||||
}
|
||||
if config.method6.is_some() {
|
||||
interface.method6 = config.method6;
|
||||
}
|
||||
if config.mtu.is_some() {
|
||||
interface.mtu = config.mtu;
|
||||
}
|
||||
if config.comments.is_some() {
|
||||
interface.comments = config.comments;
|
||||
}
|
||||
if config.comments6.is_some() {
|
||||
interface.comments6 = config.comments6;
|
||||
}
|
||||
|
||||
if let Some(cidr) = config.cidr {
|
||||
let (_, _, is_v6) = crate::parse_cidr(&cidr)?;
|
||||
if is_v6 {
|
||||
bail!("invalid address type (expected IPv4, got IPv6)");
|
||||
}
|
||||
interface.cidr = Some(cidr);
|
||||
}
|
||||
|
||||
if let Some(cidr6) = config.cidr6 {
|
||||
let (_, _, is_v6) = crate::parse_cidr(&cidr6)?;
|
||||
if !is_v6 {
|
||||
bail!("invalid address type (expected IPv6, got IPv4)");
|
||||
}
|
||||
interface.cidr6 = Some(cidr6);
|
||||
}
|
||||
|
||||
if let Some(gateway) = config.gateway {
|
||||
let is_v6 = gateway.contains(':');
|
||||
if is_v6 {
|
||||
bail!("invalid address type (expected IPv4, got IPv6)");
|
||||
}
|
||||
network_config.check_duplicate_gateway_v4(&iface)?;
|
||||
interface.gateway = Some(gateway);
|
||||
}
|
||||
|
||||
if let Some(gateway6) = config.gateway6 {
|
||||
let is_v6 = gateway6.contains(':');
|
||||
if !is_v6 {
|
||||
bail!("invalid address type (expected IPv6, got IPv4)");
|
||||
}
|
||||
network_config.check_duplicate_gateway_v6(&iface)?;
|
||||
interface.gateway6 = Some(gateway6);
|
||||
}
|
||||
|
||||
match interface_type {
|
||||
NetworkInterfaceType::Bridge => {
|
||||
if let Some(ports) = &config.bridge_ports {
|
||||
interface.set_bridge_port_list(ports)?;
|
||||
}
|
||||
if config.bridge_vlan_aware.is_some() {
|
||||
interface.bridge_vlan_aware = config.bridge_vlan_aware;
|
||||
}
|
||||
}
|
||||
NetworkInterfaceType::Bond => {
|
||||
if let Some(mode) = config.bond_mode {
|
||||
interface.bond_mode = config.bond_mode;
|
||||
if config.bond_primary.is_some() {
|
||||
if mode != LinuxBondMode::ActiveBackup {
|
||||
bail!("bond-primary is only valid with Active/Backup mode");
|
||||
}
|
||||
interface.bond_primary = config.bond_primary;
|
||||
}
|
||||
if config.bond_xmit_hash_policy.is_some() {
|
||||
if mode != LinuxBondMode::Ieee802_3ad && mode != LinuxBondMode::BalanceXor {
|
||||
bail!("bond_xmit_hash_policy is only valid with LACP(802.3ad) or balance-xor mode");
|
||||
}
|
||||
interface.bond_xmit_hash_policy = config.bond_xmit_hash_policy;
|
||||
}
|
||||
}
|
||||
if let Some(slaves) = &config.slaves {
|
||||
interface.set_bond_slave_list(&slaves)?;
|
||||
}
|
||||
}
|
||||
NetworkInterfaceType::Vlan => {
|
||||
if config.vlan_id.is_none() && parse_vlan_id_from_name(&iface).is_none() {
|
||||
bail!("vlan-id must be set");
|
||||
}
|
||||
interface.vlan_id = config.vlan_id;
|
||||
|
||||
if let Some(dev) = config
|
||||
.vlan_raw_device
|
||||
.as_deref()
|
||||
.or_else(|| parse_vlan_raw_device_from_name(&iface))
|
||||
{
|
||||
if !network_config.interfaces.contains_key(dev) {
|
||||
bail!("vlan-raw-device {dev} does not exist");
|
||||
}
|
||||
} else {
|
||||
bail!("vlan-raw-device must be set");
|
||||
}
|
||||
interface.vlan_raw_device = config.vlan_raw_device;
|
||||
}
|
||||
_ => bail!(
|
||||
"creating network interface type '{:?}' is not supported",
|
||||
interface_type
|
||||
),
|
||||
}
|
||||
|
||||
if interface.cidr.is_some() || interface.gateway.is_some() {
|
||||
interface.method = Some(NetworkConfigMethod::Static);
|
||||
} else if interface.method.is_none() {
|
||||
interface.method = Some(NetworkConfigMethod::Manual);
|
||||
}
|
||||
|
||||
if interface.cidr6.is_some() || interface.gateway6.is_some() {
|
||||
interface.method6 = Some(NetworkConfigMethod::Static);
|
||||
} else if interface.method6.is_none() {
|
||||
interface.method6 = Some(NetworkConfigMethod::Manual);
|
||||
}
|
||||
|
||||
network_config.interfaces.insert(iface, interface);
|
||||
|
||||
crate::save_config(&network_config)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Update network interface config.
|
||||
pub fn update_interface(
|
||||
iface: String,
|
||||
update: InterfaceUpdater,
|
||||
delete: Option<Vec<DeletableInterfaceProperty>>,
|
||||
digest: Option<ConfigDigest>,
|
||||
) -> Result<(), Error> {
|
||||
let _lock = crate::lock_config()?;
|
||||
|
||||
let (mut network_config, expected_digest) = crate::config()?;
|
||||
|
||||
expected_digest.detect_modification(digest.as_ref())?;
|
||||
|
||||
if update.gateway.is_some() {
|
||||
network_config.check_duplicate_gateway_v4(&iface)?;
|
||||
}
|
||||
if update.gateway6.is_some() {
|
||||
network_config.check_duplicate_gateway_v6(&iface)?;
|
||||
}
|
||||
|
||||
if let Some(dev) = update
|
||||
.vlan_raw_device
|
||||
.as_deref()
|
||||
.or_else(|| parse_vlan_raw_device_from_name(&iface))
|
||||
{
|
||||
if !network_config.interfaces.contains_key(dev) {
|
||||
bail!("vlan-raw-device {dev} does not exist");
|
||||
}
|
||||
}
|
||||
|
||||
let interface = network_config.lookup_mut(&iface)?;
|
||||
|
||||
if let Some(interface_type) = update.interface_type {
|
||||
if interface_type != interface.interface_type {
|
||||
bail!(
|
||||
"got unexpected interface type ({:?} != {:?})",
|
||||
interface_type,
|
||||
interface.interface_type
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
if let Some(delete) = delete {
|
||||
for delete_prop in delete {
|
||||
match delete_prop {
|
||||
DeletableInterfaceProperty::Cidr => {
|
||||
interface.cidr = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Cidr6 => {
|
||||
interface.cidr6 = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Gateway => {
|
||||
interface.gateway = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Gateway6 => {
|
||||
interface.gateway6 = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Method => {
|
||||
interface.method = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Method6 => {
|
||||
interface.method6 = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Comments => {
|
||||
interface.comments = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Comments6 => {
|
||||
interface.comments6 = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Mtu => {
|
||||
interface.mtu = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Autostart => {
|
||||
interface.autostart = false;
|
||||
}
|
||||
DeletableInterfaceProperty::BridgePorts => {
|
||||
interface.set_bridge_ports(Vec::new())?;
|
||||
}
|
||||
DeletableInterfaceProperty::BridgeVlanAware => {
|
||||
interface.bridge_vlan_aware = None;
|
||||
}
|
||||
DeletableInterfaceProperty::Slaves => {
|
||||
interface.set_bond_slaves(Vec::new())?;
|
||||
}
|
||||
DeletableInterfaceProperty::BondPrimary => {
|
||||
interface.bond_primary = None;
|
||||
}
|
||||
DeletableInterfaceProperty::BondXmitHashPolicy => {
|
||||
interface.bond_xmit_hash_policy = None
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if let Some(autostart) = update.autostart {
|
||||
interface.autostart = autostart;
|
||||
}
|
||||
if update.method.is_some() {
|
||||
interface.method = update.method;
|
||||
}
|
||||
if update.method6.is_some() {
|
||||
interface.method6 = update.method6;
|
||||
}
|
||||
if update.mtu.is_some() {
|
||||
interface.mtu = update.mtu;
|
||||
}
|
||||
if let Some(ports) = &update.bridge_ports {
|
||||
interface.set_bridge_port_list(ports)?;
|
||||
}
|
||||
if update.bridge_vlan_aware.is_some() {
|
||||
interface.bridge_vlan_aware = update.bridge_vlan_aware;
|
||||
}
|
||||
if let Some(slaves) = &update.slaves {
|
||||
interface.set_bond_slave_list(slaves)?;
|
||||
}
|
||||
if let Some(mode) = update.bond_mode {
|
||||
interface.bond_mode = update.bond_mode;
|
||||
if update.bond_primary.is_some() {
|
||||
if mode != LinuxBondMode::ActiveBackup {
|
||||
bail!("bond-primary is only valid with Active/Backup mode");
|
||||
}
|
||||
interface.bond_primary = update.bond_primary;
|
||||
}
|
||||
if update.bond_xmit_hash_policy.is_some() {
|
||||
if mode != LinuxBondMode::Ieee802_3ad && mode != LinuxBondMode::BalanceXor {
|
||||
bail!("bond_xmit_hash_policy is only valid with LACP(802.3ad) or balance-xor mode");
|
||||
}
|
||||
interface.bond_xmit_hash_policy = update.bond_xmit_hash_policy;
|
||||
}
|
||||
}
|
||||
|
||||
if let Some(cidr) = update.cidr {
|
||||
let (_, _, is_v6) = crate::parse_cidr(&cidr)?;
|
||||
if is_v6 {
|
||||
bail!("invalid address type (expected IPv4, got IPv6)");
|
||||
}
|
||||
interface.cidr = Some(cidr);
|
||||
}
|
||||
|
||||
if let Some(cidr6) = update.cidr6 {
|
||||
let (_, _, is_v6) = crate::parse_cidr(&cidr6)?;
|
||||
if !is_v6 {
|
||||
bail!("invalid address type (expected IPv6, got IPv4)");
|
||||
}
|
||||
interface.cidr6 = Some(cidr6);
|
||||
}
|
||||
|
||||
if let Some(gateway) = update.gateway {
|
||||
let is_v6 = gateway.contains(':');
|
||||
if is_v6 {
|
||||
bail!("invalid address type (expected IPv4, got IPv6)");
|
||||
}
|
||||
interface.gateway = Some(gateway);
|
||||
}
|
||||
|
||||
if let Some(gateway6) = update.gateway6 {
|
||||
let is_v6 = gateway6.contains(':');
|
||||
if !is_v6 {
|
||||
bail!("invalid address type (expected IPv6, got IPv4)");
|
||||
}
|
||||
interface.gateway6 = Some(gateway6);
|
||||
}
|
||||
|
||||
if update.comments.is_some() {
|
||||
interface.comments = update.comments;
|
||||
}
|
||||
if update.comments6.is_some() {
|
||||
interface.comments6 = update.comments6;
|
||||
}
|
||||
|
||||
if interface.cidr.is_some() || interface.gateway.is_some() {
|
||||
interface.method = Some(NetworkConfigMethod::Static);
|
||||
} else {
|
||||
interface.method = Some(NetworkConfigMethod::Manual);
|
||||
}
|
||||
|
||||
if interface.cidr6.is_some() || interface.gateway6.is_some() {
|
||||
interface.method6 = Some(NetworkConfigMethod::Static);
|
||||
} else {
|
||||
interface.method6 = Some(NetworkConfigMethod::Manual);
|
||||
}
|
||||
|
||||
if update.vlan_id.is_some() {
|
||||
interface.vlan_id = update.vlan_id;
|
||||
}
|
||||
if update.vlan_raw_device.is_some() {
|
||||
interface.vlan_raw_device = update.vlan_raw_device;
|
||||
}
|
||||
|
||||
crate::save_config(&network_config)?;
|
||||
|
||||
Ok(())
|
||||
}
|
532
proxmox-network-api/src/api_types.rs
Normal file
532
proxmox-network-api/src/api_types.rs
Normal file
@ -0,0 +1,532 @@
|
||||
use std::fmt;
|
||||
|
||||
use anyhow::{bail, Error};
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
use lazy_static::lazy_static;
|
||||
use regex::Regex;
|
||||
|
||||
use proxmox_schema::api;
|
||||
use proxmox_schema::ApiStringFormat;
|
||||
use proxmox_schema::ArraySchema;
|
||||
use proxmox_schema::Schema;
|
||||
use proxmox_schema::StringSchema;
|
||||
use proxmox_schema::api_types::SAFE_ID_REGEX;
|
||||
use proxmox_schema::api_types::{IP_V4_SCHEMA, IP_V6_SCHEMA};
|
||||
use proxmox_schema::api_types::{CIDR_V4_SCHEMA, CIDR_V6_SCHEMA};
|
||||
|
||||
lazy_static! {
|
||||
pub static ref PHYSICAL_NIC_REGEX: Regex = Regex::new(r"^(?:eth\d+|en[^:.]+|ib\d+)$").unwrap();
|
||||
pub static ref VLAN_INTERFACE_REGEX: Regex =
|
||||
Regex::new(r"^(?P<vlan_raw_device>\S+)\.(?P<vlan_id>\d+)|vlan(?P<vlan_id2>\d+)$").unwrap();
|
||||
}
|
||||
|
||||
pub const NETWORK_INTERFACE_FORMAT: ApiStringFormat =
|
||||
ApiStringFormat::Pattern(&SAFE_ID_REGEX);
|
||||
|
||||
#[api()]
|
||||
#[derive(Debug, Copy, Clone, PartialEq, Eq, Serialize, Deserialize)]
|
||||
#[serde(rename_all = "lowercase")]
|
||||
/// Interface configuration method
|
||||
pub enum NetworkConfigMethod {
|
||||
/// Configuration is done manually using other tools
|
||||
Manual,
|
||||
/// Define interfaces with statically allocated addresses.
