rust-proxmox-ve-config (0.10.2) trixie; urgency=medium * sdn: fabrics: wireguard: store internal node and peer endpoints as full host:port service endpoints instead of deriving the port from the interface, avoiding the malformed ip:port:port entries previously written to the generated WireGuard configuration. -- Proxmox Support Team Wed, 20 May 2026 04:23:56 +0200 rust-proxmox-ve-config (0.10.1) trixie; urgency=medium * sdn: route maps: add the `tag` match action to the API schema. The Tag variant was already present in the MatchAction enum but missing from the EnumEntry list, which left `match tag` unavailable to downstream API consumers. -- Proxmox Support Team Mon, 18 May 2026 19:30:00 +0200 rust-proxmox-ve-config (0.10.0) trixie; urgency=medium * fabrics: add BGP as a third fabric protocol, supporting eBGP unnumbered underlays. Each node has its own ASN and peers with its neighbors over physical interfaces without IP assignment on the fabric links. The fabric coexists with the EVPN controller's BGP instance in the default VRF via local-as. * fabrics: bgp: reject a router-id of 0.0.0.0 at validation time, since FRR rejects it at config load. Catches an explicitly-configured node IP of 0.0.0.0 and the (~1/2^32) FNV-1a hash-to-zero edge case for IPv6-only nodes. * widen proxmox-frr dependency to 0.5.1 for the new BgpRouter::merge_fabric() helper. -- Proxmox Support Team Sun, 17 May 2026 22:20:17 +0200 rust-proxmox-ve-config (0.9.1) trixie; urgency=medium * fabrics: wireguard: change WireGuardPrivateKeys::cleanup() to return a bool indicating whether anything was removed, so Perl callers (and any future consumer) can skip an unconditional rewrite of the cluster-replicated /etc/pve/priv/wg-keys.cfg on every SDN apply when no orphan keys are present. -- Proxmox Support Team Fri, 15 May 2026 05:31:29 +0200 rust-proxmox-ve-config (0.9.0) trixie; urgency=medium * fabrics: ospf: add `redistribute` setting to import routes from other protocols (connected, kernel, static, ...) into OSPF, and generate the matching FRR configuration. * fabrics: ospf: expose the network-type interface property in the API (Broadcast, NonBroadcast, PointToPoint, PointToMultipoint). Previously OSPF picked the network type implicitly based on whether the interface had an IP, which left users no way to override it. The type now lives in proxmox-sdn-types so it can be shared without pulling in the optional `frr` feature. * widen proxmox-frr dependency to 0.5 for the NetworkType move and the new OSPF redistribute, BGP local-as, and extcommunity list types. -- Proxmox Support Team Fri, 15 May 2026 03:43:57 +0200 rust-proxmox-ve-config (0.8.0) trixie; urgency=medium * sdn: fabrics: add WireGuard as a fabric protocol. Two node sub-types (internal for cluster members, external for arbitrary peers) share one section type discriminated by the `role` key. Internal nodes carry the wireguard interfaces they should create and the peer references for them; external nodes act as reusable peer definitions. * sdn: fabrics: validate the wireguard configuration. Reject duplicate interface names per-node and across fabrics, duplicate listen ports per-node and across fabrics, and peer references that point at a local or remote interface (or external node) that does not exist. * sdn: fabrics: add a configuration builder for wireguard that produces the wg(8) configuration for the local node, composing AllowedIPs from the referenced peer node's interface address, the peer-node-level and per-peer allowed_ips lists. * sdn: wireguard: add a section-config type for the cluster-replicated private-key store under /etc/pve/priv/wg-keys.cfg, plus a cleanup helper that drops orphaned keys for nodes or interfaces that no longer exist in the fabric config. * sdn: fabrics: refactor the per-protocol Entry impl block into a macro so adding further fabric protocols requires less boilerplate. -- Proxmox Support Team Wed, 13 May 2026 04:38:01 +0200 rust-proxmox-ve-config (0.7.0) trixie; urgency=medium * sdn: prefix lists: refactor section config and API format. Sequence numbers are now required in the section config but remain optional in the API; missing ones get auto-generated as the highest existing seq plus 5 (or 5 if none exist). The Rust API splits dedicated types between the section config and the API surface, with CRUD helpers on the section that enforce invariants. * sdn: prefix lists: validate entries to reject invalid prefix, le and ge combinations before they reach FRR (which would otherwise reject them and refuse to start). -- Proxmox Support Team Tue, 12 May 2026 02:00:17 +0200 rust-proxmox-ve-config (0.6.1) trixie; urgency=medium * sdn: add doc-comment to PrefixList enum which the API macro requires for use as description. * avoid panicking if fabric node id does not match expected pattern. -- Proxmox Support Team Wed, 06 May 2026 12:10:23 +0200 rust-proxmox-ve-config (0.6.0) trixie; urgency=medium * fix #6399: firewall: treat everything after the first