Can edit MAC rules
This commit is contained in:
@ -11,7 +11,10 @@ pub struct NetworkFilterRefXML {
|
||||
|
||||
#[derive(serde::Serialize, serde::Deserialize, Debug)]
|
||||
#[serde(rename = "all")]
|
||||
pub struct NetworkFilterRuleProtocolAll {}
|
||||
pub struct NetworkFilterRuleProtocolAllXML {
|
||||
#[serde(rename = "@comment", skip_serializing_if = "Option::is_none")]
|
||||
pub comment: Option<String>,
|
||||
}
|
||||
|
||||
#[derive(serde::Serialize, serde::Deserialize, Debug)]
|
||||
#[serde(rename = "mac")]
|
||||
@ -128,7 +131,11 @@ pub struct NetworkFilterRuleXML {
|
||||
|
||||
/// Match all protocols
|
||||
#[serde(default, rename = "all", skip_serializing_if = "Vec::is_empty")]
|
||||
pub all_selectors: Vec<NetworkFilterRuleProtocolAll>,
|
||||
pub all_selectors: Vec<NetworkFilterRuleProtocolAllXML>,
|
||||
|
||||
/// Match all ipv6 protocols
|
||||
#[serde(default, rename = "all-ipv6", skip_serializing_if = "Vec::is_empty")]
|
||||
pub all_ipv6_selectors: Vec<NetworkFilterRuleProtocolAllXML>,
|
||||
|
||||
/// Match mac protocol
|
||||
#[serde(default, rename = "mac", skip_serializing_if = "Vec::is_empty")]
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
use crate::libvirt_lib_structures::nwfilter::{
|
||||
NetworkFilterRefXML, NetworkFilterRuleProtocolAll, NetworkFilterRuleProtocolArpXML,
|
||||
NetworkFilterRefXML, NetworkFilterRuleProtocolAllXML, NetworkFilterRuleProtocolArpXML,
|
||||
NetworkFilterRuleProtocolIpvx, NetworkFilterRuleProtocolLayer4, NetworkFilterRuleProtocolMac,
|
||||
NetworkFilterRuleXML, NetworkFilterXML,
|
||||
};
|
||||
@ -308,6 +308,11 @@ impl Layer4State {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(serde::Serialize, serde::Deserialize, Debug, Clone)]
|
||||
pub struct NetworkSelectorAll {
|
||||
comment: Option<String>,
|
||||
}
|
||||
|
||||
#[derive(serde::Serialize, serde::Deserialize, Debug, Clone)]
|
||||
pub struct NetworkSelectorMac {
|
||||
src_mac_addr: Option<NetworkFilterMacAddressOrVar>,
|
||||
@ -369,7 +374,7 @@ pub struct NetworkFilterSelectorLayer4<IPv> {
|
||||
#[derive(serde::Serialize, serde::Deserialize, Debug, Clone)]
|
||||
#[serde(tag = "type", rename_all = "lowercase")]
|
||||
pub enum NetworkFilterSelector {
|
||||
All,
|
||||
All(NetworkSelectorAll),
|
||||
Mac(NetworkSelectorMac),
|
||||
Arp(NetworkSelectorARP),
|
||||
Rarp(NetworkSelectorARP),
|
||||
@ -379,6 +384,7 @@ pub enum NetworkFilterSelector {
|
||||
UDP(NetworkFilterSelectorLayer4<Ipv4Addr>),
|
||||
SCTP(NetworkFilterSelectorLayer4<Ipv4Addr>),
|
||||
ICMP(NetworkFilterSelectorLayer4<Ipv4Addr>),
|
||||
Allipv6(NetworkSelectorAll),
|
||||
TCPipv6(NetworkFilterSelectorLayer4<Ipv6Addr>),
|
||||
UDPipv6(NetworkFilterSelectorLayer4<Ipv6Addr>),
|
||||
SCTPipv6(NetworkFilterSelectorLayer4<Ipv6Addr>),
|
||||
@ -410,8 +416,10 @@ pub struct NetworkFilter {
|
||||
}
|
||||
|
||||
impl NetworkFilter {