|
||||
Static,
|
||||
/// Obtain an address via DHCP
|
||||
DHCP,
|
||||
/// Define the loopback interface.
|
||||
Loopback,
|
||||
}
|
||||
|
||||
#[api()]
|
||||
#[derive(Debug, Copy, Clone, PartialEq, Eq, Serialize, Deserialize)]
|
||||
#[serde(rename_all = "kebab-case")]
|
||||
#[repr(u8)]
|
||||
/// Linux Bond Mode
|
||||
pub enum LinuxBondMode {
|
||||
/// Round-robin policy
|
||||
BalanceRr = 0,
|
||||
/// Active-backup policy
|
||||
ActiveBackup = 1,
|
||||
/// XOR policy
|
||||
BalanceXor = 2,
|
||||
/// Broadcast policy
|
||||
Broadcast = 3,
|
||||
/// IEEE 802.3ad Dynamic link aggregation
|
||||
#[serde(rename = "802.3ad")]
|
||||
Ieee802_3ad = 4,
|
||||
/// Adaptive transmit load balancing
|
||||
BalanceTlb = 5,
|
||||
/// Adaptive load balancing
|
||||
BalanceAlb = 6,
|
||||
}
|
||||
|
||||
impl fmt::Display for LinuxBondMode {
|
||||
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
|
||||
f.write_str(match self {
|
||||
LinuxBondMode::BalanceRr => "balance-rr",
|
||||
LinuxBondMode::ActiveBackup => "active-backup",
|
||||
LinuxBondMode::BalanceXor => "balance-xor",
|
||||
LinuxBondMode::Broadcast => "broadcast",
|
||||
LinuxBondMode::Ieee802_3ad => "802.3ad",
|
||||
LinuxBondMode::BalanceTlb => "balance-tlb",
|
||||
LinuxBondMode::BalanceAlb => "balance-alb",
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
#[api()]
|
||||
#[derive(Debug, Copy, Clone, PartialEq, Eq, Serialize, Deserialize)]
|
||||
#[serde(rename_all = "kebab-case")]
|
||||
#[repr(u8)]
|
||||
/// Bond Transmit Hash Policy for LACP (802.3ad)
|
||||
pub enum BondXmitHashPolicy {
|
||||
/// Layer 2
|
||||
Layer2 = 0,
|
||||
/// Layer 2+3
|
||||
#[serde(rename = "layer2+3")]
|
||||
Layer2_3 = 1,
|
||||
/// Layer 3+4
|
||||
#[serde(rename = "layer3+4")]
|
||||
Layer3_4 = 2,
|
||||
}
|
||||
|
||||
impl fmt::Display for BondXmitHashPolicy {
|
||||
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
|
||||
f.write_str(match self {
|
||||
BondXmitHashPolicy::Layer2 => "layer2",
|
||||
BondXmitHashPolicy::Layer2_3 => "layer2+3",
|
||||
BondXmitHashPolicy::Layer3_4 => "layer3+4",
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
#[api()]
|
||||
#[derive(Debug, Copy, Clone, PartialEq, Eq, Serialize, Deserialize)]
|
||||
#[serde(rename_all = "lowercase")]
|
||||
/// Network interface type
|
||||
pub enum NetworkInterfaceType {
|
||||
/// Loopback
|
||||
Loopback,
|
||||
/// Physical Ethernet device
|
||||
Eth,
|
||||
/// Linux Bridge
|
||||
Bridge,
|
||||
/// Linux Bond
|
||||
Bond,
|
||||
/// Linux VLAN (eth.10)
|
||||
Vlan,
|
||||
/// Interface Alias (eth:1)
|
||||
Alias,
|
||||
/// Unknown interface type
|
||||
Unknown,
|
||||
}
|
||||
|
||||
pub const NETWORK_INTERFACE_NAME_SCHEMA: Schema = StringSchema::new("Network interface name.")
|
||||
.format(&NETWORK_INTERFACE_FORMAT)
|
||||
.min_length(1)
|
||||
.max_length(15) // libc::IFNAMSIZ-1
|
||||
.schema();
|
||||
|
||||
pub const NETWORK_INTERFACE_ARRAY_SCHEMA: Schema =
|
||||
ArraySchema::new("Network interface list.", &NETWORK_INTERFACE_NAME_SCHEMA).schema();
|
||||
|
||||
pub const NETWORK_INTERFACE_LIST_SCHEMA: Schema =
|
||||
StringSchema::new("A list of network devices, comma separated.")
|
||||
.format(&ApiStringFormat::PropertyString(
|
||||
&NETWORK_INTERFACE_ARRAY_SCHEMA,
|
||||
))
|
||||
.schema();
|
||||
|
||||
#[api(
|
||||
properties: {
|
||||
name: {
|
||||
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
||||
},
|
||||
"type": {
|
||||
type: NetworkInterfaceType,
|
||||
},
|
||||
method: {
|
||||
type: NetworkConfigMethod,
|
||||
optional: true,
|
||||
},
|
||||
method6: {
|
||||
type: NetworkConfigMethod,
|
||||
optional: true,
|
||||
},
|
||||
cidr: {
|
||||
schema: CIDR_V4_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
cidr6: {
|
||||
schema: CIDR_V6_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
gateway: {
|
||||
schema: IP_V4_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
gateway6: {
|
||||
schema: IP_V6_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
options: {
|
||||
description: "Option list (inet)",
|
||||
type: Array,
|
||||
items: {
|
||||
description: "Optional attribute line.",
|
||||
type: String,
|
||||
},
|
||||
},
|
||||
options6: {
|
||||
description: "Option list (inet6)",
|
||||
type: Array,
|
||||
items: {
|
||||
description: "Optional attribute line.",
|
||||
type: String,
|
||||
},
|
||||
},
|
||||
comments: {
|
||||
description: "Comments (inet, may span multiple lines)",
|
||||
type: String,
|
||||
optional: true,
|
||||
},
|
||||
comments6: {
|
||||
description: "Comments (inet6, may span multiple lines)",
|
||||
type: String,
|
||||
optional: true,
|
||||
},
|
||||
bridge_ports: {
|
||||
schema: NETWORK_INTERFACE_ARRAY_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
slaves: {
|
||||
schema: NETWORK_INTERFACE_ARRAY_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
"vlan-id": {
|
||||
description: "VLAN ID.",
|
||||
type: u16,
|
||||
optional: true,
|
||||
},
|
||||
"vlan-raw-device": {
|
||||
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
bond_mode: {
|
||||
type: LinuxBondMode,
|
||||
optional: true,
|
||||
},
|
||||
"bond-primary": {
|
||||
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
bond_xmit_hash_policy: {
|
||||
type: BondXmitHashPolicy,
|
||||
optional: true,
|
||||
},
|
||||
}
|
||||
)]
|
||||
#[derive(Clone, Debug, Serialize, Deserialize, PartialEq)]
|
||||
/// Network Interface configuration
|
||||
pub struct Interface {
|
||||
/// Autostart interface
|
||||
pub autostart: bool,
|
||||
/// Interface is active (UP)
|
||||
pub active: bool,
|
||||
/// Interface name
|
||||
pub name: String,
|
||||
/// Interface type
|
||||
#[serde(rename = "type")]
|
||||
pub interface_type: NetworkInterfaceType,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub method: Option<NetworkConfigMethod>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub method6: Option<NetworkConfigMethod>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
/// IPv4 address with netmask
|
||||
pub cidr: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
/// IPv4 gateway
|
||||
pub gateway: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
/// IPv6 address with netmask
|
||||
pub cidr6: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
/// IPv6 gateway
|
||||
pub gateway6: Option<String>,
|
||||
|
||||
#[serde(default, skip_serializing_if = "Vec::is_empty")]
|
||||
pub options: Vec<String>,
|
||||
#[serde(default, skip_serializing_if = "Vec::is_empty")]
|
||||
pub options6: Vec<String>,
|
||||
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub comments: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub comments6: Option<String>,
|
||||
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
/// Maximum Transmission Unit
|
||||
pub mtu: Option<u64>,
|
||||
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub bridge_ports: Option<Vec<String>>,
|
||||
/// Enable bridge vlan support.
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub bridge_vlan_aware: Option<bool>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
#[serde(rename = "vlan-id")]
|
||||
pub vlan_id: Option<u16>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
#[serde(rename = "vlan-raw-device")]
|
||||
pub vlan_raw_device: Option<String>,
|
||||
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub slaves: Option<Vec<String>>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub bond_mode: Option<LinuxBondMode>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
#[serde(rename = "bond-primary")]
|
||||
pub bond_primary: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub bond_xmit_hash_policy: Option<BondXmitHashPolicy>,
|
||||
}
|
||||
|
||||
impl Interface {
|
||||
pub fn new(name: String) -> Self {
|
||||
Self {
|
||||
name,
|
||||
interface_type: NetworkInterfaceType::Unknown,
|
||||
autostart: false,
|
||||
active: false,
|
||||
method: None,
|
||||
method6: None,
|
||||
cidr: None,
|
||||
gateway: None,
|
||||
cidr6: None,
|
||||
gateway6: None,
|
||||
options: Vec::new(),
|
||||
options6: Vec::new(),
|
||||
comments: None,
|
||||
comments6: None,
|
||||
mtu: None,
|
||||
bridge_ports: None,
|
||||
bridge_vlan_aware: None,
|
||||
vlan_id: None,
|
||||
vlan_raw_device: None,
|
||||
slaves: None,
|
||||
bond_mode: None,
|
||||
bond_primary: None,
|
||||
bond_xmit_hash_policy: None,
|
||||
}
|
||||
}
|
||||
|
||||
/// Setter for bridge ports (check if interface type is a bridge)
|
||||
pub fn set_bridge_ports(&mut self, ports: Vec<String>) -> Result<(), Error> {
|
||||
if self.interface_type != NetworkInterfaceType::Bridge {
|
||||
bail!(
|
||||
"interface '{}' is no bridge (type is {:?})",
|
||||
self.name,
|
||||
self.interface_type
|
||||
);
|
||||
}
|
||||
self.bridge_ports = Some(ports);
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Setter for bridge ports (check if interface type is a bridge)
|
||||
pub fn set_bridge_port_list(&mut self, ports: &str) -> Result<(), Error> {
|
||||
let ports = Self::split_interface_list(ports)?;
|
||||
self.set_bridge_ports(ports)
|
||||
}
|
||||
|
||||
/// Setter for bond slaves (check if interface type is a bond)
|
||||
pub fn set_bond_slaves(&mut self, slaves: Vec<String>) -> Result<(), Error> {
|
||||
if self.interface_type != NetworkInterfaceType::Bond {
|
||||
bail!(
|
||||
"interface '{}' is no bond (type is {:?})",
|
||||
self.name,
|
||||
self.interface_type
|
||||
);
|
||||
}
|
||||
self.slaves = Some(slaves);
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Setter for bond slaves (check if interface type is a bond)
|
||||
pub fn set_bond_slave_list(&mut self, slaves: &str) -> Result<(), Error> {
|
||||
let slaves = Self::split_interface_list(slaves)?;
|
||||
self.set_bond_slaves(slaves)
|
||||
}
|
||||
|
||||
/// Split a network interface list into an array of interface names.
|
||||
pub fn split_interface_list(list: &str) -> Result<Vec<String>, Error> {
|
||||
let value = NETWORK_INTERFACE_ARRAY_SCHEMA.parse_property_string(list)?;
|
||||
Ok(value
|
||||
.as_array()
|
||||
.unwrap()
|
||||
.iter()
|
||||
.map(|v| v.as_str().unwrap().to_string())
|
||||
.collect())
|
||||
}
|
||||
}
|
||||
|
||||
#[api()]
|
||||
#[derive(Serialize, Deserialize)]
|
||||
#[serde(rename_all = "kebab-case")]
|
||||
/// Deletable property name
|
||||
pub enum DeletableInterfaceProperty {
|
||||
/// Delete the IPv4 address property.
|
||||
Cidr,
|
||||
/// Delete the IPv6 address property.
|
||||
Cidr6,
|
||||
/// Delete the IPv4 gateway property.
|
||||
Gateway,
|
||||
/// Delete the IPv6 gateway property.
|
||||
Gateway6,
|
||||
/// Delete the whole IPv4 configuration entry.
|
||||
Method,
|
||||
/// Delete the whole IPv6 configuration entry.
|
||||
Method6,
|
||||
/// Delete IPv4 comments
|
||||
Comments,
|
||||
/// Delete IPv6 comments
|
||||
Comments6,
|
||||
/// Delete mtu.
