2020-04-25 15:00:38 +00:00
|
|
|
use anyhow::{Error, bail};
|
|
|
|
use serde_json::{Value, to_value};
|
|
|
|
use ::serde::{Deserialize, Serialize};
|
2019-01-23 12:05:32 +00:00
|
|
|
|
2020-04-25 15:00:38 +00:00
|
|
|
use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission};
|
2020-05-08 06:49:17 +00:00
|
|
|
use proxmox::api::schema::parse_property_string;
|
2020-08-04 09:33:02 +00:00
|
|
|
use proxmox::tools::fs::open_file_locked;
|
2019-11-21 13:36:28 +00:00
|
|
|
|
2020-05-07 09:26:30 +00:00
|
|
|
use crate::config::network::{self, NetworkConfig};
|
2020-04-25 15:00:38 +00:00
|
|
|
use crate::config::acl::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY};
|
2019-05-09 05:44:09 +00:00
|
|
|
use crate::api2::types::*;
|
2020-05-06 05:51:05 +00:00
|
|
|
use crate::server::{WorkerTask};
|
2019-01-23 12:05:32 +00:00
|
|
|
|
2020-05-08 06:49:17 +00:00
|
|
|
fn split_interface_list(list: &str) -> Result<Vec<String>, Error> {
|
|
|
|
let value = parse_property_string(&list, &NETWORK_INTERFACE_ARRAY_SCHEMA)?;
|
|
|
|
Ok(value.as_array().unwrap().iter().map(|v| v.as_str().unwrap().to_string()).collect())
|
|
|
|
}
|
|
|
|
|
2020-05-07 09:26:30 +00:00
|
|
|
fn check_duplicate_gateway_v4(config: &NetworkConfig, iface: &str) -> Result<(), Error> {
|
|
|
|
|
|
|
|
let current_gateway_v4 = config.interfaces.iter()
|
|
|
|
.find(|(_, interface)| interface.gateway.is_some())
|
|
|
|
.map(|(name, _)| name.to_string());
|
|
|
|
|
|
|
|
if let Some(current_gateway_v4) = current_gateway_v4 {
|
|
|
|
if current_gateway_v4 != iface {
|
|
|
|
bail!("Default IPv4 gateway already exists on interface '{}'", current_gateway_v4);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
fn check_duplicate_gateway_v6(config: &NetworkConfig, iface: &str) -> Result<(), Error> {
|
|
|
|
|
|
|
|
let current_gateway_v6 = config.interfaces.iter()
|
|
|
|
.find(|(_, interface)| interface.gateway6.is_some())
|
|
|
|
.map(|(name, _)| name.to_string());
|
|
|
|
|
|
|
|
if let Some(current_gateway_v6) = current_gateway_v6 {
|
|
|
|
if current_gateway_v6 != iface {
|
|
|
|
bail!("Default IPv6 gateway already exists on interface '{}'", current_gateway_v6);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
2020-04-16 08:01:59 +00:00
|
|
|
#[api(
|
|
|
|
input: {
|
|
|
|
properties: {
|
|
|
|
node: {
|
|
|
|
schema: NODE_SCHEMA,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
returns: {
|
2020-04-25 15:00:38 +00:00
|
|
|
description: "List network devices (with config digest).",
|
|
|
|
type: Array,
|
|
|
|
items: {
|
|
|
|
type: Interface,
|
2020-04-16 08:01:59 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
access: {
|
2020-04-30 07:30:00 +00:00
|
|
|
permission: &Permission::Privilege(&["system", "network", "interfaces"], PRIV_SYS_AUDIT, false),
|
2020-04-16 08:01:59 +00:00
|
|
|
},
|
|
|
|
)]
|
2020-04-25 15:00:38 +00:00
|
|
|
/// List all datastores
|
|
|
|
pub fn list_network_devices(
|
2019-01-26 13:50:37 +00:00
|
|
|
_param: Value,
|
2020-04-25 15:00:38 +00:00
|
|
|
_info: &ApiMethod,
|
2020-05-18 07:57:35 +00:00
|
|
|
mut rpcenv: &mut dyn RpcEnvironment,
|
2019-01-26 13:50:37 +00:00
|
|
|
) -> Result<Value, Error> {
|
2019-01-23 12:05:32 +00:00
|
|
|
|
2020-04-25 15:00:38 +00:00
|
|
|
let (config, digest) = network::config()?;
|
|
|
|
let digest = proxmox::tools::digest_to_hex(&digest);
|
|
|
|
|
|
|
|
let mut list = Vec::new();
|
|
|
|
|
2020-05-06 05:51:05 +00:00
|
|
|
for (iface, interface) in config.interfaces.iter() {
|
|
|
|
if iface == "lo" { continue; } // do not list lo
|
2020-04-25 15:00:38 +00:00
|
|
|
let mut item: Value = to_value(interface)?;
|
|
|
|
item["digest"] = digest.clone().into();
|
2020-05-06 05:51:05 +00:00
|
|
|
item["iface"] = iface.to_string().into();
|
2020-04-25 15:00:38 +00:00
|
|
|
list.push(item);
|
|
|
|
}
|
|
|
|
|
|
|
|
let diff = network::changes()?;
