ifstate 1.11.9__py3-none-any.whl → 1.13.0__py3-none-any.whl

ifstate/ifstate.py

@@ -24,16 +24,18 @@ class Actions():
     SHOWALL = "showall"
     VRRP = "vrrp"
     VRRP_FIFO = "vrrp-fifo"
+    VRRP_WORKER = "vrrp-worker"
     SHELL = "shell"
 
 ACTIONS_HELP = {
-    "CHECK"    : "dry run update the network config",
-    "APPLY"    : "update the network config",
-    "SHOW"     : "show running network config",
-    "SHOWALL"  : "show running network config (more settings)",
-    "VRRP"     : "run as keepalived notify script",
-    "VRRP_FIFO": "run as keepalived notify_fifo_script",
-    "SHELL"    : "launch interactive python shell (pyroute2)",
+    "CHECK"      : "dry run update the network config",
+    "APPLY"      : "update the network config",
+    "SHOW"       : "show running network config",
+    "SHOWALL"    : "show running network config (more settings)",
+    "VRRP"       : "run as keepalived notify script",
+    "VRRP_FIFO"  : "run as keepalived notify_fifo_script",
+    "VRRP_WORKER": "worker process for vrrp-fifo",
+    "SHELL"      : "launch interactive python shell (pyroute2)",
 }
 
 class IfsConfigHandler():
@@ -41,23 +43,22 @@ class IfsConfigHandler():
         self.fn = fn
         self.soft_schema = soft_schema
 
+        # require to be called from the root netns
+        try:
+            # assume init runs in the root netns
+            if os.readlink('/proc/1/ns/net') != os.readlink(f'/proc/{os.getpid()}/ns/net'):
+                logger.error("Must not be run from inside a netns!")
+                raise NetNSNotRoot()
+        except OSError as ex:
+            logger.debug(f'root netns test: {ex}')
+            pass
+
         self.ifs = self.load_config()
         self.cb = None
 
-    def set_callback(self, cb):
-        self.cb = cb
-
-    def sighup_handler(self, signum, frame):
-        logger.info("SIGHUP: reloading configuration")
-        try:
-            self.ifs = self.load_config()
-            self.cb(self.ifs)
-        except:
-            logger.exception("failed to reload configuration")
-
     def load_config(self):
         try:
-            parser = YamlParser(self.fn)
+            self.parser = YamlParser(self.fn)
         except ParserOpenError as ex:
             logger.error(
                 "Config loading from {} failed: {}".format(ex.fn, ex.msg))
@@ -71,10 +72,8 @@ class IfsConfigHandler():
             raise ex
 
         try:
-            ifstates = parser.config()
-
             ifs = IfState()
-            ifs.update(ifstates, self.soft_schema)
+            ifs.update(self.parser.config(), self.soft_schema)
             return ifs
         except ParserValidationError as ex:
             logger.error("Config validation failed for {}".format(ex.detail))
@@ -83,10 +82,14 @@ class IfsConfigHandler():
             logger.error(
                 "Config uses unavailable feature: {}".format(ex.feature))
             raise ex
-        except NetNSNotRoot as ex:
-            logger.error("Must not be run from inside a netns!")
-            raise ex
 
+    def dump_config(self, fn):
+        umask = os.umask(0o077)
+        try:
+            with open(fn, "w") as fh:
+                self.parser.dump(fh)
+        finally:
+            os.umask(umask)        
 
 def shell():
     from ifstate.shell import IfStateConsole
@@ -151,6 +154,12 @@ def main():
     action_parsers[Actions.VRRP_FIFO].add_argument(
         "fifo", type=str, help="named FIFO to read state changes from")
 
+    # Parameters for the vrrp-worker action
+    action_parsers[Actions.VRRP_WORKER].add_argument(
+        "type", type=str.lower, choices=["group", "instance"], help="type of vrrp notification")
+    action_parsers[Actions.VRRP_WORKER].add_argument(
+        "name", type=str, help="name of the vrrp group or instance")
+
     args = parser.parse_args()
     if args.verbose:
         lvl = logging.DEBUG
@@ -181,7 +190,7 @@ def main():
         ifslog.quit()
         exit(0)
 
-    if args.action in [Actions.CHECK, Actions.APPLY, Actions.VRRP, Actions.VRRP_FIFO]:
+    if args.action in [Actions.CHECK, Actions.APPLY, Actions.VRRP, Actions.VRRP_FIFO, Actions.VRRP_WORKER]:
         try:
             ifs_config = IfsConfigHandler(args.config, args.soft_schema)
         except (ParserOpenError,
@@ -203,7 +212,10 @@ def main():
                 exit(ex.exit_code())
         elif args.action == Actions.VRRP_FIFO:
             from ifstate.vrrp import vrrp_fifo
-            vrrp_fifo(args.fifo, ifs_config, lvl)
+            vrrp_fifo(args.fifo, ifs_config)
+        elif args.action == Actions.VRRP_WORKER:
+            from ifstate.vrrp import vrrp_worker
+            vrrp_worker(args.type, args.name, ifs_config)
         else:
             # ignore some well-known signals to prevent interruptions (i.e. due to ssh connection loss)
             signal.signal(signal.SIGHUP, signal.SIG_IGN)

ifstate/vrrp.py

@@ -1,51 +1,74 @@
 from libifstate.util import logger, IfStateLogging
 
+import atexit
 from copy import deepcopy
 import logging
 import multiprocessing as mp
+import threading
 import os
 import re
 from setproctitle import setproctitle
 import signal
+import subprocess
+import sys
 