|
||||
Mtu,
|
||||
/// Delete autostart flag
|
||||
Autostart,
|
||||
/// Delete bridge ports (set to 'none')
|
||||
#[serde(rename = "bridge_ports")]
|
||||
BridgePorts,
|
||||
/// Delete bridge-vlan-aware flag
|
||||
#[serde(rename = "bridge_vlan_aware")]
|
||||
BridgeVlanAware,
|
||||
/// Delete bond-slaves (set to 'none')
|
||||
Slaves,
|
||||
/// Delete bond-primary
|
||||
BondPrimary,
|
||||
/// Delete bond transmit hash policy
|
||||
#[serde(rename = "bond_xmit_hash_policy")]
|
||||
BondXmitHashPolicy,
|
||||
}
|
||||
|
||||
#[api(
|
||||
properties: {
|
||||
"type": {
|
||||
type: NetworkInterfaceType,
|
||||
optional: true,
|
||||
},
|
||||
autostart: {
|
||||
description: "Autostart interface.",
|
||||
type: bool,
|
||||
optional: true,
|
||||
},
|
||||
method: {
|
||||
type: NetworkConfigMethod,
|
||||
optional: true,
|
||||
},
|
||||
method6: {
|
||||
type: NetworkConfigMethod,
|
||||
optional: true,
|
||||
},
|
||||
comments: {
|
||||
description: "Comments (inet, may span multiple lines)",
|
||||
type: String,
|
||||
optional: true,
|
||||
},
|
||||
comments6: {
|
||||
description: "Comments (inet5, may span multiple lines)",
|
||||
type: String,
|
||||
optional: true,
|
||||
},
|
||||
cidr: {
|
||||
schema: CIDR_V4_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
cidr6: {
|
||||
schema: CIDR_V6_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
gateway: {
|
||||
schema: IP_V4_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
gateway6: {
|
||||
schema: IP_V6_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
mtu: {
|
||||
description: "Maximum Transmission Unit.",
|
||||
optional: true,
|
||||
minimum: 46,
|
||||
maximum: 65535,
|
||||
default: 1500,
|
||||
},
|
||||
bridge_ports: {
|
||||
schema: NETWORK_INTERFACE_LIST_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
bridge_vlan_aware: {
|
||||
description: "Enable bridge vlan support.",
|
||||
type: bool,
|
||||
optional: true,
|
||||
},
|
||||
"vlan-id": {
|
||||
description: "VLAN ID.",
|
||||
type: u16,
|
||||
optional: true,
|
||||
},
|
||||
"vlan-raw-device": {
|
||||
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
bond_mode: {
|
||||
type: LinuxBondMode,
|
||||
optional: true,
|
||||
},
|
||||
"bond-primary": {
|
||||
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
bond_xmit_hash_policy: {
|
||||
type: BondXmitHashPolicy,
|
||||
optional: true,
|
||||
},
|
||||
slaves: {
|
||||
schema: NETWORK_INTERFACE_LIST_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
},
|
||||
)]
|
||||
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
|
||||
#[serde(rename_all = "kebab-case")]
|
||||
/// Update network interface config.
|
||||
pub struct InterfaceUpdater {
|
||||
#[serde(rename = "type")]
|
||||
pub interface_type: Option<NetworkInterfaceType>,
|
||||
pub autostart: Option<bool>,
|
||||
pub method: Option<NetworkConfigMethod>,
|
||||
pub method6: Option<NetworkConfigMethod>,
|
||||
pub comments: Option<String>,
|
||||
pub comments6: Option<String>,
|
||||
pub cidr: Option<String>,
|
||||
pub gateway: Option<String>,
|
||||
pub cidr6: Option<String>,
|
||||
pub gateway6: Option<String>,
|
||||
pub mtu: Option<u64>,
|
||||
#[serde(rename = "bridge_ports")]
|
||||
pub bridge_ports: Option<String>,
|
||||
#[serde(rename = "bridge_vlan_aware")]
|
||||
pub bridge_vlan_aware: Option<bool>,
|
||||
pub vlan_id: Option<u16>,
|
||||
pub vlan_raw_device: Option<String>,
|
||||
#[serde(rename = "bond_mode")]
|
||||
pub bond_mode: Option<LinuxBondMode>,
|
||||
pub bond_primary: Option<String>,
|
||||
#[serde(rename = "bond_xmit_hash_policy")]
|
||||
pub bond_xmit_hash_policy: Option<BondXmitHashPolicy>,
|
||||
pub slaves: Option<String>,
|
||||
}
|
232
proxmox-network-api/src/config/helper.rs
Normal file
232
proxmox-network-api/src/config/helper.rs
Normal file
@ -0,0 +1,232 @@
|
||||
use std::collections::HashMap;
|
||||
use std::os::unix::io::{AsRawFd, FromRawFd, OwnedFd};
|
||||
use std::path::Path;
|
||||
use std::process::Command;
|
||||
|
||||
use anyhow::{bail, format_err, Error};
|
||||
use const_format::concatcp;
|
||||
use lazy_static::lazy_static;
|
||||
use nix::ioctl_read_bad;
|
||||
use nix::sys::socket::{socket, AddressFamily, SockFlag, SockType};
|
||||
use regex::Regex;
|
||||
|
||||
use proxmox_schema::api_types::IPV4RE_STR;
|
||||
use proxmox_schema::api_types::IPV6RE_STR;
|
||||
|
||||
pub static IPV4_REVERSE_MASK: &[&str] = &[
|
||||
"0.0.0.0",
|
||||
"128.0.0.0",
|
||||
"192.0.0.0",
|
||||
"224.0.0.0",
|
||||
"240.0.0.0",
|
||||
"248.0.0.0",
|
||||
"252.0.0.0",
|
||||
"254.0.0.0",
|
||||
"255.0.0.0",
|
||||
"255.128.0.0",
|
||||
"255.192.0.0",
|
||||
"255.224.0.0",
|
||||
"255.240.0.0",
|
||||
"255.248.0.0",
|
||||
"255.252.0.0",
|
||||
"255.254.0.0",
|
||||
"255.255.0.0",
|
||||
"255.255.128.0",
|
||||
"255.255.192.0",
|
||||
"255.255.224.0",
|
||||
"255.255.240.0",
|
||||
"255.255.248.0",
|
||||
"255.255.252.0",
|
||||
"255.255.254.0",
|
||||
"255.255.255.0",
|
||||
"255.255.255.128",
|
||||
"255.255.255.192",
|
||||
"255.255.255.224",
|
||||
"255.255.255.240",
|
||||
"255.255.255.248",
|
||||
"255.255.255.252",
|
||||
"255.255.255.254",
|
||||
"255.255.255.255",
|
||||
];
|
||||
|
||||
lazy_static! {
|
||||
pub static ref IPV4_MASK_HASH_LOCALNET: HashMap<&'static str, u8> = {
|
||||
let mut map = HashMap::new();
|
||||
#[allow(clippy::needless_range_loop)]
|
||||
for i in 0..IPV4_REVERSE_MASK.len() {
|
||||
map.insert(IPV4_REVERSE_MASK[i], i as u8);
|
||||
}
|
||||
map
|
||||
};
|
||||
}
|
||||
|
||||
pub fn parse_cidr(cidr: &str) -> Result<(String, u8, bool), Error> {
|
||||
let (address, mask, is_v6) = parse_address_or_cidr(cidr)?;
|
||||
if let Some(mask) = mask {
|
||||
Ok((address, mask, is_v6))
|
||||
} else {
|
||||
bail!("missing netmask in '{}'", cidr);
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) fn check_netmask(mask: u8, is_v6: bool) -> Result<(), Error> {
|
||||
let (ver, min, max) = if is_v6 {
|
||||
("IPv6", 1, 128)
|
||||
} else {
|
||||
("IPv4", 1, 32)
|
||||
};
|
||||
|
||||
if !(mask >= min && mask <= max) {
|
||||
bail!(
|
||||
"{} mask '{}' is out of range ({}..{}).",
|
||||
ver,
|
||||
mask,
|
||||
min,
|
||||
max
|
||||
);
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
// parse ip address with optional cidr mask
|
||||
pub(crate) fn parse_address_or_cidr(cidr: &str) -> Result<(String, Option<u8>, bool), Error> {
|
||||
// NOTE: This is NOT the same regex as in proxmox-schema as this one has capture groups for
|
||||
// the addresses vs cidr portions!
|
||||
lazy_static! {
|
||||
pub static ref CIDR_V4_REGEX: Regex =
|
||||
Regex::new(concatcp!(r"^(", IPV4RE_STR, r")(?:/(\d{1,2}))?$")).unwrap();
|
||||
pub static ref CIDR_V6_REGEX: Regex =
|
||||
Regex::new(concatcp!(r"^(", IPV6RE_STR, r")(?:/(\d{1,3}))?$")).unwrap();
|
||||
}
|
||||
|
||||
if let Some(caps) = CIDR_V4_REGEX.captures(cidr) {
|
||||
let address = &caps[1];
|
||||
if let Some(mask) = caps.get(2) {
|
||||
let mask: u8 = mask.as_str().parse()?;
|
||||
check_netmask(mask, false)?;
|
||||
Ok((address.to_string(), Some(mask), false))
|
||||
} else {
|
||||
Ok((address.to_string(), None, false))
|
||||
}
|
||||
} else if let Some(caps) = CIDR_V6_REGEX.captures(cidr) {
|
||||
let address = &caps[1];
|
||||
if let Some(mask) = caps.get(2) {
|
||||
let mask: u8 = mask.as_str().parse()?;
|
||||
check_netmask(mask, true)?;
|
||||
Ok((address.to_string(), Some(mask), true))
|
||||
} else {
|
||||
Ok((address.to_string(), None, true))
|
||||
}
|
||||
} else {
|
||||
bail!("invalid address/mask '{}'", cidr);
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) fn get_network_interfaces() -> Result<HashMap<String, bool>, Error> {
|
||||
const PROC_NET_DEV: &str = "/proc/net/dev";
|
||||
|
||||
#[repr(C)]
|
||||
pub struct ifreq {
|
||||
ifr_name: [libc::c_uchar; libc::IFNAMSIZ],
|
||||
ifru_flags: libc::c_short,
|
||||
}
|
||||
|
||||
ioctl_read_bad!(get_interface_flags, libc::SIOCGIFFLAGS, ifreq);
|
||||
|
||||
lazy_static! {
|
||||
static ref IFACE_LINE_REGEX: Regex = Regex::new(r"^\s*([^:\s]+):").unwrap();
|
||||
}
|
||||
let raw = std::fs::read_to_string(PROC_NET_DEV)
|
||||
.map_err(|err| format_err!("unable to read {} - {}", PROC_NET_DEV, err))?;
|
||||
|
||||
let lines = raw.lines();
|
||||
|
||||
let sock = unsafe {
|
||||
OwnedFd::from_raw_fd(
|
||||
socket(
|
||||
AddressFamily::Inet,
|
||||
SockType::Datagram,
|
||||
SockFlag::empty(),
|
||||
None,
|
||||
)
|
||||
.or_else(|_| {
|
||||
socket(
|
||||
AddressFamily::Inet6,
|
||||
SockType::Datagram,
|
||||
SockFlag::empty(),
|
||||
None,
|
||||
)
|
||||
})?,
|
||||
)
|
||||
};
|
||||
|
||||
let mut interface_list = HashMap::new();
|
||||
|
||||
for line in lines {
|
||||
if let Some(cap) = IFACE_LINE_REGEX.captures(line) {
|
||||
let ifname = &cap[1];
|
||||
|
||||
let mut req = ifreq {
|
||||
ifr_name: *b"0000000000000000",
|
||||
ifru_flags: 0,
|
||||
};
|
||||
for (i, b) in std::ffi::CString::new(ifname)?