|
|
|
|
if !diff.is_empty() {
|
2020-05-18 07:57:35 +00:00
|
|
|
rpcenv["changes"] = diff.into();
|
2020-04-25 15:00:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
Ok(list.into())
|
|
|
|
}
|
|
|
|
|
|
|
|
#[api(
|
2020-05-06 05:51:05 +00:00
|
|
|
input: {
|
2020-04-25 15:00:38 +00:00
|
|
|
properties: {
|
|
|
|
node: {
|
|
|
|
schema: NODE_SCHEMA,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
iface: {
|
2020-04-25 15:00:38 +00:00
|
|
|
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2020-12-09 09:54:38 +00:00
|
|
|
returns: { type: Interface },
|
2020-04-25 15:00:38 +00:00
|
|
|
access: {
|
2020-04-30 07:30:00 +00:00
|
|
|
permission: &Permission::Privilege(&["system", "network", "interfaces", "{name}"], PRIV_SYS_AUDIT, false),
|
2020-04-25 15:00:38 +00:00
|
|
|
},
|
|
|
|
)]
|
|
|
|
/// Read a network interface configuration.
|
2020-05-06 05:51:05 +00:00
|
|
|
pub fn read_interface(iface: String) -> Result<Value, Error> {
|
2020-04-25 15:00:38 +00:00
|
|
|
|
|
|
|
let (config, digest) = network::config()?;
|
|
|
|
|
2020-05-06 05:51:05 +00:00
|
|
|
let interface = config.lookup(&iface)?;
|
2020-04-25 15:00:38 +00:00
|
|
|
|
|
|
|
let mut data: Value = to_value(interface)?;
|
|
|
|
data["digest"] = proxmox::tools::digest_to_hex(&digest).into();
|
|
|
|
|
|
|
|
Ok(data)
|
|
|
|
}
|
|
|
|
|
2020-05-07 09:09:12 +00:00
|
|
|
|
|
|
|
#[api(
|
|
|
|
protected: true,
|
|
|
|
input: {
|
|
|
|
properties: {
|
|
|
|
node: {
|
|
|
|
schema: NODE_SCHEMA,
|
|
|
|
},
|
|
|
|
iface: {
|
|
|
|
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
|
|
|
},
|
|
|
|
"type": {
|
|
|
|
type: NetworkInterfaceType,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
autostart: {
|
|
|
|
description: "Autostart interface.",
|
|
|
|
type: bool,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
method: {
|
|
|
|
type: NetworkConfigMethod,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
method6: {
|
|
|
|
type: NetworkConfigMethod,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
comments: {
|
|
|
|
description: "Comments (inet, may span multiple lines)",
|
|
|
|
type: String,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
comments6: {
|
|
|
|
description: "Comments (inet5, may span multiple lines)",
|
|
|
|
type: String,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
cidr: {
|
|
|
|
schema: CIDR_V4_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
cidr6: {
|
|
|
|
schema: CIDR_V6_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
gateway: {
|
|
|
|
schema: IP_V4_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
gateway6: {
|
|
|
|
schema: IP_V6_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
mtu: {
|
|
|
|
description: "Maximum Transmission Unit.",
|
|
|
|
optional: true,
|
|
|
|
minimum: 46,
|
|
|
|
maximum: 65535,
|
|
|
|
default: 1500,
|
|
|
|
},
|
|
|
|
bridge_ports: {
|
|
|
|
schema: NETWORK_INTERFACE_LIST_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
bridge_vlan_aware: {
|
|
|
|
description: "Enable bridge vlan support.",
|
|
|
|
type: bool,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-07 12:07:45 +00:00
|
|
|
bond_mode: {
|
|
|
|
type: LinuxBondMode,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-09-16 12:12:29 +00:00
|
|
|
"bond-primary": {
|
|
|
|
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-09-16 12:12:30 +00:00
|
|
|
bond_xmit_hash_policy: {
|
|
|
|
type: BondXmitHashPolicy,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-07 12:07:45 +00:00
|
|
|
slaves: {
|
2020-05-07 09:09:12 +00:00
|
|
|
schema: NETWORK_INTERFACE_LIST_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
access: {
|
|
|
|
permission: &Permission::Privilege(&["system", "network", "interfaces", "{iface}"], PRIV_SYS_MODIFY, false),
|
|
|
|
},
|
|
|
|
)]
|
|
|
|
/// Create network interface configuration.