-class VrrpFifoProcess(mp.Process):
+class VrrpFifoProcess():
     '''
     Process for vrrp group/instance configuration.
     '''
-    def __init__(self, vrrp_type, vrrp_name, ifstate, log_level):
-        self.vrrp_type = vrrp_type
-        self.vrrp_name = vrrp_name
-        self.ifstate = ifstate
-        self.log_level = log_level
-        self.queue = mp.Queue()
-        super().__init__(target=self.vrrp_worker, name=f'ifstate-vrrp-fifo|{vrrp_type}.{vrrp_name}', daemon=True)
+    def __init__(self, worker_args):
+        self.worker_args = worker_args
+        self.logger_extra = {'iface': f'{worker_args[-2]} "{worker_args[-1]}"'}
+        self.state_queue = mp.Queue()
+        self.worker_proc = None
+
+        worker_io = threading.Thread(target=self.dequeue)
+        worker_io.start()
 
     def vrrp_update(self, vrrp_state):
-        self.queue.put(vrrp_state)
+        self.state_queue.put(vrrp_state)
 
-    def vrrp_worker(self):
-        instance_title = "vrrp-{}-{}".format(self.vrrp_type, self.vrrp_name)
-        setproctitle("ifstate-{}".format(instance_title))
-        ifslog = IfStateLogging(self.log_level, action=instance_title, log_stderr=False)
-        logger.info('worker spawned')
+    def dequeue(self):
         while True:
-            vrrp_state = self.queue.get()
-            if vrrp_state is None:
-                logger.info('terminating')
+            state = self.state_queue.get()
+
+            # Should we terminate?
+            if state is None:
+                self.worker_proc.stdin.close()
+                self.worker_proc.wait()
                 return
-            else:
-                ifstate = deepcopy(self.ifstate)
-                ifstate.apply(self.vrrp_type, self.vrrp_name, vrrp_state)
+
+            # Restart ifstate vrrp-worker if not alive alive?
+            if self.worker_proc.poll() is not None:
+                logger.warning("worker died", extra=self.logger_extra)
+                self.start()
+
+            logger.info(f'state => {state}', extra=self.logger_extra)
+            self.worker_proc.stdin.write(f'{state}\n')
+            self.worker_proc.stdin.flush()
+        logger.warning("dequeue terminated")
+
+    def start(self):
+        logger.info("spawning worker", extra=self.logger_extra)
+        self.worker_proc = subprocess.Popen(self.worker_args, stdin=subprocess.PIPE, stderr=sys.stderr, text=True)
+
 
 class VrrpStates():
     '''
     Tracks processes and states for vrrp groups/instances.
     '''
-    def __init__(self, ifstate, log_level):
-        self.ifstate = ifstate
-        self.log_level = log_level
+    def __init__(self, ifs_config):
+        self.ifs_config = ifs_config
         self.processes = {}
         self.states = {}
+        self.pid_file = f"/run/libifstate/vrrp/{os.getpid()}.pid"
+        self.cfg_file = f"/run/libifstate/vrrp/{os.getpid()}.cfg"
+        self.worker_args = (
+            sys.argv[0],
+            '-c', self.cfg_file,
+            'vrrp-worker')
+        if logger.level == logging.DEBUG:
+            self.worker_args.append('-v')
 
     def update(self, vrrp_type, vrrp_name, vrrp_state):
         '''
@@ -54,44 +77,65 @@ class VrrpStates():
         '''
         key = (vrrp_type, vrrp_name)
         if not key in self.processes:
-            self.processes[key] = VrrpFifoProcess(vrrp_type, vrrp_name, self.ifstate, self.log_level)
+            worker_args = self.worker_args + key
+            self.processes[key] = VrrpFifoProcess(worker_args)
             self.processes[key].start()
 
         self.states[key] = vrrp_state
         self.processes[key].vrrp_update(vrrp_state)
 
-    def reconfigure(self, ifstate):
+    def reconfigure(self, *argv):
         '''
         Reconfigure all known groups/instances using their last known state by spawning
         new worker Processes.
         '''
-        self.ifstate = ifstate
+
+        # save new config to temp file
+        try:
+            self.ifs_config.load_config()
+            self.ifs_config.dump_config(self.cfg_file)
+        except Exception as ex:
+            logger.error(f'failed to reload config: {ex}')
+            return
+
         for key, state in self.states.items():
+            worker_args = self.worker_args + key
             self.processes[key].vrrp_update(None)
-            self.processes[key] = VrrpFifoProcess(*key, ifstate, self.log_level)
+            self.processes[key] = VrrpFifoProcess(worker_args)
             self.processes[key].start()
             self.processes[key].vrrp_update(self.states[key])
 
-def vrrp_fifo(args_fifo, ifs_config, log_level):
-    vrrp_states = VrrpStates(ifs_config.ifs, log_level)
-    ifs_config.set_callback(vrrp_states.reconfigure)
+    def cleanup_run(self, *argv):
+        """
+        """
+        for file in [self.pid_file, self.cfg_file]:
+            try:
+                os.unlink(file)
+            except OSError as ex:
+                if ex.errno != 2:
+                    logger.warning(f"cannot cleanup {file}: {ex}")
+
+def vrrp_fifo(args_fifo, ifs_config):
+    vrrp_states = VrrpStates(ifs_config)
 