|
||||
.as_bytes_with_nul()
|
||||
.iter()
|
||||
.enumerate()
|
||||
{
|
||||
if i < (libc::IFNAMSIZ - 1) {
|
||||
req.ifr_name[i] = *b as libc::c_uchar;
|
||||
}
|
||||
}
|
||||
let res = unsafe { get_interface_flags(sock.as_raw_fd(), &mut req)? };
|
||||
if res != 0 {
|
||||
bail!(
|
||||
"ioctl get_interface_flags for '{}' failed ({})",
|
||||
ifname,
|
||||
res
|
||||
);
|
||||
}
|
||||
let is_up = (req.ifru_flags & (libc::IFF_UP as libc::c_short)) != 0;
|
||||
interface_list.insert(ifname.to_string(), is_up);
|
||||
}
|
||||
}
|
||||
|
||||
Ok(interface_list)
|
||||
}
|
||||
|
||||
pub(crate) fn compute_file_diff(filename: &str, shadow: &str) -> Result<String, Error> {
|
||||
let output = Command::new("diff")
|
||||
.arg("-b")
|
||||
.arg("-u")
|
||||
.arg(filename)
|
||||
.arg(shadow)
|
||||
.output()
|
||||
.map_err(|err| format_err!("failed to execute diff - {}", err))?;
|
||||
|
||||
let diff = proxmox_sys::command::command_output_as_string(output, Some(|c| c == 0 || c == 1))
|
||||
.map_err(|err| format_err!("diff failed: {}", err))?;
|
||||
|
||||
Ok(diff)
|
||||
}
|
||||
|
||||
pub fn assert_ifupdown2_installed() -> Result<(), Error> {
|
||||
if !Path::new("/usr/share/ifupdown2").exists() {
|
||||
bail!("ifupdown2 is not installed.");
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn network_reload() -> Result<(), Error> {
|
||||
let output = Command::new("ifreload")
|
||||
.arg("-a")
|
||||
.output()
|
||||
.map_err(|err| format_err!("failed to execute 'ifreload' - {}", err))?;
|
||||
|
||||
proxmox_sys::command::command_output(output, None)
|
||||
.map_err(|err| format_err!("ifreload failed: {}", err))?;
|
||||
|
||||
Ok(())
|
||||
}
|
139
proxmox-network-api/src/config/lexer.rs
Normal file
139
proxmox-network-api/src/config/lexer.rs
Normal file
@ -0,0 +1,139 @@
|
||||
use std::collections::{HashMap, VecDeque};
|
||||
use std::io::BufRead;
|
||||
use std::iter::Iterator;
|
||||
|
||||
use lazy_static::lazy_static;
|
||||
|
||||
#[derive(Debug, Copy, Clone, Eq, PartialEq)]
|
||||
pub enum Token {
|
||||
Text,
|
||||
Comment,
|
||||
DHCP,
|
||||
Newline,
|
||||
Address,
|
||||
Auto,
|
||||
Gateway,
|
||||
Inet,
|
||||
Inet6,
|
||||
Iface,
|
||||
Loopback,
|
||||
Manual,
|
||||
Netmask,
|
||||
Static,
|
||||
Attribute,
|
||||
MTU,
|
||||
BridgePorts,
|
||||
BridgeVlanAware,
|
||||
VlanId,
|
||||
VlanRawDevice,
|
||||
BondSlaves,
|
||||
BondMode,
|
||||
BondPrimary,
|
||||
BondXmitHashPolicy,
|
||||
EOF,
|
||||
}
|
||||
|
||||
lazy_static! {
|
||||
static ref KEYWORDS: HashMap<&'static str, Token> = {
|
||||
let mut map = HashMap::new();
|
||||
map.insert("address", Token::Address);
|
||||
map.insert("auto", Token::Auto);
|
||||
map.insert("dhcp", Token::DHCP);
|
||||
map.insert("gateway", Token::Gateway);
|
||||
map.insert("inet", Token::Inet);
|
||||
map.insert("inet6", Token::Inet6);
|
||||
map.insert("iface", Token::Iface);
|
||||
map.insert("loopback", Token::Loopback);
|
||||
map.insert("manual", Token::Manual);
|
||||
map.insert("netmask", Token::Netmask);
|
||||
map.insert("static", Token::Static);
|
||||
map.insert("mtu", Token::MTU);
|
||||
map.insert("bridge-ports", Token::BridgePorts);
|
||||
map.insert("bridge_ports", Token::BridgePorts);
|
||||
map.insert("bridge-vlan-aware", Token::BridgeVlanAware);
|
||||
map.insert("bridge_vlan_aware", Token::BridgeVlanAware);
|
||||
map.insert("vlan-id", Token::VlanId);
|
||||
map.insert("vlan_id", Token::VlanId);
|
||||
map.insert("vlan-raw-device", Token::VlanRawDevice);
|
||||
map.insert("vlan_raw_device", Token::VlanRawDevice);
|
||||
map.insert("bond-slaves", Token::BondSlaves);
|
||||
map.insert("bond_slaves", Token::BondSlaves);
|
||||
map.insert("bond-mode", Token::BondMode);
|
||||
map.insert("bond-primary", Token::BondPrimary);
|
||||
map.insert("bond_primary", Token::BondPrimary);
|
||||
map.insert("bond_xmit_hash_policy", Token::BondXmitHashPolicy);
|
||||
map.insert("bond-xmit-hash-policy", Token::BondXmitHashPolicy);
|
||||
map
|
||||
};
|
||||
}
|
||||
|
||||
pub struct Lexer<R> {
|
||||
input: R,
|
||||
eof_count: usize,
|
||||
cur_line: Option<VecDeque<(Token, String)>>,
|
||||
}
|
||||
|
||||
impl<R: BufRead> Lexer<R> {
|
||||
pub fn new(input: R) -> Self {
|
||||
Self {
|
||||
input,
|
||||
eof_count: 0,
|
||||
cur_line: None,
|
||||
}
|
||||
}
|
||||
|
||||
fn split_line(line: &str) -> VecDeque<(Token, String)> {
|
||||
if let Some(comment) = line.strip_prefix('#') {
|
||||
let mut res = VecDeque::new();
|
||||
res.push_back((Token::Comment, comment.trim().to_string()));
|
||||
return res;
|
||||
}
|
||||
let mut list: VecDeque<(Token, String)> = line
|
||||
.split_ascii_whitespace()
|
||||
.map(|text| {
|
||||
let token = KEYWORDS.get(text).unwrap_or(&Token::Text);
|
||||
(*token, text.to_string())
|
||||
})
|
||||
.collect();
|
||||
|
||||
if line.starts_with(|c: char| c.is_ascii_whitespace() && c != '\n') {
|
||||
list.push_front((Token::Attribute, String::from("\t")));
|
||||
}
|
||||
list
|
||||
}
|
||||
}
|
||||
|
||||
impl<R: BufRead> Iterator for Lexer<R> {
|
||||
type Item = Result<(Token, String), std::io::Error>;
|
||||
|
||||
fn next(&mut self) -> Option<Self::Item> {
|
||||
if self.cur_line.is_none() {
|
||||
let mut line = String::new();
|
||||
match self.input.read_line(&mut line) {
|
||||
Err(err) => return Some(Err(err)),
|
||||
Ok(0) => {
|
||||
self.eof_count += 1;
|
||||
if self.eof_count == 1 {
|
||||
return Some(Ok((Token::EOF, String::new())));
|
||||
}
|
||||
return None;
|
||||
}
|
||||
_ => {}
|
||||
}
|
||||
self.cur_line = Some(Self::split_line(&line));
|
||||
}
|
||||
|
||||
match self.cur_line {
|
||||
Some(ref mut cur_line) => {
|
||||
if cur_line.is_empty() {
|
||||
self.cur_line = None;
|
||||
Some(Ok((Token::Newline, String::from("\n"))))
|
||||
} else {
|
||||
let (token, text) = cur_line.pop_front().unwrap();
|
||||
Some(Ok((token, text)))
|
||||
}
|
||||
}
|
||||
None => None,
|
||||
}
|
||||
}
|
||||
}
|
723
proxmox-network-api/src/config/mod.rs
Normal file
723
proxmox-network-api/src/config/mod.rs
Normal file
@ -0,0 +1,723 @@
|
||||
mod helper;
|
||||
mod lexer;
|
||||
mod parser;
|
||||
|
||||
pub use helper::{assert_ifupdown2_installed, network_reload, parse_cidr};
|
||||
|
||||
use std::collections::{BTreeMap, HashMap, HashSet};
|
||||
use std::io::Write;
|
||||
|
||||
use anyhow::{bail, format_err, Error};
|
||||
use lazy_static::lazy_static;
|
||||
use regex::Regex;
|
||||
use serde::de::{value, Deserialize, IntoDeserializer};
|
||||
|
||||
use super::{
|
||||
BondXmitHashPolicy, Interface, LinuxBondMode, NetworkConfigMethod, NetworkInterfaceType,
|
||||
};
|
||||
|
||||
use helper::compute_file_diff;
|
||||
use helper::get_network_interfaces;
|
||||
use parser::NetworkParser;
|
||||
|
||||
use proxmox_config_digest::ConfigDigest;
|
||||
use proxmox_product_config::{open_api_lockfile, replace_system_config, ApiLockGuard};
|
||||
|
||||
lazy_static! {
|
||||
static ref PHYSICAL_NIC_REGEX: Regex = Regex::new(r"^(?:eth\d+|en[^:.]+|ib\d+)$").unwrap();
|
||||
static ref VLAN_INTERFACE_REGEX: Regex =
|
||||
Regex::new(r"^(?P<vlan_raw_device>\S+)\.(?P<vlan_id>\d+)|vlan(?P<vlan_id2>\d+)$").unwrap();
|
||||
}
|
||||
|
||||
pub fn is_physical_nic(iface: &str) -> bool {
|
||||
PHYSICAL_NIC_REGEX.is_match(iface)
|
||||
}
|
||||
|
||||
pub fn bond_mode_from_str(s: &str) -> Result<LinuxBondMode, Error> {
|
||||
LinuxBondMode::deserialize(s.into_deserializer())
|
||||
.map_err(|_: value::Error| format_err!("invalid bond_mode '{}'", s))
|
||||
}
|
||||
|
||||
pub fn bond_xmit_hash_policy_from_str(s: &str) -> Result<BondXmitHashPolicy, Error> {
|
||||
BondXmitHashPolicy::deserialize(s.into_deserializer())
|
||||
.map_err(|_: value::Error| format_err!("invalid bond_xmit_hash_policy '{}'", s))
|
||||
}
|
||||
|
||||
pub fn parse_vlan_id_from_name(iface_name: &str) -> Option<u16> {
|
||||
VLAN_INTERFACE_REGEX.captures(iface_name).and_then(|cap| {
|
||||
cap.name("vlan_id")
|
||||
.or(cap.name("vlan_id2"))
|
||||
.and_then(|id| id.as_str().parse::<u16>().ok())
|
||||
})
|
||||
}
|
||||
|
||||
pub fn parse_vlan_raw_device_from_name(iface_name: &str) -> Option<&str> {
|
||||
VLAN_INTERFACE_REGEX
|
||||
.captures(iface_name)
|
||||
.and_then(|cap| cap.name("vlan_raw_device"))
|
||||
.map(Into::into)
|
||||
}
|
||||
|
||||
// Write attributes not depending on address family
|
||||
fn write_iface_attributes(iface: &Interface, w: &mut dyn Write) -> Result<(), Error> {
|
||||
static EMPTY_LIST: Vec<String> = Vec::new();
|
||||
|
||||
match iface.interface_type {
|
||||
NetworkInterfaceType::Bridge => {
|
||||
if let Some(true) = iface.bridge_vlan_aware {
|
||||
writeln!(w, "\tbridge-vlan-aware yes")?;
|
||||
}
|
||||
let ports = iface.bridge_ports.as_ref().unwrap_or(&EMPTY_LIST);
|
||||
if ports.is_empty() {
|
||||
writeln!(w, "\tbridge-ports none")?;
|
||||
} else {
|
||||
writeln!(w, "\tbridge-ports {}", ports.join(" "))?;
|
||||
}
|
||||
}
|
||||
NetworkInterfaceType::Bond => {
|
||||
let mode = iface.bond_mode.unwrap_or(LinuxBondMode::BalanceRr);
|
||||
writeln!(w, "\tbond-mode {mode}")?;
|
||||
if let Some(primary) = &iface.bond_primary {
|
||||
if mode == LinuxBondMode::ActiveBackup {
|
||||
writeln!(w, "\tbond-primary {}", primary)?;
|
||||
}
|
||||
}
|
||||
|
||||
if let Some(xmit_policy) = &iface.bond_xmit_hash_policy {
|
||||
if mode == LinuxBondMode::Ieee802_3ad || mode == LinuxBondMode::BalanceXor {
|
||||
writeln!(w, "\tbond_xmit_hash_policy {xmit_policy}")?;
|
||||
}
|
||||
}
|
||||
|
||||
let slaves = iface.slaves.as_ref().unwrap_or(&EMPTY_LIST);
|
||||
if slaves.is_empty() {
|
||||
writeln!(w, "\tbond-slaves none")?;
|
||||
} else {
|
||||
writeln!(w, "\tbond-slaves {}", slaves.join(" "))?;
|
||||
}
|
||||
}
|
||||
NetworkInterfaceType::Vlan => {
|
||||
if let Some(vlan_id) = iface.vlan_id {
|
||||
writeln!(w, "\tvlan-id {vlan_id}")?;
|
||||
}
|
||||
if let Some(vlan_raw_device) = &iface.vlan_raw_device {
|
||||
writeln!(w, "\tvlan-raw-device {vlan_raw_device}")?;
|
||||
}
|
||||
}
|
||||
_ => {}
|
||||
}
|
||||
|
||||
if let Some(mtu) = iface.mtu {
|
||||
writeln!(w, "\tmtu {}", mtu)?;
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
// Write attributes depending on address family inet (IPv4)
|
||||
fn write_iface_attributes_v4(
|
||||
iface: &Interface,
|
||||
w: &mut dyn Write,
|
||||
method: NetworkConfigMethod,
|
||||
) -> Result<(), Error> {
|
||||
if method == NetworkConfigMethod::Static {
|
||||
if let Some(address) = &iface.cidr {
|
||||
writeln!(w, "\taddress {}", address)?;
|
||||
}
|
||||
if let Some(gateway) = &iface.gateway {
|
||||
writeln!(w, "\tgateway {}", gateway)?;
|
||||
}
|
||||
}
|
||||
|
||||
for option in &iface.options {
|
||||
writeln!(w, "\t{}", option)?;
|
||||
}
|
||||
|
||||
if let Some(ref comments) = iface.comments {
|
||||
for comment in comments.lines() {
|
||||
writeln!(w, "#{}", comment)?;
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Write attributes depending on address family inet6 (IPv6)
|
||||
fn write_iface_attributes_v6(
|
||||
iface: &Interface,
|
||||
w: &mut dyn Write,
|
||||
method: NetworkConfigMethod,
|
||||
) -> Result<(), Error> {
|
||||
if method == NetworkConfigMethod::Static {
|
||||
if let Some(address) = &iface.cidr6 {
|
||||
writeln!(w, "\taddress {}", address)?;
|
||||
}
|
||||
if let Some(gateway) = &iface.gateway6 {
|
||||
writeln!(w, "\tgateway {}", gateway)?;
|
||||
}
|
||||
}
|
||||
|
||||
for option in &iface.options6 {
|
||||
writeln!(w, "\t{}", option)?;
|
||||
}
|
||||
|
||||
if let Some(ref comments) = iface.comments6 {
|
||||
for comment in comments.lines() {
|
||||
writeln!(w, "#{}", comment)?;
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn write_iface(iface: &Interface, w: &mut dyn Write) -> Result<(), Error> {
|
||||
fn method_to_str(method: NetworkConfigMethod) -> &'static str {
|
||||
match method {
|
||||
NetworkConfigMethod::Static => "static",
|
||||
NetworkConfigMethod::Loopback => "loopback",
|
||||
NetworkConfigMethod::Manual => "manual",
|
||||
NetworkConfigMethod::DHCP => "dhcp",
|
||||
}
|
||||
}
|
||||
|
||||
if iface.method.is_none() && iface.method6.is_none() {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
if iface.autostart {
|
||||
writeln!(w, "auto {}", iface.name)?;
|
||||
}
|
||||
|
||||
if let Some(method) = iface.method {
|
||||
writeln!(w, "iface {} inet {}", iface.name, method_to_str(method))?;
|
||||
write_iface_attributes_v4(iface, w, method)?;
|
||||
write_iface_attributes(iface, w)?;
|
||||
writeln!(w)?;
|
||||
}
|
||||
|
||||
if let Some(method6) = iface.method6 {
|
||||
let mut skip_v6 = false; // avoid empty inet6 manual entry
|
||||
if iface.method.is_some()
|
||||
&& method6 == NetworkConfigMethod::Manual
|
||||
&& iface.comments6.is_none()
|
||||
&& iface.options6.is_empty()
|
||||
{
|
||||
skip_v6 = true;
|
||||
}
|
||||
|
||||
if !skip_v6 {
|
||||
writeln!(w, "iface {} inet6 {}", iface.name, method_to_str(method6))?;
|
||||
write_iface_attributes_v6(iface, w, method6)?;
|
||||
if iface.method.is_none() {
|
||||
// only write common attributes once
|
||||
write_iface_attributes(iface, w)?;
|
||||
}
|
||||
writeln!(w)?;
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub(crate) enum NetworkOrderEntry {
|
||||
Iface(String),
|
||||
Comment(String),
|
||||
Option(String),
|
||||
}
|
||||
|
||||
#[derive(Debug, Default)]
|
||||
pub struct NetworkConfig {
|
||||
pub interfaces: BTreeMap<String, Interface>,
|
||||
pub(crate) order: Vec<NetworkOrderEntry>,
|
||||
}
|
||||
|
||||
impl TryFrom<NetworkConfig> for String {
|
||||
type Error = Error;
|
||||
|
||||
fn try_from(config: NetworkConfig) -> Result<Self, Self::Error> {
|
||||
let mut output = Vec::new();
|
||||
config.write_config(&mut output)?;
|
||||
let res = String::from_utf8(output)?;
|
||||
Ok(res)
|
||||
}
|
||||
}
|
||||
|
||||
impl NetworkConfig {
|
||||
pub fn new() -> Self {
|
||||
Self {
|
||||
interfaces: BTreeMap::new(),
|
||||
order: Vec::new(),
|
||||
}
|
||||
}
|
||||
|
||||
pub fn lookup(&self, name: &str) -> Result<&Interface, Error> {
|
||||
let interface = self
|
||||
.interfaces
|
||||
.get(name)
|
||||
.ok_or_else(|| format_err!("interface '{}' does not exist.", name))?;
|
||||
Ok(interface)
|
||||
}
|
||||
|
||||
pub fn lookup_mut(&mut self, name: &str) -> Result<&mut Interface, Error> {
|
||||
let interface = self
|
||||
.interfaces
|
||||
.get_mut(name)
|
||||
.ok_or_else(|| format_err!("interface '{}' does not exist.", name))?;
|
||||
Ok(interface)
|
||||
}
|
||||
|
||||
/// Check that there is no other gateway.