|
2021-01-25 13:42:59 +00:00
|
|
|
#[allow(clippy::too_many_arguments)]
|
2020-05-07 09:09:12 +00:00
|
|
|
pub fn create_interface(
|
|
|
|
iface: String,
|
|
|
|
autostart: Option<bool>,
|
|
|
|
method: Option<NetworkConfigMethod>,
|
|
|
|
method6: Option<NetworkConfigMethod>,
|
|
|
|
comments: Option<String>,
|
|
|
|
comments6: Option<String>,
|
|
|
|
cidr: Option<String>,
|
|
|
|
gateway: Option<String>,
|
|
|
|
cidr6: Option<String>,
|
|
|
|
gateway6: Option<String>,
|
|
|
|
mtu: Option<u64>,
|
2020-05-08 06:49:17 +00:00
|
|
|
bridge_ports: Option<String>,
|
2020-05-07 09:09:12 +00:00
|
|
|
bridge_vlan_aware: Option<bool>,
|
2020-05-07 12:07:45 +00:00
|
|
|
bond_mode: Option<LinuxBondMode>,
|
2020-09-16 12:12:29 +00:00
|
|
|
bond_primary: Option<String>,
|
2020-09-16 12:12:30 +00:00
|
|
|
bond_xmit_hash_policy: Option<BondXmitHashPolicy>,
|
2020-05-08 06:49:17 +00:00
|
|
|
slaves: Option<String>,
|
2020-05-07 09:09:12 +00:00
|
|
|
param: Value,
|
|
|
|
) -> Result<(), Error> {
|
|
|
|
|
|
|
|
let interface_type = crate::tools::required_string_param(¶m, "type")?;
|
|
|
|
let interface_type: NetworkInterfaceType = serde_json::from_value(interface_type.into())?;
|
|
|
|
|
2020-09-28 08:50:44 +00:00
|
|
|
let _lock = open_file_locked(network::NETWORK_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
2020-05-07 09:09:12 +00:00
|
|
|
|
|
|
|
let (mut config, _digest) = network::config()?;
|
|
|
|
|
|
|
|
if config.interfaces.contains_key(&iface) {
|
|
|
|
bail!("interface '{}' already exists", iface);
|
|
|
|
}
|
|
|
|
|
|
|
|
let mut interface = Interface::new(iface.clone());
|
|
|
|
interface.interface_type = interface_type;
|
|
|
|
|
|
|
|
if let Some(autostart) = autostart { interface.autostart = autostart; }
|
|
|
|
if method.is_some() { interface.method = method; }
|
|
|
|
if method6.is_some() { interface.method6 = method6; }
|
|
|
|
if mtu.is_some() { interface.mtu = mtu; }
|
|
|
|
if comments.is_some() { interface.comments = comments; }
|
|
|
|
if comments6.is_some() { interface.comments6 = comments6; }
|
|
|
|
|
|
|
|
if let Some(cidr) = cidr {
|
|
|
|
let (_, _, is_v6) = network::parse_cidr(&cidr)?;
|
|
|
|
if is_v6 { bail!("invalid address type (expected IPv4, got IPv6)"); }
|
|
|
|
interface.cidr = Some(cidr);
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(cidr6) = cidr6 {
|
|
|
|
let (_, _, is_v6) = network::parse_cidr(&cidr6)?;
|
|
|
|
if !is_v6 { bail!("invalid address type (expected IPv6, got IPv4)"); }
|
|
|
|
interface.cidr6 = Some(cidr6);
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(gateway) = gateway {
|
|
|
|
let is_v6 = gateway.contains(':');
|
|
|
|
if is_v6 { bail!("invalid address type (expected IPv4, got IPv6)"); }
|
2020-05-07 09:26:30 +00:00
|
|
|
check_duplicate_gateway_v4(&config, &iface)?;
|
2020-05-07 09:09:12 +00:00
|
|
|
interface.gateway = Some(gateway);
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(gateway6) = gateway6 {
|
|
|
|
let is_v6 = gateway6.contains(':');
|
|
|
|
if !is_v6 { bail!("invalid address type (expected IPv6, got IPv4)"); }
|
2020-05-07 09:26:30 +00:00
|
|
|
check_duplicate_gateway_v6(&config, &iface)?;
|
2020-05-07 09:09:12 +00:00
|
|
|
interface.gateway6 = Some(gateway6);
|
|
|
|
}
|
|
|
|
|
|
|
|
match interface_type {
|
|
|
|
NetworkInterfaceType::Bridge => {