-    signal.signal(signal.SIGHUP, ifs_config.sighup_handler)
+    signal.signal(signal.SIGHUP, vrrp_states.reconfigure)
     signal.signal(signal.SIGPIPE, signal.SIG_IGN)
-    signal.signal(signal.SIGTERM, signal.SIG_IGN)
+    signal.signal(signal.SIGTERM, vrrp_states.cleanup_run)
 
-    pid_file = f"/run/libifstate/vrrp/{os.getpid()}.pid"
     try:
         os.makedirs("/run/libifstate/vrrp", exist_ok=True)
 
-        with open(pid_file, "w", encoding="utf-8") as fh:
+        with open(vrrp_states.pid_file, "w", encoding="utf-8") as fh:
             fh.write(args_fifo)
+        atexit.register(vrrp_states.cleanup_run)
+
+        ifs_config.dump_config(vrrp_states.cfg_file)
     except IOError as err:
-        logger.exception(f'failed to write pid file {pid_file}: {err}')
+        logger.exception(f'failed to write pid file {vrrp_states.pid_file}: {err}')
 
     try:
         status_pattern = re.compile(
-            r'(group|instance) "([^"]+)" (unknown|fault|backup|master)( \d+)?$', re.IGNORECASE)
+            r'(group|instance) "([^"]+)" (unknown|fault|backup|master|stop)( \d+)?$', re.IGNORECASE)
 
         with open(args_fifo) as fifo:
             logger.debug("entering fifo loop...")
@@ -107,7 +151,16 @@ def vrrp_fifo(args_fifo, ifs_config, log_level):
                     logger.warning(f'failed to parse fifo input: {line.strip()}')
                 mp.active_children()
     finally:
-        try:
-            os.remove(pid_file)
-        except IOError:
-            pass
+        vrrp_states.cleanup_run()
+
+def vrrp_worker(vrrp_type, vrrp_name, ifs_config):
+    instance_title = "vrrp-{}-{}".format(vrrp_type, vrrp_name)
+    setproctitle("ifstate-{}".format(instance_title))
+
+    logger.info('worker is alive')
+    for state in sys.stdin:
+        vrrp_state = state.strip()
+
+        ifstate = deepcopy(ifs_config.ifs)
+        ifstate.apply(vrrp_type, vrrp_name, vrrp_state)
+    logger.info('terminating')

{ifstate-1.11.9.dist-info → ifstate-1.13.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: ifstate
-Version: 1.11.9
+Version: 1.13.0
 Summary: Manage host interface settings in a declarative manner
 Home-page: https://ifstate.net/
 Author: Thomas Liske