|
||||
///
|
||||
/// The gateway property is only allowed on passed 'iface'. This should be
|
||||
/// called before setting the gateway.
|
||||
pub fn check_duplicate_gateway_v4(&self, iface: &str) -> Result<(), Error> {
|
||||
let current_gateway_v4 = self
|
||||
.interfaces
|
||||
.iter()
|
||||
.find(|(_, interface)| interface.gateway.is_some())
|
||||
.map(|(name, _)| name.to_string());
|
||||
|
||||
if let Some(current_gateway_v4) = current_gateway_v4 {
|
||||
if current_gateway_v4 != iface {
|
||||
bail!(
|
||||
"Default IPv4 gateway already exists on interface '{}'",
|
||||
current_gateway_v4
|
||||
);
|
||||
}
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Check that there is no other v6 gateway.
|
||||
///
|
||||
/// The gateway6 property is only allowed on passed 'iface'. This should be
|
||||
/// called before setting the gateway6.
|
||||
pub fn check_duplicate_gateway_v6(&self, iface: &str) -> Result<(), Error> {
|
||||
let current_gateway_v6 = self
|
||||
.interfaces
|
||||
.iter()
|
||||
.find(|(_, interface)| interface.gateway6.is_some())
|
||||
.map(|(name, _)| name.to_string());
|
||||
|
||||
if let Some(current_gateway_v6) = current_gateway_v6 {
|
||||
if current_gateway_v6 != iface {
|
||||
bail!(
|
||||
"Default IPv6 gateway already exists on interface '{}'",
|
||||
current_gateway_v6
|
||||
);
|
||||
}
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
/// Check if ports are used only once
|
||||
fn check_port_usage(&self) -> Result<(), Error> {
|
||||
let mut used_ports = HashMap::new();
|
||||
let mut check_port_usage = |iface, ports: &Vec<String>| {
|
||||
for port in ports.iter() {
|
||||
if let Some(prev_iface) = used_ports.get(port) {
|
||||
bail!(
|
||||
"iface '{}' port '{}' is already used on interface '{}'",
|
||||
iface,
|
||||
port,
|
||||
prev_iface
|
||||
);
|
||||
}
|
||||
used_ports.insert(port.to_string(), iface);
|
||||
}
|
||||
Ok(())
|
||||
};
|
||||
|
||||
for (iface, interface) in self.interfaces.iter() {
|
||||
if let Some(ports) = &interface.bridge_ports {
|
||||
check_port_usage(iface, ports)?;
|
||||
}
|
||||
if let Some(slaves) = &interface.slaves {
|
||||
check_port_usage(iface, slaves)?;
|
||||
}
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Check if child mtu is less or equal than parent mtu
|
||||
fn check_mtu(&self, parent_name: &str, child_name: &str) -> Result<(), Error> {
|
||||
let parent = self
|
||||
.interfaces
|
||||
.get(parent_name)
|
||||
.ok_or_else(|| format_err!("check_mtu - missing parent interface '{}'", parent_name))?;
|
||||
let child = self
|
||||
.interfaces
|
||||
.get(child_name)
|
||||
.ok_or_else(|| format_err!("check_mtu - missing child interface '{}'", child_name))?;
|
||||
|
||||
let child_mtu = match child.mtu {
|
||||
Some(mtu) => mtu,
|
||||
None => return Ok(()),
|
||||
};
|
||||
|
||||
let parent_mtu = match parent.mtu {
|
||||
Some(mtu) => mtu,
|
||||
None => {
|
||||
if parent.interface_type == NetworkInterfaceType::Bond {
|
||||
child_mtu
|
||||
} else {
|
||||
1500
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
if parent_mtu < child_mtu {
|
||||
bail!(
|
||||
"interface '{}' - mtu {} is lower than '{}' - mtu {}\n",
|
||||
parent_name,
|
||||
parent_mtu,
|
||||
child_name,
|
||||
child_mtu
|
||||
);
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Check if bond slaves exists
|
||||
fn check_bond_slaves(&self) -> Result<(), Error> {
|
||||
for (iface, interface) in self.interfaces.iter() {
|
||||
if let Some(slaves) = &interface.slaves {
|
||||
for slave in slaves.iter() {
|
||||
match self.interfaces.get(slave) {
|
||||
Some(entry) => {
|
||||
if entry.interface_type != NetworkInterfaceType::Eth {
|
||||
bail!(
|
||||
"bond '{}' - wrong interface type on slave '{}' ({:?} != {:?})",
|
||||
iface,
|
||||
slave,
|
||||
entry.interface_type,
|
||||
NetworkInterfaceType::Eth
|
||||
);
|
||||
}
|
||||
}
|
||||
None => {
|
||||
bail!("bond '{}' - unable to find slave '{}'", iface, slave);
|
||||
}
|
||||
}
|
||||
self.check_mtu(iface, slave)?;
|
||||
}
|
||||
}
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Check if bridge ports exists
|
||||
fn check_bridge_ports(&self) -> Result<(), Error> {
|
||||
lazy_static! {
|
||||
static ref VLAN_INTERFACE_REGEX: Regex = Regex::new(r"^(\S+)\.(\d+)$").unwrap();
|
||||
}
|
||||
|
||||
for (iface, interface) in self.interfaces.iter() {
|
||||
if let Some(ports) = &interface.bridge_ports {
|
||||
for port in ports.iter() {
|
||||
let captures = VLAN_INTERFACE_REGEX.captures(port);
|
||||
let port = if let Some(ref caps) = captures {
|
||||
&caps[1]
|
||||
} else {
|
||||
port.as_str()
|
||||
};
|
||||
if !self.interfaces.contains_key(port) {
|
||||
bail!("bridge '{}' - unable to find port '{}'", iface, port);
|
||||
}
|
||||
self.check_mtu(iface, port)?;
|
||||
}
|
||||
}
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn write_config(&self, w: &mut dyn Write) -> Result<(), Error> {
|
||||
self.check_port_usage()?;
|
||||
self.check_bond_slaves()?;
|
||||
self.check_bridge_ports()?;
|
||||
|
||||
let mut done = HashSet::new();
|
||||
|
||||
let mut last_entry_was_comment = false;
|
||||
|
||||
for entry in self.order.iter() {
|
||||
match entry {
|
||||
NetworkOrderEntry::Comment(comment) => {
|
||||
writeln!(w, "#{}", comment)?;
|
||||
last_entry_was_comment = true;
|
||||
}
|
||||
NetworkOrderEntry::Option(option) => {
|
||||
if last_entry_was_comment {
|
||||
writeln!(w)?;
|
||||
}
|
||||
last_entry_was_comment = false;
|
||||
writeln!(w, "{}", option)?;
|
||||
writeln!(w)?;
|
||||
}
|
||||
NetworkOrderEntry::Iface(name) => {
|
||||
let interface = match self.interfaces.get(name) {
|
||||
Some(interface) => interface,
|
||||
None => continue,
|
||||
};
|
||||
|
||||
if last_entry_was_comment {
|
||||
writeln!(w)?;
|
||||
}
|
||||
last_entry_was_comment = false;
|
||||
|
||||
if done.contains(name) {
|
||||
continue;
|
||||
}
|
||||
done.insert(name);
|
||||
|
||||
write_iface(interface, w)?;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
for (name, interface) in &self.interfaces {
|
||||
if done.contains(name) {
|
||||
continue;
|
||||
}
|
||||
write_iface(interface, w)?;
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
pub const NETWORK_INTERFACES_FILENAME: &str = "/etc/network/interfaces";
|
||||
pub const NETWORK_INTERFACES_NEW_FILENAME: &str = "/etc/network/interfaces.new";
|
||||
pub const NETWORK_LOCKFILE: &str = "/var/lock/pve-network.lck";
|
||||
|
||||
pub fn lock_config() -> Result<ApiLockGuard, Error> {
|
||||
open_api_lockfile(NETWORK_LOCKFILE, None, true)
|
||||
}
|
||||
|
||||
pub fn config() -> Result<(NetworkConfig, ConfigDigest), Error> {
|
||||
let content =
|
||||
match proxmox_sys::fs::file_get_optional_contents(NETWORK_INTERFACES_NEW_FILENAME)? {
|
||||
Some(content) => content,
|
||||
None => {
|
||||
let content =
|
||||
proxmox_sys::fs::file_get_optional_contents(NETWORK_INTERFACES_FILENAME)?;
|
||||
content.unwrap_or_default()
|
||||
}
|
||||
};
|
||||
|
||||
let digest = ConfigDigest::from_slice(&content);
|
||||
|
||||
let existing_interfaces = get_network_interfaces()?;
|
||||
let mut parser = NetworkParser::new(&content[..]);
|
||||
let data = parser.parse_interfaces(Some(&existing_interfaces))?;
|
||||
|
||||
Ok((data, digest))
|
||||
}
|
||||
|
||||
pub fn changes() -> Result<String, Error> {
|
||||
if !std::path::Path::new(NETWORK_INTERFACES_NEW_FILENAME).exists() {
|
||||
return Ok(String::new());
|
||||
}
|
||||
|
||||
compute_file_diff(NETWORK_INTERFACES_FILENAME, NETWORK_INTERFACES_NEW_FILENAME)
|
||||
}
|
||||
|
||||
pub fn save_config(config: &NetworkConfig) -> Result<(), Error> {
|
||||
let mut raw = Vec::new();
|
||||
config.write_config(&mut raw)?;
|
||||
replace_system_config(NETWORK_INTERFACES_NEW_FILENAME, &raw)?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
// shell completion helper
|
||||
pub fn complete_interface_name(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
|
||||
match config() {
|
||||
Ok((data, _digest)) => data.interfaces.keys().map(|id| id.to_string()).collect(),
|
||||
Err(_) => Vec::new(),
|
||||
}
|
||||
}
|
||||
|
||||
pub fn complete_port_list(arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
|
||||
let mut ports = Vec::new();
|
||||
match config() {
|
||||
Ok((data, _digest)) => {
|
||||
for (iface, interface) in data.interfaces.iter() {
|
||||
if interface.interface_type == NetworkInterfaceType::Eth {
|
||||
ports.push(iface.to_string());
|
||||
}
|
||||
}
|
||||
}
|
||||
Err(_) => return Vec::new(),
|
||||
};
|
||||
|
||||
let arg = arg.trim();
|
||||
let prefix = if let Some(idx) = arg.rfind(',') {
|
||||
&arg[..idx + 1]
|
||||
} else {
|
||||
""
|
||||
};
|
||||
ports
|
||||
.iter()
|
||||
.map(|port| format!("{}{}", prefix, port))
|
||||
.collect()
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
|
||||
use NetworkConfigMethod::*;
|
||||
use NetworkInterfaceType::*;
|
||||
use NetworkOrderEntry::*;
|
||||
|
||||
#[test]
|
||||
fn test_write_network_config_manual() {
|
||||
let iface_name = String::from("enp3s0");
|
||||
let mut iface = Interface::new(iface_name.clone());
|
||||
iface.interface_type = Eth;
|
||||
iface.method = Some(Manual);
|
||||
iface.active = true;
|
||||
|
||||
let nw_config = NetworkConfig {
|
||||
interfaces: BTreeMap::from([(iface_name.clone(), iface)]),
|
||||
order: vec![Iface(iface_name.clone())],
|
||||
};
|
||||
|
||||
assert_eq!(
|
||||
String::try_from(nw_config).unwrap().trim(),
|
||||
r#"iface enp3s0 inet manual"#
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_write_network_config_static() {
|
||||
let iface_name = String::from("enp3s0");
|
||||
let mut iface = Interface::new(iface_name.clone());
|
||||
iface.interface_type = Eth;
|
||||
iface.method = Some(Static);
|
||||
iface.cidr = Some(String::from("10.0.0.100/16"));
|
||||
iface.active = true;
|
||||
|
||||
let nw_config = NetworkConfig {
|
||||
interfaces: BTreeMap::from([(iface_name.clone(), iface)]),
|
||||
order: vec![Iface(iface_name.clone())],
|
||||
};
|
||||
assert_eq!(
|
||||
String::try_from(nw_config).unwrap().trim(),
|
||||
format!(
|
||||
r#"
|
||||
iface enp3s0 inet static
|
||||
address 10.0.0.100/16"#
|
||||
)
|
||||
.trim()
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_write_network_config_static_with_gateway() {