|
2020-05-08 06:49:17 +00:00
|
|
|
if let Some(ports) = bridge_ports {
|
|
|
|
let ports = split_interface_list(&ports)?;
|
|
|
|
interface.set_bridge_ports(ports)?;
|
|
|
|
}
|
2020-05-07 09:09:12 +00:00
|
|
|
if bridge_vlan_aware.is_some() { interface.bridge_vlan_aware = bridge_vlan_aware; }
|
|
|
|
}
|
|
|
|
NetworkInterfaceType::Bond => {
|
2020-09-16 12:12:29 +00:00
|
|
|
if let Some(mode) = bond_mode {
|
|
|
|
interface.bond_mode = bond_mode;
|
|
|
|
if bond_primary.is_some() {
|
|
|
|
if mode != LinuxBondMode::active_backup {
|
|
|
|
bail!("bond-primary is only valid with Active/Backup mode");
|
|
|
|
}
|
|
|
|
interface.bond_primary = bond_primary;
|
|
|
|
}
|
2020-09-16 12:12:30 +00:00
|
|
|
if bond_xmit_hash_policy.is_some() {
|
|
|
|
if mode != LinuxBondMode::ieee802_3ad &&
|
|
|
|
mode != LinuxBondMode::balance_xor
|
|
|
|
{
|
|
|
|
bail!("bond_xmit_hash_policy is only valid with LACP(802.3ad) or balance-xor mode");
|
|
|
|
}
|
|
|
|
interface.bond_xmit_hash_policy = bond_xmit_hash_policy;
|
|
|
|
}
|
2020-09-16 12:12:29 +00:00
|
|
|
}
|
2020-05-08 06:49:17 +00:00
|
|
|
if let Some(slaves) = slaves {
|
|
|
|
let slaves = split_interface_list(&slaves)?;
|
|
|
|
interface.set_bond_slaves(slaves)?;
|
|
|
|
}
|
2020-05-07 09:09:12 +00:00
|
|
|
}
|
|
|
|
_ => bail!("creating network interface type '{:?}' is not supported", interface_type),
|
|
|
|
}
|
|
|
|
|
|
|
|
if interface.cidr.is_some() || interface.gateway.is_some() {
|
|
|
|
interface.method = Some(NetworkConfigMethod::Static);
|
|
|
|
} else if interface.method.is_none() {
|
|
|
|
interface.method = Some(NetworkConfigMethod::Manual);
|
|
|
|
}
|
|
|
|
|
|
|
|
if interface.cidr6.is_some() || interface.gateway6.is_some() {
|
|
|
|
interface.method6 = Some(NetworkConfigMethod::Static);
|
|
|
|
} else if interface.method6.is_none() {
|
|
|
|
interface.method6 = Some(NetworkConfigMethod::Manual);
|
|
|
|
}
|
|
|
|
|
|
|
|
config.interfaces.insert(iface, interface);
|
|
|
|
|
|
|
|
network::save_config(&config)?;
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
2020-04-25 15:00:38 +00:00
|
|
|
#[api()]
|
|
|
|
#[derive(Serialize, Deserialize)]
|
|
|
|
#[allow(non_camel_case_types)]
|
|
|
|
/// Deletable property name
|
|
|
|
pub enum DeletableProperty {
|
|
|
|
/// Delete the IPv4 address property.
|
2020-05-06 05:51:05 +00:00
|
|
|
cidr,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete the IPv6 address property.
|
2020-05-06 05:51:05 +00:00
|
|
|
cidr6,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete the IPv4 gateway property.
|
2020-05-06 05:51:05 +00:00
|
|
|
gateway,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete the IPv6 gateway property.
|
2020-05-06 05:51:05 +00:00
|
|
|
gateway6,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete the whole IPv4 configuration entry.
|
2020-05-06 05:51:05 +00:00
|
|
|
method,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete the whole IPv6 configuration entry.
|
2020-05-06 05:51:05 +00:00
|
|
|
method6,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete IPv4 comments
|
2020-05-06 05:51:05 +00:00
|
|
|
comments,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete IPv6 comments
|
2020-05-06 05:51:05 +00:00
|
|
|
comments6,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete mtu.