ifstate-1.13.0.dist-info/RECORD

@@ -0,0 +1,37 @@
+ifstate/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+ifstate/ifstate.py,sha256=jNWVc-XPZOKwD--xSJvAXZP-DEomljmGXtMf8SAdmmU,8770
+ifstate/shell.py,sha256=7_JFpi4icr9MijynDzbb0v5mxhFsng6PCC4m3uQ255A,2177
+ifstate/vrrp.py,sha256=m-vkm_Yx82qx5RmTnouYceWpa1agziBUHr87yK9tBro,5542
+libifstate/__init__.py,sha256=zAn9f1jay5LI9JWSwgzqLK8RmTIks4cYELHolpX60i0,30792
+libifstate/exception.py,sha256=5i59BZdl56J_sNJbyU9n6uHuUNJEyDOO4FJ-neDn9Ds,2608
+libifstate/log.py,sha256=XVoZdwdQoWsjuupFIuG6OP0OrBpXpx7oqyAaUhQ-nJk,4553
+libifstate/util.py,sha256=vqNaa67QZ2G07bQNAisTyUKbVmp0JGkvEGgbKVTtmYA,10579
+libifstate/address/__init__.py,sha256=zIGM7UWXSvoijHMD06DfS2CDtiHpiJlqDgJG7Dl1IPE,3222
+libifstate/bpf/__init__.py,sha256=NVzaunTmJU2PbIQg9eWBMKpFgLh3EnD3ujNa7Yt6rNc,7699
+libifstate/bpf/ctypes.py,sha256=kLZJHZlba09Vc-tbsJAcKpDwdoNO2IjlYVLCopawHmA,4274
+libifstate/bpf/map.py,sha256=cLHNMvRBDNW2yVCEf3z242_oRdU0HqVbFEYVkKXng0w,10818
+libifstate/brport/__init__.py,sha256=NzdA8F4hr2se1bXKNnyKZbvOFlCWBq_cdjwsL1H0Y-o,2964
+libifstate/fdb/__init__.py,sha256=jMplRZZQKkgwFQT2L7Ua4YCdLKwOzkd43_6OFtet2No,6262
+libifstate/link/__init__.py,sha256=epVw6jY8exNeJZUmmUas91yJoeupfgIY7rthq7SGIIw,142
+libifstate/link/base.py,sha256=QbHi3R3Ptyi5L4gdBbOPzJ2Ftpvhnk4Hdl4CCIz5pxs,33162
+libifstate/link/dsa.py,sha256=Y3axTtcym6YL1voKblxctx4PoKDZHzpteKQNnEBUrS8,264
+libifstate/link/physical.py,sha256=cJiq-MCfy-3XQoU-OxzgfPZZtu_pJ8u2ioJgn9VYdGk,560
+libifstate/link/tun.py,sha256=m55o5cwO3h3DCLofUR-68fM4ggLoTKElp6ZJ2LrJSCc,959
+libifstate/link/veth.py,sha256=dEnkhg1AU-CFOFJN-U68G6FJ74CNW9G4RXsa5vLs-qY,2114
+libifstate/neighbour/__init__.py,sha256=FJJpbJvqnxvOEii6QDMYzW5jQDEbiEy71GQOEbqaS48,2463
+libifstate/netns/__init__.py,sha256=lKv43oEcpVUmL494MNOOG_Uh4ght50uu8n8nb9TIwsA,9077
+libifstate/parser/__init__.py,sha256=byz1W0G7UewVc5FFie-ti3UZjGK3-75wHIaOeq0oySQ,88
+libifstate/parser/base.py,sha256=VFAo05O3tiKtI381LVUMYfsDTseMKoQGTfkgnEkm3H4,4770
+libifstate/parser/yaml.py,sha256=MC0kmwqt3P45z61fb_wfUqoj0iZyhFYkdPyr0UqMSZA,1415
+libifstate/routing/__init__.py,sha256=sYe05nuYPYhzahWWwCofDk3F7eRx0vh-iJ6rZr2Utkw,19745
+libifstate/sysctl/__init__.py,sha256=L2gkoLnac_HM6RbCaKmsEuDTNj2m7U4Rjw42TEti0kg,3074
+libifstate/tc/__init__.py,sha256=inPdampCOIr_4oKNB3awqMkW0Eh4fpPh9jvSba6sPVg,12092
+libifstate/wireguard/__init__.py,sha256=vM7vxioV9vQ3gq9SE_URf97ZfGhLsxNiam16y_gXZ5E,6225
+libifstate/xdp/__init__.py,sha256=X1xhEIGng7R5d5F4KsChykT2g6H-XBRWbWABijoYDQA,7208
+schema/ifstate.conf.schema.json,sha256=NZSBedK5m037Iu8O1G5KQ3cc5anNjDs_sPK64U9a6z8,199377
+ifstate-1.13.0.dist-info/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
+ifstate-1.13.0.dist-info/METADATA,sha256=gcKwFbvj7qRlszUfdQyFHNOqO1ifd1tu09XwlC4L5u4,1385
+ifstate-1.13.0.dist-info/WHEEL,sha256=OVMc5UfuAQiSplgO0_WdW7vXVGAt9Hdd6qtN4HotdyA,91
+ifstate-1.13.0.dist-info/entry_points.txt,sha256=HF6jX7Uu_nF1Ly-J9uEPeiRapOxnM6LuHsb2y6Mt-k4,52
+ifstate-1.13.0.dist-info/top_level.txt,sha256=A7peI7aKBaM69fsiSPvMbL3rzTKZZr5qDxKC-pHMGdE,19
+ifstate-1.13.0.dist-info/RECORD,,

{ifstate-1.11.9.dist-info → ifstate-1.13.0.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: bdist_wheel (0.43.0)
+Generator: setuptools (75.2.0)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

libifstate/__init__.py

@@ -1,4 +1,4 @@
-from libifstate.exception import LinkDuplicate
+from libifstate.exception import LinkDuplicate, NetnsUnknown
 from libifstate.link.base import ethtool_path, Link
 from libifstate.address import Addresses
 from libifstate.fdb import FDB
@@ -6,7 +6,7 @@ from libifstate.neighbour import Neighbours
 from libifstate.routing import Tables, Rules, RTLookups
 from libifstate.parser import Parser
 from libifstate.tc import TC
-from libifstate.exception import netlinkerror_classes, NetNSNotRoot
+from libifstate.exception import netlinkerror_classes
 import bisect
 import os
 import pyroute2
@@ -48,7 +48,7 @@ import json
 import errno
 import logging
 
-__version__ = "1.11.9"
+__version__ = "1.13.0"
 
 
 class IfState():
@@ -120,14 +120,6 @@ class IfState():
 
         self._update(self.root_netns, ifstates)
         if 'namespaces' in ifstates:
-            # require to called from the root netns
-            try:
-                # assume init runs in the root netns
-                if os.readlink('/proc/1/ns/net') != os.readlink(f'/proc/{os.getpid()}/ns/net'):
-                    raise NetNSNotRoot()
-            except OSError as ex:
-                logger.debug(f'root netns test: {ex}')
-                pass
             self.namespaces = {}
             self.new_namespaces = []
             for netns_name, netns_ifstates in ifstates['namespaces'].items():
@@ -519,7 +511,11 @@ class IfState():
                 if link_dep.netns is None:
                     self._apply_iface(do_apply, self.root_netns, link_dep, by_vrrp, vrrp_type, vrrp_name, vrrp_state)
                 else:
-                    self._apply_iface(do_apply, self.namespaces[link_dep.netns], link_dep, by_vrrp, vrrp_type, vrrp_name, vrrp_state)
+                    if link_dep.netns not in self.namespaces:
+                        logger.warning("add link {} failed: netns '{}' is unknown".format(link_dep.ifname, link_dep.netns))
+                        return
+                    else:
+                        self._apply_iface(do_apply, self.namespaces[link_dep.netns], link_dep, by_vrrp, vrrp_type, vrrp_name, vrrp_state)
 
