feat(nftables): move NFTables forwarding management from the Rust engine to @push.rocks/smartnftables

2026-03-26 13:11:57 +00:00
parent c0e432fd9b
commit a6ffa24e36
22 changed files with 149 additions and 650 deletions
--- a/rust/crates/rustproxy-config/src/helpers.rs
+++ b/rust/crates/rustproxy-config/src/helpers.rs
@@ -40,8 +40,6 @@ pub fn create_http_route(
            load_balancing: None,
            advanced: None,
            options: None,
-            forwarding_engine: None,
-            nftables: None,
            send_proxy_protocol: None,
            udp: None,
        },
@@ -138,8 +136,6 @@ pub fn create_http_to_https_redirect(
                url_rewrite: None,
            }),
            options: None,
-            forwarding_engine: None,
-            nftables: None,
            send_proxy_protocol: None,
            udp: None,
        },
@@ -222,8 +218,6 @@ pub fn create_load_balancer_route(
            }),
            advanced: None,
            options: None,
-            forwarding_engine: None,
-            nftables: None,
            send_proxy_protocol: None,
            udp: None,
        },
--- a/rust/crates/rustproxy-config/src/route_types.rs
+++ b/rust/crates/rustproxy-config/src/route_types.rs
@@ -60,16 +60,6 @@ pub enum RouteActionType {
    SocketHandler,
 }

-// ─── Forwarding Engine ───────────────────────────────────────────────
-
-/// Forwarding engine specification.
-#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
-#[serde(rename_all = "lowercase")]
-pub enum ForwardingEngine {
-    Node,
-    Nftables,
-}
-
 // ─── Route Match ─────────────────────────────────────────────────────

 /// Domain specification: single string or array.
@@ -341,38 +331,6 @@ pub struct RouteAdvanced {
    pub url_rewrite: Option<RouteUrlRewrite>,
 }

-// ─── NFTables Options ────────────────────────────────────────────────
-
-/// NFTables protocol type.
-#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
-#[serde(rename_all = "lowercase")]
-pub enum NfTablesProtocol {
-    Tcp,
-    Udp,
-    All,
-}
-
-/// NFTables-specific configuration options.
-/// Matches TypeScript: `INfTablesOptions`
-#[derive(Debug, Clone, Serialize, Deserialize)]
-#[serde(rename_all = "camelCase")]
-pub struct NfTablesOptions {
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub preserve_source_ip: Option<bool>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub protocol: Option<NfTablesProtocol>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub max_rate: Option<String>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub priority: Option<i32>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub table_name: Option<String>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub use_ip_sets: Option<bool>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub use_advanced_nat: Option<bool>,
-}
-
 // ─── Backend Protocol ────────────────────────────────────────────────

 /// Backend protocol.
@@ -541,14 +499,6 @@ pub struct RouteAction {
    #[serde(skip_serializing_if = "Option::is_none")]
    pub options: Option<ActionOptions>,

-    /// Forwarding engine specification
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub forwarding_engine: Option<ForwardingEngine>,
-
-    /// NFTables-specific options
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub nftables: Option<NfTablesOptions>,
-
    /// PROXY protocol support (default for all targets)
    #[serde(skip_serializing_if = "Option::is_none")]
    pub send_proxy_protocol: Option<bool>,