|
|
|
|
mtu,
|
2020-05-06 05:51:05 +00:00
|
|
|
/// Delete autostart flag
|
|
|
|
autostart,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete bridge ports (set to 'none')
|
|
|
|
bridge_ports,
|
2020-05-30 14:37:33 +00:00
|
|
|
/// Delete bridge-vlan-aware flag
|
2020-05-06 05:51:05 +00:00
|
|
|
bridge_vlan_aware,
|
2020-04-25 15:00:38 +00:00
|
|
|
/// Delete bond-slaves (set to 'none')
|
2020-05-07 12:07:45 +00:00
|
|
|
slaves,
|
2020-09-16 12:12:29 +00:00
|
|
|
/// Delete bond-primary
|
|
|
|
#[serde(rename = "bond-primary")]
|
|
|
|
bond_primary,
|
2020-09-16 12:12:30 +00:00
|
|
|
/// Delete bond transmit hash policy
|
|
|
|
bond_xmit_hash_policy,
|
2020-04-25 15:00:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#[api(
|
|
|
|
protected: true,
|
|
|
|
input: {
|
|
|
|
properties: {
|
|
|
|
node: {
|
|
|
|
schema: NODE_SCHEMA,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
iface: {
|
2020-04-25 15:00:38 +00:00
|
|
|
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
"type": {
|
|
|
|
type: NetworkInterfaceType,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
autostart: {
|
2020-04-25 15:00:38 +00:00
|
|
|
description: "Autostart interface.",
|
|
|
|
type: bool,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
method: {
|
2020-04-25 15:00:38 +00:00
|
|
|
type: NetworkConfigMethod,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
method6: {
|
2020-04-25 15:00:38 +00:00
|
|
|
type: NetworkConfigMethod,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
comments: {
|
2020-04-25 15:00:38 +00:00
|
|
|
description: "Comments (inet, may span multiple lines)",
|
|
|
|
type: String,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
comments6: {
|
2020-04-25 15:00:38 +00:00
|
|
|
description: "Comments (inet5, may span multiple lines)",
|
|
|
|
type: String,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
cidr: {
|
|
|
|
schema: CIDR_V4_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
cidr6: {
|
|
|
|
schema: CIDR_V6_SCHEMA,
|
2020-04-25 15:00:38 +00:00
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
gateway: {
|
2020-05-06 05:51:05 +00:00
|
|
|
schema: IP_V4_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
gateway6: {
|
|
|
|
schema: IP_V6_SCHEMA,
|
2020-04-25 15:00:38 +00:00
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
mtu: {
|
|
|
|
description: "Maximum Transmission Unit.",
|
|
|
|
optional: true,
|
|
|
|
minimum: 46,
|
|
|
|
maximum: 65535,
|
|
|
|
default: 1500,
|
|
|
|
},
|
|
|
|
bridge_ports: {
|
|
|
|
schema: NETWORK_INTERFACE_LIST_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
bridge_vlan_aware: {
|
|
|
|
description: "Enable bridge vlan support.",
|
|
|
|
type: bool,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-07 12:07:45 +00:00
|
|
|
bond_mode: {
|
|
|
|
type: LinuxBondMode,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-09-16 12:12:29 +00:00
|
|
|
"bond-primary": {
|
|
|
|
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-09-16 12:12:30 +00:00
|
|
|
bond_xmit_hash_policy: {
|
|
|
|
type: BondXmitHashPolicy,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-05-07 12:07:45 +00:00
|
|
|
slaves: {
|
2020-04-25 15:00:38 +00:00
|
|
|
schema: NETWORK_INTERFACE_LIST_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
delete: {
|
|
|
|
description: "List of properties to delete.",
|
|
|
|
type: Array,
|
|
|
|
optional: true,
|
|
|
|
items: {
|
|
|
|
type: DeletableProperty,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
digest: {
|
|
|
|
optional: true,
|
|
|
|
schema: PROXMOX_CONFIG_DIGEST_SCHEMA,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
access: {
|
2020-05-06 05:51:05 +00:00
|
|
|
permission: &Permission::Privilege(&["system", "network", "interfaces", "{iface}"], PRIV_SYS_MODIFY, false),
|
2020-04-25 15:00:38 +00:00
|
|
|
},
|
|
|
|
)]
|
|
|
|
/// Update network interface config.
|
2021-01-25 13:42:59 +00:00
|
|
|