         # configure routing
         logger.info("")

libifstate/address/__init__.py

@@ -25,25 +25,29 @@ class Addresses():
         # get active ip addresses
         ipr_addr = {}
         addr_add = []
-        addr_dad = []
+        addr_renew = []
         for addr in self.netns.ipr.get_addr(index=idx):
             flags = addr.get_attr('IFA_FLAGS', 0)
             ip = ip_interface(addr.get_attr('IFA_ADDRESS') +
                               '/' + str(addr['prefixlen']))
             if flags & IFA_F_DADFAILED == IFA_F_DADFAILED:
                 logger.debug('{} has failed dad'.format(ip), extra={'iface': self.iface, 'netns': self.netns})
-                addr_dad.append(ip)
+                addr_renew.append(ip)
             ipr_addr[ip] = addr
 
         for addr in self.addresses:
-            if addr in ipr_addr and addr not in addr_dad:
+            if addr in ipr_addr and addr not in addr_renew:
                 logger.log_ok('addresses', '= {}'.format(addr.with_prefixlen))
                 del ipr_addr[addr]
             else:
                 addr_add.append(addr)
+                for ip in ipr_addr.keys():
+                    if addr.ip == ip.ip:
+                        addr_renew.append(ip)
+                        break
 
         for ip, addr in ipr_addr.items():
-            if addr in addr_dad or not any(ip in net for net in ignore):
+            if ip in addr_renew or not any(ip in net for net in ignore):
                 if not ign_dynamic or ipr_addr[ip]['flags'] & IFA_F_PERMANENT == IFA_F_PERMANENT:
                     logger.log_del('addresses', '- {}'.format(ip.with_prefixlen))
                     try:

libifstate/exception.py

@@ -104,5 +104,9 @@ class ParserParseError(Exception):
     def exit_code(self):
         return 2
 
-class RouteDupblicate(Exception):
+class RouteDuplicate(Exception):
     pass
+
+class NetnsUnknown(Exception):
+    def __init__(self, netns):
+        self.args = (None, "netns '{}' is unknown".format(netns))

libifstate/link/__init__.py

@@ -1,4 +1,5 @@
 import libifstate.link.base
+import libifstate.link.dsa
 import libifstate.link.physical
 import libifstate.link.tun
 import libifstate.link.veth

libifstate/link/base.py

@@ -1,5 +1,5 @@
 from libifstate.util import logger, IfStateLogging, LinkDependency
-from libifstate.exception import ExceptionCollector, LinkTypeUnknown, netlinkerror_classes
+from libifstate.exception import ExceptionCollector, LinkTypeUnknown, NetnsUnknown, netlinkerror_classes
 from libifstate.brport import BRPort
 from libifstate.routing import RTLookups
 from abc import ABC, abstractmethod
@@ -99,6 +99,7 @@ class Link(ABC):
         'ip6gre',
         'ip6gretap',
         'geneve',
+        'sit',
         'wireguard',
         'xfrm',
     ]
@@ -246,14 +247,16 @@ class Link(ABC):
             return ret
 
         info = self.iface.get_attr('IFLA_LINKINFO')
-        if not info is None:
-            ret = info.get_attr(nla)
+        op = getattr(info, 'get_attr', None)
+        if callable(op):
+            ret = op(nla)
             if not ret is None:
                 return ret
 
-            info = info.get_attr('IFLA_INFO_DATA')
-            if not info is None:
-                ret = info.get_attr(nla)
+            info = op('IFLA_INFO_DATA')
+            op = getattr(info, 'get_attr', None)
+            if callable(op):
+                ret = op(nla)
                 if not ret is None:
                     return ret
 
@@ -388,6 +391,9 @@ class Link(ABC):
         if self.bind_netns is None:
             return self.ifstate.root_netns
 
+        if not self.bind_netns in self.ifstate.namespaces:
+            raise NetnsUnknown(self.bind_netns)
+
         return self.ifstate.namespaces.get(self.bind_netns)
 
     def bind_needs_recreate(self, item):
@@ -395,13 +401,6 @@ class Link(ABC):
             return False
 
         bind_netns = self.get_bind_netns()
-        if bind_netns is None:
-            logger.warning('bind_netns "%s" is unknown',
-                        self.bind_netns,
-                        extra={
-                            'iface': self.settings['ifname'],
-                            'netns': self.netns})
-            return False
 
         fn = self.get_bind_fn(item.netns.netns, item.index)
         try:
@@ -468,11 +467,15 @@ class Link(ABC):
         item = self.search_link_registry()
 
         # check if bind_netns option requires a recreate
-        if item is not None and self.bind_needs_recreate(item):
-            self.idx = item.index
-            self.recreate(do_apply, sysctl, excpts)
+        try:
+            if item is not None and self.bind_needs_recreate(item):
+                self.idx = item.index
+                self.recreate(do_apply, sysctl, excpts)
 
-            self.settings = osettings
+                self.settings = osettings
+                return excpts
+        except NetnsUnknown as ex:
+            excpts.add('apply', ex)
             return excpts
 
