nft-update-addresses: flush prefix sets on IP address removal

main
Felix Stupp 1 month ago
parent 99e7fa2f62
commit 15203e1c7e
Signed by: zocker
GPG Key ID: 93E1BD26F6B02FB7

@ -405,19 +405,20 @@ class InterfaceUpdateHandler(UpdateStackHandler[IpAddressUpdate]):
return return
if data.ip.version != 6: if data.ip.version != 6:
return return
op = NftValueOperation.if_emptied(data.deleted)
slaacs = {mac: slaac_eui48(data.ip.network, mac) for mac in self.config.macs} slaacs = {mac: slaac_eui48(data.ip.network, mac) for mac in self.config.macs}
for mac in self.config.macs: for mac in self.config.macs:
yield NftUpdate( yield NftUpdate(
obj_type="set", obj_type="set",
obj_name=f"{set_prefix}_{mac}", obj_name=f"{set_prefix}_{mac}",
operation=NftValueOperation.REPLACE, operation=op,
values=(slaacs[mac].ip.compressed,), values=(slaacs[mac].ip.compressed,),
) )
for proto in self.config.protocols: for proto in self.config.protocols:
yield NftUpdate( yield NftUpdate(
obj_type="set", obj_type="set",
obj_name=f"{set_prefix}exp{proto.protocol}", obj_name=f"{set_prefix}exp{proto.protocol}",
operation=NftValueOperation.REPLACE, operation=op,
values=tuple( values=tuple(
f"{slaacs[mac].ip.compressed} . {port}" f"{slaacs[mac].ip.compressed} . {port}"
for mac, portList in proto.exposed.items() for mac, portList in proto.exposed.items()
@ -427,7 +428,7 @@ class InterfaceUpdateHandler(UpdateStackHandler[IpAddressUpdate]):
yield NftUpdate( yield NftUpdate(
obj_type="map", obj_type="map",
obj_name=f"{set_prefix}dnat{proto.protocol}", obj_name=f"{set_prefix}dnat{proto.protocol}",
operation=NftValueOperation.REPLACE, operation=op,
values=tuple( values=tuple(
f"{wan} : {slaacs[mac].ip.compressed} . {lan}" f"{wan} : {slaacs[mac].ip.compressed} . {lan}"
for mac, portMap in proto.forwarded.items() for mac, portMap in proto.forwarded.items()
@ -491,11 +492,16 @@ class NftValueOperation(Enum):
ADD = auto() ADD = auto()
DELETE = auto() DELETE = auto()
REPLACE = auto() REPLACE = auto()
EMPTY = auto()
@staticmethod @staticmethod
def if_deleted(b: bool) -> NftValueOperation: def if_deleted(b: bool) -> NftValueOperation:
return NftValueOperation.DELETE if b else NftValueOperation.ADD return NftValueOperation.DELETE if b else NftValueOperation.ADD
@staticmethod
def if_emptied(b: bool) -> NftValueOperation:
return NftValueOperation.EMPTY if b else NftValueOperation.REPLACE
@property @property
def set_operation(self) -> str: def set_operation(self) -> str:
assert self.passes_values assert self.passes_values
@ -513,6 +519,7 @@ class NftValueOperation(Enum):
def flushes_values(self) -> bool: def flushes_values(self) -> bool:
return self in { return self in {
NftValueOperation.REPLACE, NftValueOperation.REPLACE,
NftValueOperation.EMPTY,
} }

Loading…
Cancel
Save