#[allow(clippy::too_many_arguments)]
|
2020-04-25 15:00:38 +00:00
|
|
|
pub fn update_interface(
|
2020-05-06 05:51:05 +00:00
|
|
|
iface: String,
|
|
|
|
autostart: Option<bool>,
|
|
|
|
method: Option<NetworkConfigMethod>,
|
|
|
|
method6: Option<NetworkConfigMethod>,
|
|
|
|
comments: Option<String>,
|
|
|
|
comments6: Option<String>,
|
|
|
|
cidr: Option<String>,
|
2020-04-25 15:00:38 +00:00
|
|
|
gateway: Option<String>,
|
2020-05-06 05:51:05 +00:00
|
|
|
cidr6: Option<String>,
|
|
|
|
gateway6: Option<String>,
|
2020-04-25 15:00:38 +00:00
|
|
|
mtu: Option<u64>,
|
2020-05-08 06:49:17 +00:00
|
|
|
bridge_ports: Option<String>,
|
2020-05-06 05:51:05 +00:00
|
|
|
bridge_vlan_aware: Option<bool>,
|
2020-05-07 12:07:45 +00:00
|
|
|
bond_mode: Option<LinuxBondMode>,
|
2020-09-16 12:12:29 +00:00
|
|
|
bond_primary: Option<String>,
|
2020-09-16 12:12:30 +00:00
|
|
|
bond_xmit_hash_policy: Option<BondXmitHashPolicy>,
|
2020-05-08 06:49:17 +00:00
|
|
|
slaves: Option<String>,
|
2020-04-25 15:00:38 +00:00
|
|
|
delete: Option<Vec<DeletableProperty>>,
|
|
|
|
digest: Option<String>,
|
2020-05-06 05:51:05 +00:00
|
|
|
param: Value,
|
2020-04-25 15:00:38 +00:00
|
|
|
) -> Result<(), Error> {
|
|
|
|
|
2020-09-28 08:50:44 +00:00
|
|
|
let _lock = open_file_locked(network::NETWORK_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
2020-04-25 15:00:38 +00:00
|
|
|
|
|
|
|
let (mut config, expected_digest) = network::config()?;
|
|
|
|
|
|
|
|
if let Some(ref digest) = digest {
|
|
|
|
let digest = proxmox::tools::hex_to_digest(digest)?;
|
|
|
|
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
|
|
|
|
}
|
|
|
|
|
2020-05-07 09:26:30 +00:00
|
|
|
if gateway.is_some() { check_duplicate_gateway_v4(&config, &iface)?; }
|
|
|
|
if gateway6.is_some() { check_duplicate_gateway_v6(&config, &iface)?; }
|
2020-04-25 15:00:38 +00:00
|
|
|
|
2020-05-06 05:51:05 +00:00
|
|
|
let interface = config.lookup_mut(&iface)?;
|
|
|
|
|
|
|
|
if let Some(interface_type) = param.get("type") {
|
|
|
|
let interface_type: NetworkInterfaceType = serde_json::from_value(interface_type.clone())?;
|
|
|
|
if interface_type != interface.interface_type {
|
|
|
|
bail!("got unexpected interface type ({:?} != {:?})", interface_type, interface.interface_type);
|
|
|
|
}
|
|
|
|
}
|
2020-04-25 15:00:38 +00:00
|
|
|
|
|
|
|
if let Some(delete) = delete {
|
|
|
|
for delete_prop in delete {
|
|
|
|
match delete_prop {
|
2020-05-06 05:51:05 +00:00
|
|
|
DeletableProperty::cidr => { interface.cidr = None; },
|
|
|
|
DeletableProperty::cidr6 => { interface.cidr6 = None; },
|
|
|
|
DeletableProperty::gateway => { interface.gateway = None; },
|
|
|
|
DeletableProperty::gateway6 => { interface.gateway6 = None; },
|
|
|
|
DeletableProperty::method => { interface.method = None; },
|
|
|
|
DeletableProperty::method6 => { interface.method6 = None; },
|
|
|
|
DeletableProperty::comments => { interface.comments = None; },
|
|
|
|
DeletableProperty::comments6 => { interface.comments6 = None; },
|
2020-04-25 15:00:38 +00:00
|
|
|
DeletableProperty::mtu => { interface.mtu = None; },
|
2020-05-06 05:51:05 +00:00
|
|
|
DeletableProperty::autostart => { interface.autostart = false; },
|
2020-04-25 15:00:38 +00:00
|
|
|
DeletableProperty::bridge_ports => { interface.set_bridge_ports(Vec::new())?; }
|
2020-05-06 05:51:05 +00:00
|
|
|
DeletableProperty::bridge_vlan_aware => { interface.bridge_vlan_aware = None; }
|
2020-05-07 12:07:45 +00:00
|
|
|
DeletableProperty::slaves => { interface.set_bond_slaves(Vec::new())?; }
|
2020-09-16 12:12:29 +00:00
|
|
|
DeletableProperty::bond_primary => { interface.bond_primary = None; }
|
2020-09-16 12:12:30 +00:00
|
|
|
DeletableProperty::bond_xmit_hash_policy => { interface.bond_xmit_hash_policy = None }
|
2020-04-25 15:00:38 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-05-06 05:51:05 +00:00
|
|
|
if let Some(autostart) = autostart { interface.autostart = autostart; }
|
|
|
|