         # move interface into netns if required
@@ -534,7 +537,12 @@ class Link(ABC):
         logger.log_add('link', oper)
 
         settings = copy.deepcopy(self.settings)
-        bind_netns = self.get_bind_netns()
+        try:
+            bind_netns = self.get_bind_netns()
+        except NetnsUnknown as ex:
+            excpts.add(oper, ex)
+            return excpts
+
         if bind_netns is not None and bind_netns.netns != self.netns.netns:
             logger.debug("handle link binding", extra={
                 'iface': self.settings['ifname'],

libifstate/link/dsa.py

@@ -0,0 +1,10 @@
+from libifstate.util import logger
+from libifstate.link.physical import PhysicalLink
+
+class DsaLink(PhysicalLink):
+    """
+    Distributed Switch Architecture (DSA) user interface
+    
+    https://docs.kernel.org/networking/dsa/configuration.html
+    """
+    pass

libifstate/link/veth.py

@@ -1,6 +1,6 @@
 from libifstate.util import logger
 from libifstate.link.base import Link
-from libifstate.exception import LinkCannotAdd
+from libifstate.exception import LinkCannotAdd, NetnsUnknown
 
 class VethLink(Link):
     def __init__(self, ifstate, netns, name, link, ethtool, vrrp, brport):
@@ -18,7 +18,11 @@ class VethLink(Link):
         '''
         result = super().create(do_apply, sysctl, excpts, oper)
 
-        bind_netns = self.get_bind_netns()
+        try:
+            bind_netns = self.get_bind_netns()
+        except NetnsUnknown as ex:
+            excpts.add(oper, ex)
+            return excpts
         peer_link = next(iter(bind_netns.ipr.get_links(ifname=self.settings['peer'])), None)
         self.ifstate.link_registry.add_link(bind_netns, peer_link)
 

libifstate/log.py

@@ -2,6 +2,7 @@ import logging
 from logging.handlers import QueueHandler, QueueListener
 import os
 import queue
+import stat
 import sys
 
 logger = logging.getLogger('ifstate')
@@ -98,14 +99,25 @@ class IfStateLogging:
                 handlers.append(stream)
 
             # log to syslog
-            syslog = logging.handlers.SysLogHandler('/dev/log', facility=logging.handlers.SysLogHandler.LOG_DAEMON)
-            if action is None:
-                syslog.ident = 'ifstate[{}] '.format(os.getpid())
-            else:
-                syslog.ident = 'ifstate-{}[{}] '.format(action, os.getpid())
-            syslog.addFilter(IfStateLogFilter(False))
-            syslog.setFormatter(formatter)
-            handlers.append(syslog)
+            socket_filename = '/dev/log'
+            try:
+                if not stat.S_ISSOCK(os.stat(socket_filename).st_mode):
+                    socket_filename = None
+            except OSError:
+                socket_filename = None
+
+            if socket_filename is not None:
+                syslog = logging.handlers.SysLogHandler(socket_filename, facility=logging.handlers.SysLogHandler.LOG_DAEMON)
+                if action is None:
+                    syslog.ident = 'ifstate[{}] '.format(os.getpid())
+                else:
+                    syslog.ident = 'ifstate-{}[{}] '.format(action, os.getpid())
+                syslog.addFilter(IfStateLogFilter(False))
+                syslog.setFormatter(formatter)
+                handlers.append(syslog)
+
+        if len(handlers) == 0:
+            handlers.append(logging.NullHandler())
 
         qu = queue.SimpleQueue()
         queue_handler = QueueHandler(qu)

libifstate/parser/base.py

@@ -150,3 +150,10 @@ class Parser(ABC):
                 del(cfg["ignore"][k])
 
         return cfg
+
+    @abstractmethod
+    def dump(self, stream):
+        """
+        Dump the parsed configuration into a io stream.
+        """
+        pass

libifstate/parser/yaml.py

@@ -42,3 +42,6 @@ class YamlParser(Parser):
             raise ParserOpenError(ex)
         except yaml.parser.ParserError as ex:
             raise ParserParseError(ex)
+
+    def dump(self, stream):
+        yaml.dump(self.config(), stream)

libifstate/routing/__init__.py

@@ -1,5 +1,5 @@
 from libifstate.util import logger, IfStateLogging
-from libifstate.exception import RouteDupblicate, netlinkerror_classes
+from libifstate.exception import RouteDuplicate, netlinkerror_classes
 from ipaddress import ip_address, ip_network, IPv6Network
 from pyroute2.netlink.rtnl.fibmsg import FR_ACT_VALUES
 from pyroute2.netlink.rtnl import rt_type
@@ -61,7 +61,7 @@ class RTLookup():
         self.str2id = {}
         self.id2str = {}
 
-        for basedir in ['/usr/lib/iproute2', '/etc/iproute2']:
+        for basedir in ['/usr/share/iproute2', '/usr/lib/iproute2', '/etc/iproute2']:
             fn = os.path.join(basedir, name)
             try:
                 with open(fn, 'r') as fp:
@@ -90,7 +90,7 @@ class RTLookup():
         return self.str2id[key]
 
     def lookup_str(self, key):
-        return self.id2str.get(key, key)
+        return self.id2str.get(key, str(key))
 
 
 class RTLookups():
@@ -307,7 +307,7 @@ class Tables(collections.abc.Mapping):
 
             kroutes = self.kernel_routes(table)
 