hash sign in a rule line as the comment, matching the perl parser. Previously the firewall failed to start when a rule comment contained a hash sign. * fabrics: adapt frr config generation to match the changed representation of match and set statements in proxmox-frr. * add prefix list section config. * implement frr config generation for prefix lists. * add route map section config. * implement frr config generation for route maps. * fabrics: ospf, openfabric: allow specifying a user-defined route filter that overrides the auto-generated prefix list used to filter routes installed into the kernel routing table by zebra. Does not affect which routes get announced via OSPF or OpenFabric. -- Proxmox Support Team Wed, 06 May 2026 00:53:15 +0200 rust-proxmox-ve-config (0.5.0) trixie; urgency=medium * frr: replace FrrConfigBuilder with direct build_fabric call that takes a mutable FrrConfig, to allow the Perl side to pre-populate controller config before fabric generation. -- Proxmox Support Team Sat, 28 Mar 2026 17:34:08 +0100 rust-proxmox-ve-config (0.4.7) trixie; urgency=medium * update proxmox-network-types from 0.1 to 1. -- Proxmox Support Team Thu, 19 Feb 2026 18:26:45 +0100 rust-proxmox-ve-config (0.4.6) trixie; urgency=medium * firewall: introduce iptables to nftables mapping for icmp-types and icmpv6-types. -- Proxmox Support Team Mon, 17 Nov 2025 15:58:24 +0100 rust-proxmox-ve-config (0.4.5) trixie; urgency=medium * add helper function to iterate over all nodes in all fabrics. * add optional tag property to vnet. -- Proxmox Support Team Wed, 12 Nov 2025 22:14:41 +0100 rust-proxmox-ve-config (0.4.4) trixie; urgency=medium * firewall: add support for legacy alias and ipset names. * guest: store network devices in BTreeMap. -- Proxmox Support Team Sat, 04 Oct 2025 14:29:35 +0200 rust-proxmox-ve-config (0.4.3) trixie; urgency=medium * update proxmox-schema to 5.0.0 * move network types to proxmox-network-api -- Proxmox Support Team Thu, 04 Sep 2025 15:20:05 +0200 rust-proxmox-ve-config (0.4.2) trixie; urgency=medium * fabrics: force ip-prefix to be canonical to avoid warning from FRR. -- Proxmox Support Team Wed, 30 Jul 2025 14:08:42 +0200 rust-proxmox-ve-config (0.4.1) trixie; urgency=medium * fabrics: add helpers for proxmox-network-interface-pinning. * guest: allow access to raw VMID value. -- Proxmox Support Team Thu, 17 Jul 2025 20:55:41 +0200 rust-proxmox-ve-config (0.4.0) trixie; urgency=medium * move IP/Network related types to new proxmox-network-types crate. * sdn: add various section types for fabrics. * sdn: fabrics: add openfabric and ospf properties. * sdn: fabrics: add api types. * sdn: add various fabric related section configs. * add integrations tests for the full cycle from section-config to FRR config file for both openfabric and ospf. -- Proxmox Support Team Wed, 16 Jul 2025 23:43:05 +0200 rust-proxmox-ve-config (0.3.1) trixie; urgency=medium * use proxmox_serde perl helpers. * add ip link struct. -- Proxmox Support Team Wed, 16 Jul 2025 16:58:43 +0200 rust-proxmox-ve-config (0.3.0) trixie; urgency=medium * re-build for Debian Trixie based releases. * upgrade thiserror dependency to version 2. * use endian-safe to_bits for getting the IP netmask from a CIDR. -- Proxmox Support Team Sat, 31 May 2025 16:29:04 +0200 rust-proxmox-ve-config (0.2.3) unstable; urgency=medium * firewall macros: fix macros using ICMP protocol. * fix #6108: firewall macros: Add missing ICMPv6 statements * partially fix #6176: guest firewall: change default for firewall key to off to match user interface. -- Proxmox Support Team Mon, 07 Apr 2025 13:18:38 +0200 rust-proxmox-ve-config (0.2.2) unstable; urgency=medium * rebuild with proxmox-schema 4.0 -- Proxmox Support Team Thu, 16 Jan 2025 13:52:09 +0100 proxmox-ve-config (0.2.1) unstable; urgency=medium * fix #5927: firewall: alias: lowercase names of aliases -- Proxmox Support Team Mon, 25 Nov 2024 22:00:46 +0100 proxmox-ve-config (0.2.0) unstable; urgency=medium * firewall config: add sdn scope for ipsets * firewall config: add ip range types and use them for ip entries * sdn: add ipam module, which can be used to parse the current IPAM state * sdn: ipam: add method for generating ipsets * sdn: add config module to allow dedicated parsing of the SDN config. * sdn: config: add method for generating ipsets * firewall config: add forward direction, which will be used for specifying rules on bridge-level firewalls as well as rules on the cluster / host level that are for forwarded network packets. * firewall config: add bridge firewall config parser to be used for defining rules on bridge-level, similar to the existing cluster/host/vm configuration files. -- Proxmox Support Team Fri, 15 Nov 2024 14:57:16 +0100 proxmox-ve-config (0.1.0) unstable; urgency=medium * Initial release, moving over common rust code for proxmox-ve over from the proxmox-firewall workspace to a dedicated and generic workspace. -- Proxmox Support Team Mon, 03 Jun 2024 10:51:11 +0200