|
||||
fn lib2rest_process_all_rule(_n: &NetworkFilterRuleProtocolAll) -> NetworkFilterSelector {
|
||||
NetworkFilterSelector::All
|
||||
fn lib2rest_process_all_rule(n: &NetworkFilterRuleProtocolAllXML) -> NetworkSelectorAll {
|
||||
NetworkSelectorAll {
|
||||
comment: n.comment.clone(),
|
||||
}
|
||||
}
|
||||
|
||||
fn lib2rest_process_mac_rule(n: &NetworkFilterRuleProtocolMac) -> NetworkFilterSelector {
|
||||
@ -481,16 +489,24 @@ impl NetworkFilter {
|
||||
for rule in &xml.rules {
|
||||
let mut selectors = Vec::new();
|
||||
|
||||
// All selector
|
||||
// All selectors
|
||||
selectors.append(
|
||||
&mut rule
|
||||
.all_selectors
|
||||
.iter()
|
||||
.map(Self::lib2rest_process_all_rule)
|
||||
.map(|r| NetworkFilterSelector::All(Self::lib2rest_process_all_rule(r)))
|
||||
.collect(),
|
||||
);
|
||||
|
||||
// Mac rules
|
||||
selectors.append(
|
||||
&mut rule
|
||||
.all_ipv6_selectors
|
||||
.iter()
|
||||
.map(|r| NetworkFilterSelector::Allipv6(Self::lib2rest_process_all_rule(r)))
|
||||
.collect(),
|
||||
);
|
||||
|
||||
// Mac selectors
|
||||
selectors.append(
|
||||
&mut rule
|
||||
.mac_selectors
|
||||
@ -499,7 +515,7 @@ impl NetworkFilter {
|
||||
.collect(),
|
||||
);
|
||||
|
||||
// ARP - RARP rules
|
||||
// ARP - RARP selectors
|
||||
selectors.append(
|
||||
&mut rule
|
||||
.arp_selectors
|
||||
@ -515,7 +531,7 @@ impl NetworkFilter {
|
||||
.collect(),
|
||||
);
|
||||
|
||||
// IPv4 - IPv6 rules
|
||||
// IPv4 - IPv6 selectors
|
||||
selectors.append(
|
||||
&mut rule
|
||||
.ipv4_selectors
|
||||
@ -531,7 +547,7 @@ impl NetworkFilter {
|
||||
.collect(),
|
||||
);
|
||||
|
||||
// Layer 4 protocols
|
||||
// Layer 4 protocols selectors
|
||||
selectors.append(
|
||||
&mut rule
|
||||
.tcp_selectors
|
||||
@ -648,6 +664,14 @@ impl NetworkFilter {
|
||||
})
|
||||
}
|
||||
|
||||
fn rest2lib_process_all_selector(
|
||||
selector: &NetworkSelectorAll,
|
||||
) -> anyhow::Result<NetworkFilterRuleProtocolAllXML> {
|
||||
Ok(NetworkFilterRuleProtocolAllXML {
|
||||
comment: extract_nw_filter_comment(&selector.comment)?,
|
||||
})
|
||||
}
|
||||
|
||||
fn rest2lib_process_arp_selector(
|
||||
selector: &NetworkSelectorARP,
|
||||
) -> anyhow::Result<NetworkFilterRuleProtocolArpXML> {
|
||||
@ -714,8 +738,16 @@ impl NetworkFilter {
|
||||
|
||||
for sel in &rule.selectors {
|
||||
match sel {
|
||||
NetworkFilterSelector::All => {
|
||||
rule_xml.all_selectors.push(NetworkFilterRuleProtocolAll {});
|
||||
NetworkFilterSelector::All(all) => {
|
||||
rule_xml
|
||||
.all_selectors
|
||||
.push(Self::rest2lib_process_all_selector(all)?);
|
||||
}
|
||||
|
||||
NetworkFilterSelector::Allipv6(all) => {
|
||||
rule_xml
|
||||
.all_ipv6_selectors
|
||||
.push(Self::rest2lib_process_all_selector(all)?);
|
||||
}
|
||||
|
||||
NetworkFilterSelector::Mac(mac) => {
|
||||
|
||||
Reference in New Issue
Block a user