-            for route in croutes:
+            for route in sorted(croutes, key=lambda x: [x.get('via', ''), x['dst']]):
                 if 'oif' in route and type(route['oif']) == str:
                     oif = next(
                         iter(self.netns.ipr.link_lookup(ifname=route['oif'])), None)

libifstate/util.py

@@ -23,6 +23,7 @@ import struct
 import array
 import struct
 import typing
+import os
 
 # ethtool helper
 ETHTOOL_GDRVINFO = 0x00000003  # Get driver info
@@ -64,6 +65,23 @@ class IPRouteExt(IPRoute):
 
         self.__sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
 
+
+
+    # def fork_before():
+    #     import sys
+    #     print(f"FORK[{os.getpid()}] before", file=sys.stderr)
+
+    # def fork_parent():
+    #     import sys
+    #     print(f"FORK[{os.getpid()}] parent", file=sys.stderr)
+
+    # def fork_child():
+    #     import sys
+    #     print(f"FORK[{os.getpid()}] after", file=sys.stderr)
+
+    # os.register_at_fork(before=fork_before, after_in_parent=fork_parent, after_in_child=fork_child)
+
+
     def del_filter_by_info(self, index=0, handle=0, info=0, parent=0):
         msg = tcmsg()
         msg['index'] = index
@@ -173,7 +191,7 @@ class IPRouteExt(IPRoute):
         try:
             return next(iter(self.get_links(*argv, **kwarg)), None)
         except Exception as err:
-            if not isinstance(err, netlinkerror_classes):
+            if not isinstance(err, libifstate.exception.netlinkerror_classes):
                 raise
 
         return None

schema/ifstate.conf.schema.json

@@ -2,7 +2,7 @@
     "$id": "https://ifstate.net/schema/ifstate.conf.schema.json",
     "$schema": "http://json-schema.org/draft-07/schema#",
     "title": "ifstate.conf",
-    "description": "IfState 1.11.9 Configuration Schema",
+    "description": "IfState 1.13 Configuration Schema",
     "type": "object",
     "required": [
         "interfaces"
@@ -2743,6 +2743,51 @@
                                     }
                                 }
                             },
+                            {
+                                "description": "DSA interface",
+                                "required": [
+                                    "kind",
+                                    "link"
+                                ],
+                                "additionalProperties": false,
+                                "properties": {
+                                    "kind": {
+                                        "const": "dsa",
+                                        "description": "link type"
+                                    },
+                                    "address": {
+                                        "$ref": "#/$defs/iface-link_address"
+                                    },
+                                    "group": {
+                                        "$ref": "#/$defs/iface-link_group"
+                                    },
+                                    "permaddr": {
+                                        "description": "select interface by permanent address [ethtool -P]",
+                                        "$ref": "#/$defs/iface-link_address"
+                                    },
+                                    "state": {
+                                        "$ref": "#/$defs/iface-link_state"
+                                    },
+                                    "master": {
+                                        "$ref": "#/$defs/iface-link_master"
+                                    },
+                                    "mtu": {
+                                        "$ref": "#/$defs/iface-link_mtu"
+                                    },
+                                    "txqlen": {
+                                        "$ref": "#/$defs/iface-link_txqlen"
+                                    },
+                                    "ifalias": {
+                                        "$ref": "#/$defs/iface-link_ifalias"
+                                    },
+                                    "link": {
+                                        "$ref": "#/$defs/iface-link_link"
+                                    },
+                                    "link_netns": {
+                                        "$ref": "#/$defs/iface-link_link-netns"
+                                    }
+                                }
+                            },
                             {
                                 "description": "Dummy network interface",
                                 "required": [
@@ -2970,6 +3015,32 @@
                                         "description": "specifies the maximum number of FDB entries (0: none)",
                                         "default": 0
                                     },
+                                    "vxlan_port": {
+                                        "description": "specifies the UDP destination port to communicate to the remote VXLAN tunnel endpoint",
+                                        "type": "integer",
+                                        "minimum": 0,
+                                        "maximum": 65535
+                                    },
+                                    "vxlan_port_range": {
+                                        "description": "specifies the range of port numbers to use as UDP source ports to communicate to the remote VXLAN tunnel endpoint",
+                                        "required": [
+                                            "low",
+                                            "high"
+                                        ],
+                                        "additionalProperties": false,
+                                        "properties": {
+                                            "low": {
+                                                "type": "integer",
+                                                "minimum": 0,
+                                                "maximum": 65535
+                                            },
+                                            "high": {
+                                                "type": "integer",
+                                                "minimum": 0,
+                                                "maximum": 65535
+                                            }
+                                        }
+                                    },
                                     "vxlan_proxy": {
                                         "type": "integer",
                                         "minimum": 0,
@@ -3136,6 +3207,9 @@
                                     "address": {
                                         "$ref": "#/$defs/iface-link_address"
                                     },
+                                    "bind_netns": {
+                                        "$ref": "#/$defs/iface-link_bind-netns"
+                                    },
                                     "group": {
                                         "$ref": "#/$defs/iface-link_group"
                                     },