if method.is_some() { interface.method = method; }
|
|
|
|
if method6.is_some() { interface.method6 = method6; }
|
2020-04-25 15:00:38 +00:00
|
|
|
if mtu.is_some() { interface.mtu = mtu; }
|
2020-05-08 06:49:17 +00:00
|
|
|
if let Some(ports) = bridge_ports {
|
|
|
|
let ports = split_interface_list(&ports)?;
|
|
|
|
interface.set_bridge_ports(ports)?;
|
|
|
|
}
|
2020-05-06 05:51:05 +00:00
|
|
|
if bridge_vlan_aware.is_some() { interface.bridge_vlan_aware = bridge_vlan_aware; }
|
2020-05-08 06:49:17 +00:00
|
|
|
if let Some(slaves) = slaves {
|
|
|
|
let slaves = split_interface_list(&slaves)?;
|
|
|
|
interface.set_bond_slaves(slaves)?;
|
|
|
|
}
|
2020-09-16 12:12:29 +00:00
|
|
|
if let Some(mode) = bond_mode {
|
|
|
|
interface.bond_mode = bond_mode;
|
|
|
|
if bond_primary.is_some() {
|
|
|
|
if mode != LinuxBondMode::active_backup {
|
|
|
|
bail!("bond-primary is only valid with Active/Backup mode");
|
|
|
|
}
|
|
|
|
interface.bond_primary = bond_primary;
|
|
|
|
}
|
2020-09-16 12:12:30 +00:00
|
|
|
if bond_xmit_hash_policy.is_some() {
|
|
|
|
if mode != LinuxBondMode::ieee802_3ad &&
|
|
|
|
mode != LinuxBondMode::balance_xor
|
|
|
|
{
|
|
|
|
bail!("bond_xmit_hash_policy is only valid with LACP(802.3ad) or balance-xor mode");
|
|
|
|
}
|
|
|
|
interface.bond_xmit_hash_policy = bond_xmit_hash_policy;
|
|
|
|
}
|
2020-09-16 12:12:29 +00:00
|
|
|
}
|
2020-04-25 15:00:38 +00:00
|
|
|
|
2020-05-06 05:51:05 +00:00
|
|
|
if let Some(cidr) = cidr {
|
|
|
|
let (_, _, is_v6) = network::parse_cidr(&cidr)?;
|
|
|
|
if is_v6 { bail!("invalid address type (expected IPv4, got IPv6)"); }
|
|
|
|
interface.cidr = Some(cidr);
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(cidr6) = cidr6 {
|
|
|
|
let (_, _, is_v6) = network::parse_cidr(&cidr6)?;
|
|
|
|
if !is_v6 { bail!("invalid address type (expected IPv6, got IPv4)"); }
|
|
|
|
interface.cidr6 = Some(cidr6);
|
2020-04-25 15:00:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(gateway) = gateway {
|
|
|
|
let is_v6 = gateway.contains(':');
|
2020-05-06 05:51:05 +00:00
|
|
|
if is_v6 { bail!("invalid address type (expected IPv4, got IPv6)"); }
|
|
|
|
interface.gateway = Some(gateway);
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(gateway6) = gateway6 {
|
|
|
|
let is_v6 = gateway6.contains(':');
|
|
|
|
if !is_v6 { bail!("invalid address type (expected IPv6, got IPv4)"); }
|
|
|
|
interface.gateway6 = Some(gateway6);
|
|
|
|
}
|
|
|
|
|
|
|
|
if comments.is_some() { interface.comments = comments; }
|
|
|
|
if comments6.is_some() { interface.comments6 = comments6; }
|
|
|
|
|
|
|
|
if interface.cidr.is_some() || interface.gateway.is_some() {
|
|
|
|
interface.method = Some(NetworkConfigMethod::Static);
|
|
|
|
} else {
|
|
|
|
interface.method = Some(NetworkConfigMethod::Manual);
|
2020-04-25 15:00:38 +00:00
|
|
|
}
|
|
|
|
|
2020-05-06 05:51:05 +00:00
|
|
|
if interface.cidr6.is_some() || interface.gateway6.is_some() {
|
|
|
|
interface.method6 = Some(NetworkConfigMethod::Static);
|
|
|
|
} else {
|
|
|
|
interface.method6 = Some(NetworkConfigMethod::Manual);
|
|
|
|
}
|
2020-04-25 15:00:38 +00:00
|
|
|
|
|
|
|
network::save_config(&config)?;
|
|
|
|
|
|
|
|
Ok(())
|
2019-01-23 12:05:32 +00:00
|
|
|
}
|
|
|
|
|
2020-04-25 15:00:38 +00:00
|
|
|
#[api(
|
|
|
|
protected: true,
|
|
|
|
input: {
|
|
|
|
properties: {
|
|
|
|
node: {
|
|
|
|
schema: NODE_SCHEMA,
|
|
|
|
},
|
2020-05-06 05:51:05 +00:00
|
|
|
iface: {
|
2020-04-25 15:00:38 +00:00
|
|
|
schema: NETWORK_INTERFACE_NAME_SCHEMA,
|
|
|
|
},
|
|
|
|
digest: {
|
|
|
|
optional: true,
|
|
|
|
schema: PROXMOX_CONFIG_DIGEST_SCHEMA,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
access: {
|
2020-05-06 05:51:05 +00:00
|
|
|
permission: &Permission::Privilege(&["system", "network", "interfaces", "{iface}"], PRIV_SYS_MODIFY, false),
|
2020-04-25 15:00:38 +00:00
|
|
|
},
|
|
|
|
)]
|
|
|
|
/// Remove network interface configuration.
