From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 20606 invoked from network); 31 Oct 2023 21:15:55 -0000
Received: from 9front.inri.net (168.235.81.73)
  by inbox.vuxu.org with ESMTPUTF8; 31 Oct 2023 21:15:55 -0000
Received: from oneiri.one ([170.39.227.229]) by 9front; Tue Oct 31 17:14:34 -0400 2023
Message-ID: <DE82C70836AAD0F32A148DFE84BE3EFB@oneiri.one>
To: 9front@9front.org
Date: Tue, 31 Oct 2023 14:14:31 -0700
From: akw@oneiri.one
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: object-oriented ISO-certified package-aware just-in-time frontend 
Subject: [9front] [PATCH] netaudit: recognize multiple ipnets
Reply-To: 9front@9front.org
Precedence: bulk

If we have multiple ips tied to a sys entry (e.g.  v4/v6), we should
be searching through each corresponding ipnet.

diff 453d3c3d4c96899c7bbca81b8a143ac7a934aebe uncommitted
--- a//rc/bin/netaudit
+++ b//rc/bin/netaudit
@@ -82,23 +82,23 @@
 }
 fn checknet {
 	echo 'checking the network tuple:'
-	ipnet=`{query sys $sysname ipnet}
-	if(~ $ipnet ''){
-		echo '	we are not in an ipnet, so looking for entries in host tuple only'
+	for(ip in `{query sys $sysname ip}){
+		for(attr in (ipnet dns ipgw auth fs)){
+			val = `{query ip $ip $attr}
+			if(! ~ $val $$attr)
+				$attr = ($$attr $val)
+		}
 	}
-	if not {
-		echo '	we are in ' 'ipnet='^$ipnet
-	}
-	ipgw=`{query sys $sysname ipgw}
-	if(~ $ipgw '' '::'){
+	if(~ $ipnet '')
+		echo '	we are not in an ipnet, so looking for entries in host tuple only'
+	if not
+		for(i in $ipnet)
+			echo '	we are in ipnet='$i
+	if(~ $ipgw '' '::')
 		echo '	we do not have an internet gateway, no ipgw= entry'
-	}
-	if not {
-		for(i in $ipgw) {
+	if not
+		for(i in $ipgw)
 			checkip ipgw $i
-		}
-	}
-	dns=`{query sys $sysname dns}
 	if(~ $dns '')
 		echo '	no dns= entry'
 	if not {
@@ -109,7 +109,6 @@
 				echo '	dns='$i 'looks ok'
 		}
 	}
-	auth=`{query sys $sysname auth}
 	if(~ $auth '')
 		echo '	no auth= entry'
 	if not {
@@ -122,7 +121,6 @@
 			}
 		}
 	}
-	fs=`{query sys $sysname fs}
 	if(~ $fs '')
 		echo '	no fs= entry (needed for tls boot)'
 	if not {