ifstate-1.11.9.dist-info/RECORD

@@ -1,36 +0,0 @@
-ifstate/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-ifstate/ifstate.py,sha256=1xXJmVt_w6X7K5KTqfeTDZ1y-wJxgtrtLJJ1bUFN5I0,8031
-ifstate/shell.py,sha256=7_JFpi4icr9MijynDzbb0v5mxhFsng6PCC4m3uQ255A,2177
-ifstate/vrrp.py,sha256=GOSwQFf3IrcWF5DbQCJQqZ7p33TaFMEVp8LwyRDolWM,4016
-libifstate/__init__.py,sha256=UBj-_U7UY6ar2ds0ZS9yb15bR4813RJ3NUQwN8uSWHg,30914
-libifstate/exception.py,sha256=jCFub2kWSpntcxwL-yJkOpw9sqCmCypBqN_qaIzwEQU,2480
-libifstate/log.py,sha256=CKETu-GUyhBgs4WVtbIYhm_Lzgilap9ALLPeSkO1sWc,4136
-libifstate/util.py,sha256=NYY6Yoy4t42z_Q_Auy_vRHZ_MWT_XXCBZGZj61YMuWQ,10111
-libifstate/address/__init__.py,sha256=wDs0JgLBdZjKzLAnCsMgsyQwgCzXNckcRBL7NIGS_aI,3056
-libifstate/bpf/__init__.py,sha256=NVzaunTmJU2PbIQg9eWBMKpFgLh3EnD3ujNa7Yt6rNc,7699
-libifstate/bpf/ctypes.py,sha256=kLZJHZlba09Vc-tbsJAcKpDwdoNO2IjlYVLCopawHmA,4274
-libifstate/bpf/map.py,sha256=cLHNMvRBDNW2yVCEf3z242_oRdU0HqVbFEYVkKXng0w,10818
-libifstate/brport/__init__.py,sha256=NzdA8F4hr2se1bXKNnyKZbvOFlCWBq_cdjwsL1H0Y-o,2964
-libifstate/fdb/__init__.py,sha256=jMplRZZQKkgwFQT2L7Ua4YCdLKwOzkd43_6OFtet2No,6262
-libifstate/link/__init__.py,sha256=QZggoC-bIscqwVedqVycaSqS1CmXB3Bx3m2FZei8Q_4,115
-libifstate/link/base.py,sha256=BLdFUXTmzzE1dj3eBAnLf3JNSISI6fIODqI1EK2uNwI,33028
-libifstate/link/physical.py,sha256=cJiq-MCfy-3XQoU-OxzgfPZZtu_pJ8u2ioJgn9VYdGk,560
-libifstate/link/tun.py,sha256=m55o5cwO3h3DCLofUR-68fM4ggLoTKElp6ZJ2LrJSCc,959
-libifstate/link/veth.py,sha256=DtohI4PNlWoPijROf6AA6pikCvDhFXh15zQSWQBbfsA,1989
-libifstate/neighbour/__init__.py,sha256=FJJpbJvqnxvOEii6QDMYzW5jQDEbiEy71GQOEbqaS48,2463
-libifstate/netns/__init__.py,sha256=lKv43oEcpVUmL494MNOOG_Uh4ght50uu8n8nb9TIwsA,9077
-libifstate/parser/__init__.py,sha256=byz1W0G7UewVc5FFie-ti3UZjGK3-75wHIaOeq0oySQ,88
-libifstate/parser/base.py,sha256=4Y_kaUysbgQRM9u_Kg3Lr_5GWFGdTXDmP4EC3McsNzU,4628
-libifstate/parser/yaml.py,sha256=u9D9nPfVhYADTd01EYxFYIywnTBccNF1solOcGeLUjM,1345
-libifstate/routing/__init__.py,sha256=DBX8wv386rMii2gZf9n-8vbPikSqqaZO1NoHJX8Bjn4,19666
-libifstate/sysctl/__init__.py,sha256=L2gkoLnac_HM6RbCaKmsEuDTNj2m7U4Rjw42TEti0kg,3074
-libifstate/tc/__init__.py,sha256=inPdampCOIr_4oKNB3awqMkW0Eh4fpPh9jvSba6sPVg,12092
-libifstate/wireguard/__init__.py,sha256=vM7vxioV9vQ3gq9SE_URf97ZfGhLsxNiam16y_gXZ5E,6225
-libifstate/xdp/__init__.py,sha256=X1xhEIGng7R5d5F4KsChykT2g6H-XBRWbWABijoYDQA,7208
-schema/ifstate.conf.schema.json,sha256=-ACPDuqnemSbdoy2ZapMpUzXzabrLPoruE7BO7P080Q,195193
-ifstate-1.11.9.dist-info/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
-ifstate-1.11.9.dist-info/METADATA,sha256=hxlJKKkeBkbm4m7y4Ddi3ujTDpMwzN_OMbF2P0ls5qE,1385
-ifstate-1.11.9.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-ifstate-1.11.9.dist-info/entry_points.txt,sha256=HF6jX7Uu_nF1Ly-J9uEPeiRapOxnM6LuHsb2y6Mt-k4,52
-ifstate-1.11.9.dist-info/top_level.txt,sha256=A7peI7aKBaM69fsiSPvMbL3rzTKZZr5qDxKC-pHMGdE,19
-ifstate-1.11.9.dist-info/RECORD,,