|
||||
let iface_name = String::from("enp3s0");
|
||||
let mut iface = Interface::new(iface_name.clone());
|
||||
iface.interface_type = Eth;
|
||||
iface.method = Some(Static);
|
||||
iface.cidr = Some(String::from("10.0.0.100/16"));
|
||||
iface.gateway = Some(String::from("10.0.0.1"));
|
||||
iface.active = true;
|
||||
|
||||
let nw_config = NetworkConfig {
|
||||
interfaces: BTreeMap::from([(iface_name.clone(), iface)]),
|
||||
order: vec![Iface(iface_name.clone())],
|
||||
};
|
||||
assert_eq!(
|
||||
String::try_from(nw_config).unwrap().trim(),
|
||||
format!(
|
||||
r#"
|
||||
iface enp3s0 inet static
|
||||
address 10.0.0.100/16
|
||||
gateway 10.0.0.1"#
|
||||
)
|
||||
.trim()
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_write_network_config_vlan_id_in_name() {
|
||||
let iface_name = String::from("vmbr0.100");
|
||||
let mut iface = Interface::new(iface_name.clone());
|
||||
iface.interface_type = Vlan;
|
||||
iface.method = Some(Manual);
|
||||
iface.active = true;
|
||||
|
||||
let nw_config = NetworkConfig {
|
||||
interfaces: BTreeMap::from([(iface_name.clone(), iface)]),
|
||||
order: vec![Iface(iface_name.clone())],
|
||||
};
|
||||
assert_eq!(
|
||||
String::try_from(nw_config).unwrap().trim(),
|
||||
"iface vmbr0.100 inet manual"
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_write_network_config_vlan_with_raw_device() {
|
||||
let iface_name = String::from("vlan100");
|
||||
let mut iface = Interface::new(iface_name.clone());
|
||||
iface.interface_type = Vlan;
|
||||
iface.vlan_raw_device = Some(String::from("vmbr0"));
|
||||
iface.method = Some(Manual);
|
||||
iface.active = true;
|
||||
|
||||
let nw_config = NetworkConfig {
|
||||
interfaces: BTreeMap::from([(iface_name.clone(), iface)]),
|
||||
order: vec![Iface(iface_name.clone())],
|
||||
};
|
||||
assert_eq!(
|
||||
String::try_from(nw_config).unwrap().trim(),
|
||||
r#"
|
||||
iface vlan100 inet manual
|
||||
vlan-raw-device vmbr0"#
|
||||
.trim()
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_write_network_config_vlan_with_individual_name() {
|
||||
let iface_name = String::from("individual_name");
|
||||
let mut iface = Interface::new(iface_name.clone());
|
||||
iface.interface_type = Vlan;
|
||||
iface.vlan_raw_device = Some(String::from("vmbr0"));
|
||||
iface.vlan_id = Some(100);
|
||||
iface.method = Some(Manual);
|
||||
iface.active = true;
|
||||
|
||||
let nw_config = NetworkConfig {
|
||||
interfaces: BTreeMap::from([(iface_name.clone(), iface)]),
|
||||
order: vec![Iface(iface_name.clone())],
|
||||
};
|
||||
assert_eq!(
|
||||
String::try_from(nw_config).unwrap().trim(),
|
||||
r#"
|
||||
iface individual_name inet manual
|
||||
vlan-id 100
|
||||
vlan-raw-device vmbr0"#
|
||||
.trim()
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_vlan_parse_vlan_id_from_name() {
|
||||
assert_eq!(parse_vlan_id_from_name("vlan100"), Some(100));
|
||||
assert_eq!(parse_vlan_id_from_name("vlan"), None);
|
||||
assert_eq!(parse_vlan_id_from_name("arbitrary"), None);
|
||||
assert_eq!(parse_vlan_id_from_name("vmbr0.100"), Some(100));
|
||||
assert_eq!(parse_vlan_id_from_name("vmbr0"), None);
|
||||
// assert_eq!(parse_vlan_id_from_name("vmbr0.1.400"), Some(400)); // NOTE ifupdown2 does actually support this
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_vlan_parse_vlan_raw_device_from_name() {
|
||||
assert_eq!(parse_vlan_raw_device_from_name("vlan100"), None);
|
||||
assert_eq!(parse_vlan_raw_device_from_name("arbitrary"), None);
|
||||
assert_eq!(parse_vlan_raw_device_from_name("vmbr0"), None);
|
||||
assert_eq!(parse_vlan_raw_device_from_name("vmbr0.200"), Some("vmbr0"));
|
||||
}
|
||||
}
|
862
proxmox-network-api/src/config/parser.rs
Normal file
862
proxmox-network-api/src/config/parser.rs
Normal file
@ -0,0 +1,862 @@
|
||||
use crate::VLAN_INTERFACE_REGEX;
|
||||
|
||||
use std::collections::{HashMap, HashSet};
|
||||
use std::io::BufRead;
|
||||
use std::iter::{Iterator, Peekable};
|
||||
|
||||
use anyhow::{bail, format_err, Error};
|
||||
use lazy_static::lazy_static;
|
||||
use regex::Regex;
|
||||
use serde::de::{value, Deserialize, IntoDeserializer};
|
||||
|
||||
use super::helper::*;
|
||||
use super::lexer::*;
|
||||
|
||||
use super::LinuxBondMode;
|
||||
|
||||
use proxmox_schema::api_types::IP_REGEX;
|
||||
|
||||
use super::{BondXmitHashPolicy, Interface, NetworkConfigMethod, NetworkInterfaceType};
|
||||
|
||||
use crate::config::NetworkConfig;
|
||||
use crate::config::NetworkOrderEntry;
|
||||
|
||||
pub fn bond_mode_from_str(s: &str) -> Result<LinuxBondMode, Error> {
|
||||
LinuxBondMode::deserialize(s.into_deserializer())
|
||||
.map_err(|_: value::Error| format_err!("invalid bond_mode '{}'", s))
|
||||
}
|
||||
|
||||
pub fn bond_xmit_hash_policy_from_str(s: &str) -> Result<BondXmitHashPolicy, Error> {
|
||||
BondXmitHashPolicy::deserialize(s.into_deserializer())
|
||||
.map_err(|_: value::Error| format_err!("invalid bond_xmit_hash_policy '{}'", s))
|
||||
}
|
||||
|
||||
fn set_method_v4(iface: &mut Interface, method: NetworkConfigMethod) -> Result<(), Error> {
|
||||
if iface.method.is_none() {
|
||||
iface.method = Some(method);
|
||||
} else {
|
||||
bail!("inet configuration method already set.");
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn set_method_v6(iface: &mut Interface, method: NetworkConfigMethod) -> Result<(), Error> {
|
||||
if iface.method6.is_none() {
|
||||
iface.method6 = Some(method);
|
||||
} else {
|
||||
bail!("inet6 configuration method already set.");
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn set_cidr_v4(iface: &mut Interface, address: String) -> Result<(), Error> {
|
||||
if iface.cidr.is_none() {
|
||||
iface.cidr = Some(address);
|
||||
} else {
|
||||
bail!("duplicate IPv4 address.");
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn set_gateway_v4(iface: &mut Interface, gateway: String) -> Result<(), Error> {
|
||||
if iface.gateway.is_none() {
|
||||
iface.gateway = Some(gateway);
|
||||
} else {
|
||||
bail!("duplicate IPv4 gateway.");
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn set_cidr_v6(iface: &mut Interface, address: String) -> Result<(), Error> {
|
||||
if iface.cidr6.is_none() {
|
||||
iface.cidr6 = Some(address);
|
||||
} else {
|
||||
bail!("duplicate IPv6 address.");
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn set_gateway_v6(iface: &mut Interface, gateway: String) -> Result<(), Error> {
|
||||
if iface.gateway6.is_none() {
|
||||
iface.gateway6 = Some(gateway);
|
||||
} else {
|
||||
bail!("duplicate IPv4 gateway.");
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn set_interface_type(
|
||||
iface: &mut Interface,
|
||||
interface_type: NetworkInterfaceType,
|
||||
) -> Result<(), Error> {
|
||||
if iface.interface_type == NetworkInterfaceType::Unknown {
|
||||
iface.interface_type = interface_type;
|
||||
} else if iface.interface_type != interface_type {
|
||||
bail!(
|
||||
"interface type already defined - cannot change from {:?} to {:?}",
|
||||
iface.interface_type,
|
||||
interface_type
|
||||
);
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub struct NetworkParser<R: BufRead> {
|
||||
input: Peekable<Lexer<R>>,
|
||||
line_nr: usize,
|
||||
}
|
||||
|
||||
impl<R: BufRead> NetworkParser<R> {
|
||||
pub fn new(reader: R) -> Self {
|
||||
let input = Lexer::new(reader).peekable();
|
||||
Self { input, line_nr: 1 }
|
||||
}
|
||||
|
||||
fn peek(&mut self) -> Result<Token, Error> {
|
||||
match self.input.peek() {
|
||||
Some(Err(err)) => {
|
||||
bail!("input error - {}", err);
|
||||
}
|
||||
Some(Ok((token, _))) => Ok(*token),
|
||||
None => {
|
||||
bail!("got unexpected end of stream (inside peek)");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn next(&mut self) -> Result<(Token, String), Error> {
|
||||
match self.input.next() {
|
||||
Some(Err(err)) => {
|
||||
bail!("input error - {}", err);
|
||||
}
|
||||
Some(Ok((token, text))) => {
|
||||
if token == Token::Newline {
|
||||
self.line_nr += 1;
|
||||
}
|
||||
Ok((token, text))
|
||||
}
|
||||
None => {
|
||||
bail!("got unexpected end of stream (inside peek)");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn next_text(&mut self) -> Result<String, Error> {
|
||||
match self.next()? {
|
||||
(Token::Text, text) => Ok(text),
|
||||
(unexpected, _) => bail!("got unexpected token {:?} (expecting Text)", unexpected),
|
||||
}
|
||||
}
|
||||
|
||||
fn eat(&mut self, expected: Token) -> Result<String, Error> {
|
||||
let (next, text) = self.next()?;
|
||||
if next != expected {
|
||||
bail!("expected {:?}, got {:?}", expected, next);
|
||||
}
|
||||
Ok(text)
|
||||
}
|
||||
|
||||
fn parse_auto(&mut self, auto_flag: &mut HashSet<String>) -> Result<(), Error> {
|
||||
self.eat(Token::Auto)?;
|
||||
|
||||
loop {
|
||||
match self.next()? {
|
||||
(Token::Text, iface) => {
|
||||
auto_flag.insert(iface.to_string());
|
||||
}
|
||||
(Token::Newline, _) => break,
|
||||
unexpected => {
|
||||
bail!("expected {:?}, got {:?}", Token::Text, unexpected);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn parse_netmask(&mut self) -> Result<u8, Error> {
|
||||
self.eat(Token::Netmask)?;
|
||||
let netmask = self.next_text()?;
|
||||
|
||||
let mask = if let Some(mask) = IPV4_MASK_HASH_LOCALNET.get(netmask.as_str()) {
|
||||
*mask
|
||||
} else {
|
||||
match netmask.as_str().parse::<u8>() {
|
||||
Ok(mask) => mask,
|
||||
Err(err) => {
|
||||
bail!("unable to parse netmask '{}' - {}", netmask, err);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
self.eat(Token::Newline)?;
|
||||
|
||||
Ok(mask)
|
||||
}
|
||||
|
||||
fn parse_iface_address(&mut self) -> Result<(String, Option<u8>, bool), Error> {
|
||||
self.eat(Token::Address)?;
|
||||
let cidr = self.next_text()?;
|
||||
|
||||
let (_address, mask, ipv6) = parse_address_or_cidr(&cidr)?;
|
||||
|
||||
self.eat(Token::Newline)?;
|
||||
|
||||
Ok((cidr, mask, ipv6))
|
||||
}
|
||||
|
||||
fn parse_iface_gateway(&mut self, interface: &mut Interface) -> Result<(), Error> {
|
||||
self.eat(Token::Gateway)?;
|
||||
let gateway = self.next_text()?;
|
||||
|
||||
if IP_REGEX.is_match(&gateway) {
|
||||
if gateway.contains(':') {
|
||||
set_gateway_v6(interface, gateway)?;
|
||||
} else {
|
||||
