nixos/networkd: allow RoutingPolicyRule port ranges

Linux and Systemd allow port ranges to be used in routing policy rules. https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html#SourcePort=
2025-06-10 11:45:45 +03:00 · 2024-03-06 09:11:54 +01:00 · 2024-03-06 09:11:54 +01:00 · f753e58e6e
commit f753e58e6e
parent 4f8234318e
2 changed files with 16 additions and 3 deletions
--- a/nixos/lib/systemd-lib.nix
+++ b/nixos/lib/systemd-lib.nix
@ -73,13 +73,26 @@ in rec {
    optional (attr ? ${name} && (! isMacAddress attr.${name} && attr.${name} != "none"))
      "Systemd ${group} field `${name}` must be a valid MAC address or the special value `none`.";

-
+  isNumberOrRangeOf = check: v:
+    if isInt v
+    then check v
+    else let
+      parts = splitString "-" v;
+      lower = toIntBase10 (head parts);
+      upper = if tail parts != [] then toIntBase10 (head (tail parts)) else lower;
+    in
+      length parts <= 2 && lower <= upper && check lower && check upper;
  isPort = i: i >= 0 && i <= 65535;
+  isPortOrPortRange = isNumberOrRangeOf isPort;

  assertPort = name: group: attr:
    optional (attr ? ${name} && ! isPort attr.${name})
      "Error on the systemd ${group} field `${name}': ${attr.name} is not a valid port number.";

+  assertPortOrPortRange = name: group: attr:
+    optional (attr ? ${name} && ! isPortOrPortRange attr.${name})
+      "Error on the systemd ${group} field `${name}': ${attr.name} is not a valid port number or range of port numbers.";
+
  assertValueOneOf = name: values: group: attr:
    optional (attr ? ${name} && !elem attr.${name} values)
      "Systemd ${group} field `${name}' cannot have value `${toString attr.${name}}'.";