|
2020-05-06 05:51:05 +00:00
|
|
|
pub fn delete_interface(iface: String, digest: Option<String>) -> Result<(), Error> {
|
2020-04-25 15:00:38 +00:00
|
|
|
|
2020-09-28 08:50:44 +00:00
|
|
|
let _lock = open_file_locked(network::NETWORK_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
2020-04-25 15:00:38 +00:00
|
|
|
|
|
|
|
let (mut config, expected_digest) = network::config()?;
|
|
|
|
|
|
|
|
if let Some(ref digest) = digest {
|
|
|
|
let digest = proxmox::tools::hex_to_digest(digest)?;
|
|
|
|
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
|
|
|
|
}
|
|
|
|
|
2020-05-06 05:51:05 +00:00
|
|
|
let _interface = config.lookup(&iface)?; // check if interface exists
|
2020-04-25 15:00:38 +00:00
|
|
|
|
2020-05-06 05:51:05 +00:00
|
|
|
config.interfaces.remove(&iface);
|
2020-04-25 15:00:38 +00:00
|
|
|
|
|
|
|
network::save_config(&config)?;
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
#[api(
|
2020-05-06 05:51:05 +00:00
|
|
|
protected: true,
|
2020-04-25 15:00:38 +00:00
|
|
|
input: {
|
|
|
|
properties: {
|
|
|
|
node: {
|
|
|
|
schema: NODE_SCHEMA,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
access: {
|
2020-04-30 07:30:00 +00:00
|
|
|
permission: &Permission::Privilege(&["system", "network", "interfaces"], PRIV_SYS_MODIFY, false),
|
2020-04-25 15:00:38 +00:00
|
|
|
},
|
|
|
|
)]
|
|
|
|
/// Reload network configuration (requires ifupdown2).
|
2020-05-06 05:51:05 +00:00
|
|
|
pub async fn reload_network_config(
|
|
|
|
rpcenv: &mut dyn RpcEnvironment,
|
|
|
|
) -> Result<String, Error> {
|
2020-04-25 15:00:38 +00:00
|
|
|
|
|
|
|
network::assert_ifupdown2_installed()?;
|
|
|
|
|
2020-10-23 11:33:21 +00:00
|
|
|
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
|
2020-04-25 15:00:38 +00:00
|
|
|
|
2020-10-23 11:33:21 +00:00
|
|
|
let upid_str = WorkerTask::spawn("srvreload", Some(String::from("networking")), auth_id, true, |_worker| async {
|
2020-04-25 15:00:38 +00:00
|
|
|
|
2020-05-06 05:51:05 +00:00
|
|
|
let _ = std::fs::rename(network::NETWORK_INTERFACES_NEW_FILENAME, network::NETWORK_INTERFACES_FILENAME);
|
|
|
|
|
|
|
|
network::network_reload()?;
|
|
|
|
Ok(())
|
|
|
|
})?;
|
|
|
|
|
|
|
|
Ok(upid_str)
|
2020-04-25 15:00:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[api(
|
2020-05-08 07:30:25 +00:00
|
|
|
protected: true,
|
2020-04-25 15:00:38 +00:00
|
|
|
input: {
|
|
|
|
properties: {
|
|
|
|
node: {
|
|
|
|
schema: NODE_SCHEMA,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
access: {
|
2020-04-30 07:30:00 +00:00
|
|
|
permission: &Permission::Privilege(&["system", "network", "interfaces"], PRIV_SYS_MODIFY, false),
|
2020-04-25 15:00:38 +00:00
|
|
|
},
|
|
|
|
)]
|
|
|
|
/// Revert network configuration (rm /etc/network/interfaces.new).
|
|
|
|
pub fn revert_network_config() -> Result<(), Error> {
|
|
|
|
|
|
|
|
let _ = std::fs::remove_file(network::NETWORK_INTERFACES_NEW_FILENAME);
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
const ITEM_ROUTER: Router = Router::new()
|
|
|
|
.get(&API_METHOD_READ_INTERFACE)
|
|
|
|
.put(&API_METHOD_UPDATE_INTERFACE)
|
|
|
|
.delete(&API_METHOD_DELETE_INTERFACE);
|
|
|
|
|
2019-11-21 08:36:41 +00:00
|
|
|
pub const ROUTER: Router = Router::new()
|
2020-04-25 15:00:38 +00:00
|
|
|
.get(&API_METHOD_LIST_NETWORK_DEVICES)
|
|
|
|
.put(&API_METHOD_RELOAD_NETWORK_CONFIG)
|
2020-05-07 09:09:12 +00:00
|
|
|
.post(&API_METHOD_CREATE_INTERFACE)
|
2020-04-25 15:00:38 +00:00
|
|
|
.delete(&API_METHOD_REVERT_NETWORK_CONFIG)
|
2020-05-06 05:51:05 +00:00
|
|
|
.match_all("iface", &ITEM_ROUTER);
|