set_gateway_v4(interface, gateway)?;
|
||||
}
|
||||
} else {
|
||||
bail!("unable to parse gateway address");
|
||||
}
|
||||
|
||||
self.eat(Token::Newline)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn parse_iface_mtu(&mut self) -> Result<u64, Error> {
|
||||
self.eat(Token::MTU)?;
|
||||
|
||||
let mtu = self.next_text()?;
|
||||
let mtu = match mtu.parse::<u64>() {
|
||||
Ok(mtu) => mtu,
|
||||
Err(err) => {
|
||||
bail!("unable to parse mtu value '{}' - {}", mtu, err);
|
||||
}
|
||||
};
|
||||
|
||||
self.eat(Token::Newline)?;
|
||||
|
||||
Ok(mtu)
|
||||
}
|
||||
|
||||
fn parse_yes_no(&mut self) -> Result<bool, Error> {
|
||||
let text = self.next_text()?;
|
||||
let value = match text.to_lowercase().as_str() {
|
||||
"yes" => true,
|
||||
"no" => false,
|
||||
_ => {
|
||||
bail!("unable to bool value '{}' - (expected yes/no)", text);
|
||||
}
|
||||
};
|
||||
|
||||
self.eat(Token::Newline)?;
|
||||
|
||||
Ok(value)
|
||||
}
|
||||
|
||||
fn parse_to_eol(&mut self) -> Result<String, Error> {
|
||||
let mut line = String::new();
|
||||
loop {
|
||||
match self.next()? {
|
||||
(Token::Newline, _) => return Ok(line),
|
||||
(_, text) => {
|
||||
if !line.is_empty() {
|
||||
line.push(' ');
|
||||
}
|
||||
line.push_str(&text);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn parse_iface_list(&mut self) -> Result<Vec<String>, Error> {
|
||||
let mut list = Vec::new();
|
||||
|
||||
loop {
|
||||
let (token, text) = self.next()?;
|
||||
match token {
|
||||
Token::Newline => break,
|
||||
Token::Text => {
|
||||
if &text != "none" {
|
||||
list.push(text);
|
||||
}
|
||||
}
|
||||
_ => bail!(
|
||||
"unable to parse interface list - unexpected token '{:?}'",
|
||||
token
|
||||
),
|
||||
}
|
||||
}
|
||||
|
||||
Ok(list)
|
||||
}
|
||||
|
||||
fn parse_iface_attributes(
|
||||
&mut self,
|
||||
interface: &mut Interface,
|
||||
address_family_v4: bool,
|
||||
address_family_v6: bool,
|
||||
) -> Result<(), Error> {
|
||||
let mut netmask = None;
|
||||
let mut address_list = Vec::new();
|
||||
|
||||
loop {
|
||||
match self.peek()? {
|
||||
Token::Attribute => {
|
||||
self.eat(Token::Attribute)?;
|
||||
}
|
||||
Token::Comment => {
|
||||
let comment = self.eat(Token::Comment)?;
|
||||
if !address_family_v4 && address_family_v6 {
|
||||
let mut comments = interface.comments6.take().unwrap_or_default();
|
||||
if !comments.is_empty() {
|
||||
comments.push('\n');
|
||||
}
|
||||
comments.push_str(&comment);
|
||||
interface.comments6 = Some(comments);
|
||||
} else {
|
||||
let mut comments = interface.comments.take().unwrap_or_default();
|
||||
if !comments.is_empty() {
|
||||
comments.push('\n');
|
||||
}
|
||||
comments.push_str(&comment);
|
||||
interface.comments = Some(comments);
|
||||
}
|
||||
self.eat(Token::Newline)?;
|
||||
continue;
|
||||
}
|
||||
_ => break,
|
||||
}
|
||||
|
||||
match self.peek()? {
|
||||
Token::Address => {
|
||||
let (cidr, mask, is_v6) = self.parse_iface_address()?;
|
||||
address_list.push((cidr, mask, is_v6));
|
||||
}
|
||||
Token::Gateway => self.parse_iface_gateway(interface)?,
|
||||
Token::Netmask => {
|
||||
//Note: netmask is deprecated, but we try to do our best
|
||||
netmask = Some(self.parse_netmask()?);
|
||||
}
|
||||
Token::MTU => {
|
||||
let mtu = self.parse_iface_mtu()?;
|
||||
interface.mtu = Some(mtu);
|
||||
}
|
||||
Token::BridgeVlanAware => {
|
||||
self.eat(Token::BridgeVlanAware)?;
|
||||
let bridge_vlan_aware = self.parse_yes_no()?;
|
||||
interface.bridge_vlan_aware = Some(bridge_vlan_aware);
|
||||
}
|
||||
Token::BridgePorts => {
|
||||
self.eat(Token::BridgePorts)?;
|
||||
let ports = self.parse_iface_list()?;
|
||||
interface.bridge_ports = Some(ports);
|
||||
set_interface_type(interface, NetworkInterfaceType::Bridge)?;
|
||||
}
|
||||
Token::BondSlaves => {
|
||||
self.eat(Token::BondSlaves)?;
|
||||
let slaves = self.parse_iface_list()?;
|
||||
interface.slaves = Some(slaves);
|
||||
set_interface_type(interface, NetworkInterfaceType::Bond)?;
|
||||
}
|
||||
Token::BondMode => {
|
||||
self.eat(Token::BondMode)?;
|
||||
let mode = self.next_text()?;
|
||||
interface.bond_mode = Some(bond_mode_from_str(&mode)?);
|
||||
self.eat(Token::Newline)?;
|
||||
}
|
||||
Token::BondPrimary => {
|
||||
self.eat(Token::BondPrimary)?;
|
||||
let primary = self.next_text()?;
|
||||
interface.bond_primary = Some(primary);
|
||||
self.eat(Token::Newline)?;
|
||||
}
|
||||
Token::BondXmitHashPolicy => {
|
||||
self.eat(Token::BondXmitHashPolicy)?;
|
||||
let policy = bond_xmit_hash_policy_from_str(&self.next_text()?)?;
|
||||
interface.bond_xmit_hash_policy = Some(policy);
|
||||
self.eat(Token::Newline)?;
|
||||
}
|
||||
Token::VlanId => {
|
||||
self.eat(Token::VlanId)?;
|
||||
let vlan_id = self.next_text()?.parse()?;
|
||||
interface.vlan_id = Some(vlan_id);
|
||||
set_interface_type(interface, NetworkInterfaceType::Vlan)?;
|
||||
self.eat(Token::Newline)?;
|
||||
}
|
||||
Token::VlanRawDevice => {
|
||||
self.eat(Token::VlanRawDevice)?;
|
||||
let vlan_raw_device = self.next_text()?;
|
||||
interface.vlan_raw_device = Some(vlan_raw_device);
|
||||
set_interface_type(interface, NetworkInterfaceType::Vlan)?;
|
||||
self.eat(Token::Newline)?;
|
||||
}
|
||||
_ => {
|
||||
// parse addon attributes
|
||||
let option = self.parse_to_eol()?;
|
||||
if !option.is_empty() {
|
||||
if !address_family_v4 && address_family_v6 {
|
||||
interface.options6.push(option);
|
||||
} else {
|
||||
interface.options.push(option);
|
||||
}
|
||||
};
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[allow(clippy::comparison_chain)]
|
||||
if let Some(netmask) = netmask {
|
||||
if address_list.len() > 1 {
|
||||
bail!("unable to apply netmask to multiple addresses (please use cidr notation)");
|
||||
} else if address_list.len() == 1 {
|
||||
let (mut cidr, mask, is_v6) = address_list.pop().unwrap();
|
||||
if mask.is_some() {
|
||||
// address already has a mask - ignore netmask
|
||||
} else {
|
||||
use std::fmt::Write as _;
|
||||
check_netmask(netmask, is_v6)?;
|
||||
let _ = write!(cidr, "/{}", netmask);
|
||||
}
|
||||
if is_v6 {
|
||||
set_cidr_v6(interface, cidr)?;
|
||||
} else {
|
||||
set_cidr_v4(interface, cidr)?;
|
||||
}
|
||||
} else {
|
||||
// no address - simply ignore useless netmask
|
||||
}
|
||||
} else {
|
||||
for (cidr, mask, is_v6) in address_list {
|
||||
if mask.is_none() {
|
||||
bail!("missing netmask in '{}'", cidr);
|
||||
}
|
||||
if is_v6 {
|
||||
set_cidr_v6(interface, cidr)?;
|
||||
} else {
|
||||
set_cidr_v4(interface, cidr)?;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn parse_iface(&mut self, config: &mut NetworkConfig) -> Result<(), Error> {
|
||||
self.eat(Token::Iface)?;
|
||||
let iface = self.next_text()?;
|
||||
|
||||
let mut address_family_v4 = false;
|
||||
let mut address_family_v6 = false;
|
||||
let mut config_method = None;
|
||||
|
||||
loop {
|
||||
let (token, text) = self.next()?;
|
||||
match token {
|
||||
Token::Newline => break,
|
||||
Token::Inet => address_family_v4 = true,
|
||||
Token::Inet6 => address_family_v6 = true,
|
||||
Token::Loopback => config_method = Some(NetworkConfigMethod::Loopback),
|
||||
Token::Static => config_method = Some(NetworkConfigMethod::Static),
|
||||
Token::Manual => config_method = Some(NetworkConfigMethod::Manual),
|
||||
Token::DHCP => config_method = Some(NetworkConfigMethod::DHCP),
|
||||
_ => bail!("unknown iface option {}", text),
|
||||
}
|
||||
}
|
||||
|
||||
let config_method = config_method.unwrap_or(NetworkConfigMethod::Static);
|
||||
|
||||
if !(address_family_v4 || address_family_v6) {
|
||||
address_family_v4 = true;
|
||||
address_family_v6 = true;
|
||||
}
|
||||
|
||||
if let Some(interface) = config.interfaces.get_mut(&iface) {
|
||||
if address_family_v4 {
|
||||
set_method_v4(interface, config_method)?;
|
||||
}
|
||||
if address_family_v6 {
|
||||
set_method_v6(interface, config_method)?;
|
||||
}
|
||||
|
||||
self.parse_iface_attributes(interface, address_family_v4, address_family_v6)?;
|
||||
} else {
|
||||
let mut interface = Interface::new(iface.clone());
|
||||
if address_family_v4 {
|
||||
set_method_v4(&mut interface, config_method)?;
|
||||
}
|
||||
if address_family_v6 {
|
||||
set_method_v6(&mut interface, config_method)?;
|
||||
}
|
||||
|
||||
self.parse_iface_attributes(&mut interface, address_family_v4, address_family_v6)?;
|
||||
|
||||
config.interfaces.insert(interface.name.clone(), interface);
|
||||
|
||||
config.order.push(NetworkOrderEntry::Iface(iface));
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn parse_interfaces(
|
||||
&mut self,
|
||||
existing_interfaces: Option<&HashMap<String, bool>>,
|
||||
) -> Result<NetworkConfig, Error> {
|
||||
self.do_parse_interfaces(existing_interfaces)
|
||||
.map_err(|err| format_err!("line {}: {}", self.line_nr, err))
|
||||
}
|
||||
|
||||
fn do_parse_interfaces(
|
||||
&mut self,
|
||||
existing_interfaces: Option<&HashMap<String, bool>>,
|
||||
) -> Result<NetworkConfig, Error> {
|
||||
let mut config = NetworkConfig::new();
|
||||
|
||||
let mut auto_flag: HashSet<String> = HashSet::new();
|
||||
|
||||
loop {
|
||||
match self.peek()? {
|
||||
Token::EOF => {
|
||||
break;
|
||||
}
|
||||
Token::Newline => {
|
||||
// skip empty lines
|
||||
self.eat(Token::Newline)?;
|
||||
}
|
||||
Token::Comment => {
|
||||
let (_, text) = self.next()?;
|
||||
config.order.push(NetworkOrderEntry::Comment(text));
|
||||
self.eat(Token::Newline)?;
|
||||
}
|
||||
Token::Auto => {
|
||||
self.parse_auto(&mut auto_flag)?;
|
||||
}
|
||||
Token::Iface => {
|
||||
self.parse_iface(&mut config)?;
|
||||
}
|
||||
_ => {
|
||||
let option = self.parse_to_eol()?;
|
||||
if !option.is_empty() {
|
||||
config.order.push(NetworkOrderEntry::Option(option));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
for iface in auto_flag.iter() {
|
||||
if let Some(interface) = config.interfaces.get_mut(iface) {
|
||||
interface.autostart = true;
|
||||
}
|
||||
}
|
||||
|
||||
lazy_static! {
|
||||
static ref INTERFACE_ALIAS_REGEX: Regex = Regex::new(r"^\S+:\d+$").unwrap();
|
||||
}
|
||||
|
||||
if let Some(existing_interfaces) = existing_interfaces {
|
||||
for (iface, active) in existing_interfaces.iter() {
|
||||
if let Some(interface) = config.interfaces.get_mut(iface) {
|
||||
interface.active = *active;
|
||||
if interface.interface_type == NetworkInterfaceType::Unknown
|
||||
&& super::is_physical_nic(iface)
|
||||
{
|
||||
interface.interface_type = NetworkInterfaceType::Eth;
|
||||
}
|
||||
} else if super::is_physical_nic(iface) {
|
||||
// also add all physical NICs
|
||||
let mut interface = Interface::new(iface.clone());
|
||||
set_method_v4(&mut interface, NetworkConfigMethod::Manual)?;
|
||||
interface.interface_type = NetworkInterfaceType::Eth;
|
||||
interface.active = *active;
|
||||
config.interfaces.insert(interface.name.clone(), interface);
|
||||
config
|
||||
.order
|
||||
.push(NetworkOrderEntry::Iface(iface.to_string()));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
for (name, interface) in config.interfaces.iter_mut() {
|
||||
if interface.interface_type != NetworkInterfaceType::Unknown {
|
||||
continue;
|
||||
}
|
||||
if name == "lo" {
|
||||
interface.interface_type = NetworkInterfaceType::Loopback;
|
||||
continue;
|
||||
}
|
||||
if INTERFACE_ALIAS_REGEX.is_match(name) {
|
||||
interface.interface_type = NetworkInterfaceType::Alias;
|
||||
continue;
|
||||
}
|
||||
if VLAN_INTERFACE_REGEX.is_match(name) {
|
||||
interface.interface_type = NetworkInterfaceType::Vlan;
|
||||
continue;
|
||||
}
|
||||
if super::is_physical_nic(name) {
|
||||
interface.interface_type = NetworkInterfaceType::Eth;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if config.interfaces.get("lo").is_none() {
|
||||
let mut interface = Interface::new(String::from("lo"));
|
||||
set_method_v4(&mut interface, NetworkConfigMethod::Loopback)?;
|
||||
interface.interface_type = NetworkInterfaceType::Loopback;
|
||||
interface.autostart = true;
|
||||
config.interfaces.insert(interface.name.clone(), interface);
|
||||
|
||||
// Note: insert 'lo' as first interface after initial comments
|
||||
let mut new_order = Vec::new();
|
||||
let mut added_lo = false;
|
||||
for entry in config.order {
|
||||
if added_lo {
|
||||
new_order.push(entry);
|
||||
continue;
|
||||
} // copy the rest
|
||||
match entry {
|
||||
NetworkOrderEntry::Comment(_) => {
|
||||
new_order.push(entry);
|
||||
}
|
||||
_ => {
|
||||
new_order.push(NetworkOrderEntry::Iface(String::from("lo")));
|
||||
added_lo = true;
|
||||
new_order.push(entry);
|
||||
}
|
||||
}
|
||||
}
|
||||
config.order = new_order;
|
||||
}
|
||||
|
||||
Ok(config)
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod test {
|
||||
|
||||
use anyhow::Error;
|
||||
|
||||
use super::*;
|
||||
|
||||
#[test]
|
||||
fn test_network_config_create_lo_1() -> Result<(), Error> {
|
||||
let input = "";
|
||||
|
||||
let mut parser = NetworkParser::new(input.as_bytes());
|
||||
|
||||
let config = parser.parse_interfaces(None)?;
|
||||
|
||||
let output = String::try_from(config)?;
|
||||
|
||||
let expected = "auto lo\niface lo inet loopback\n\n";
|
||||
assert_eq!(output, expected);
|
||||
|
||||
// run again using output as input
|
||||
let mut parser = NetworkParser::new(output.as_bytes());
|
||||
|
||||
let config = parser.parse_interfaces(None)?;
|
||||
|
||||
let output = String::try_from(config)?;
|
||||
|
||||
assert_eq!(output, expected);
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_network_config_create_lo_2() -> Result<(), Error> {
|
||||
let input = "#c1\n\n#c2\n\niface test inet manual\n";
|
||||
|
||||
let mut parser = NetworkParser::new(input.as_bytes());
|
||||
|
||||
let config = parser.parse_interfaces(None)?;
|
||||
|
||||
let output = String::try_from(config)?;
|
||||
|
||||
// Note: loopback should be added in front of other interfaces
|
||||
let expected = "#c1\n#c2\n\nauto lo\niface lo inet loopback\n\niface test inet manual\n\n";
|
||||
assert_eq!(output, expected);
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_network_config_parser_no_blank_1() -> Result<(), Error> {
|
||||
let input = "auto lo\n\
|
||||
iface lo inet loopback\n\
|
||||
iface lo inet6 loopback\n\
|
||||
auto ens18\n\
|
||||
iface ens18 inet static\n\
|
||||
\taddress 192.168.20.144/20\n\
|
||||
\tgateway 192.168.16.1\n\
|
||||
# comment\n\
|
||||
iface ens20 inet static\n\
|
||||
\taddress 192.168.20.145/20\n\
|
||||
iface ens21 inet manual\n\
|
||||
iface ens22 inet manual\n";
|
||||
|
||||
let mut parser = NetworkParser::new(input.as_bytes());
|
||||
|
||||
let config = parser.parse_interfaces(None)?;
|
||||
|
||||
let output = String::try_from(config)?;
|
||||
|
||||
let expected = "auto lo\n\
|
||||
iface lo inet loopback\n\
|
||||
\n\
|
||||
iface lo inet6 loopback\n\
|
||||
\n\
|
||||
auto ens18\n\
|
||||
iface ens18 inet static\n\
|
||||
\taddress 192.168.20.144/20\n\
|
||||
\tgateway 192.168.16.1\n\
|
||||
#comment\n\
|
||||
\n\
|
||||
iface ens20 inet static\n\
|
||||
\taddress 192.168.20.145/20\n\
|
||||
\n\
|
||||
iface ens21 inet manual\n\
|
||||
\n\
|
||||
iface ens22 inet manual\n\
|
||||
\n";
|
||||
assert_eq!(output, expected);
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_network_config_parser_no_blank_2() -> Result<(), Error> {
|
||||
// Adapted from bug 2926
|
||||
let input = "### Hetzner Online GmbH installimage\n\
|
||||
\n\
|
||||
source /etc/network/interfaces.d/*\n\
|
||||
\n\
|
||||
auto lo\n\
|
||||
iface lo inet loopback\n\
|
||||
iface lo inet6 loopback\n\
|
||||
\n\
|
||||
auto enp4s0\n\
|
||||
iface enp4s0 inet static\n\
|
||||
\taddress 10.10.10.10/24\n\
|
||||
\tgateway 10.10.10.1\n\
|
||||
\t# route 10.10.20.10/24 via 10.10.20.1\n\
|
||||
\tup route add -net 10.10.20.10 netmask 255.255.255.0 gw 10.10.20.1 dev enp4s0\n\
|
||||
\n\
|
||||
iface enp4s0 inet6 static\n\
|
||||
\taddress fe80::5496:35ff:fe99:5a6a/64\n\
|
||||
\tgateway fe80::1\n";
|
||||
|
||||
let mut parser = NetworkParser::new(input.as_bytes());
|
||||
|
||||
let config = parser.parse_interfaces(None)?;
|
||||
|
||||
let output = String::try_from(config)?;
|
||||
|
||||
let expected = "### Hetzner Online GmbH installimage\n\
|
||||
\n\
|
||||
source /etc/network/interfaces.d/*\n\
|
||||
\n\
|
||||
auto lo\n\
|
||||
iface lo inet loopback\n\
|
||||
\n\
|
||||
iface lo inet6 loopback\n\
|
||||
\n\
|
||||
auto enp4s0\n\
|
||||
iface enp4s0 inet static\n\
|
||||
\taddress 10.10.10.10/24\n\
|
||||
\tgateway 10.10.10.1\n\
|
||||
\t# route 10.10.20.10/24 via 10.10.20.1\n\
|
||||
\tup route add -net 10.10.20.10 netmask 255.255.255.0 gw 10.10.20.1 dev enp4s0\n\
|
||||
\n\
|
||||
iface enp4s0 inet6 static\n\
|
||||
\taddress fe80::5496:35ff:fe99:5a6a/64\n\
|
||||
\tgateway fe80::1\n\
|
||||
\n";
|
||||
assert_eq!(output, expected);
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_network_config_parser_vlan_id_in_name() {
|
||||
let input = "iface vmbr0.100 inet static manual";
|
||||
let mut parser = NetworkParser::new(input.as_bytes());
|
||||
let config = parser.parse_interfaces(None).unwrap();
|
||||
|
||||
let iface = config.interfaces.get("vmbr0.100").unwrap();
|
||||
assert_eq!(iface.interface_type, NetworkInterfaceType::Vlan);
|
||||
assert_eq!(iface.vlan_raw_device, None);
|
||||
assert_eq!(iface.vlan_id, None);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_network_config_parser_vlan_with_raw_device() {
|
||||
let input = r#"
|
||||
iface vlan100 inet manual
|
||||
vlan-raw-device vmbr0"#;
|
||||
|
||||
let mut parser = NetworkParser::new(input.as_bytes());
|
||||
let config = parser.parse_interfaces(None).unwrap();
|
||||
|
||||
let iface = config.interfaces.get("vlan100").unwrap();
|
||||
assert_eq!(iface.interface_type, NetworkInterfaceType::Vlan);
|
||||
assert_eq!(iface.vlan_raw_device, Some(String::from("vmbr0")));
|
||||
assert_eq!(iface.vlan_id, None);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_network_config_parser_vlan_with_raw_device_static() {
|
||||
let input = r#"
|
||||
iface vlan100 inet static
|
||||
vlan-raw-device vmbr0
|
||||
address 10.0.0.100/16"#;
|
||||
|
||||
let mut parser = NetworkParser::new(input.as_bytes());
|
||||
let config = parser.parse_interfaces(None).unwrap();
|
||||
|
||||
let iface = config.interfaces.get("vlan100").unwrap();
|
||||
assert_eq!(iface.interface_type, NetworkInterfaceType::Vlan);
|
||||
assert_eq!(iface.vlan_raw_device, Some(String::from("vmbr0")));
|
||||
assert_eq!(iface.vlan_id, None);
|
||||
assert_eq!(iface.method, Some(NetworkConfigMethod::Static));
|
||||
assert_eq!(iface.cidr, Some(String::from("10.0.0.100/16")));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_network_config_parser_vlan_individual_name() {
|
||||
let input = r#"
|
||||
iface individual_name inet manual
|
||||
vlan-id 100
|
||||
vlan-raw-device vmbr0"#;
|
||||
|
||||
let mut parser = NetworkParser::new(input.as_bytes());
|
||||
let config = parser.parse_interfaces(None).unwrap();
|
||||
|
||||
let iface = config.interfaces.get("individual_name").unwrap();
|
||||
assert_eq!(iface.interface_type, NetworkInterfaceType::Vlan);
|
||||
assert_eq!(iface.vlan_raw_device, Some(String::from("vmbr0")));
|
||||
assert_eq!(iface.vlan_id, Some(100));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_network_config_parser_vlan_individual_name_static() {
|
||||
let input = r#"
|
||||
iface individual_name inet static
|
||||
vlan-id 100
|
||||
vlan-raw-device vmbr0
|
||||
address 10.0.0.100/16
|
||||
"#;
|
||||
|
||||
let mut parser = NetworkParser::new(input.as_bytes());
|
||||
let config = parser.parse_interfaces(None).unwrap();
|
||||
|
||||
let iface = config.interfaces.get("individual_name").unwrap();
|
||||
assert_eq!(iface.interface_type, NetworkInterfaceType::Vlan);
|
||||
assert_eq!(iface.vlan_raw_device, Some(String::from("vmbr0")));
|
||||
assert_eq!(iface.vlan_id, Some(100));
|
||||
assert_eq!(iface.method, Some(NetworkConfigMethod::Static));
|
||||
assert_eq!(iface.cidr, Some(String::from("10.0.0.100/16")));
|
||||
}
|
||||
}
|
12
proxmox-network-api/src/lib.rs
Normal file
12
proxmox-network-api/src/lib.rs
Normal file
@ -0,0 +1,12 @@
|
||||
mod api_types;
|
||||
pub use api_types::*;
|
||||
|
||||
#[cfg(feature = "impl")]
|
||||
mod config;
|
||||
#[cfg(feature = "impl")]
|
||||
pub use config::*;
|
||||
|
||||
#[cfg(feature = "impl")]
|
||||
mod api_impl;
|
||||
#[cfg(feature = "impl")]
|
||||
pub use api_impl::{create_interface, update_interface};
|
Loading…
Reference in New Issue
Block a user