firewall

package
v0.25.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 21, 2023 License: MPL-2.0 Imports: 9 Imported by: 7

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type API

type API interface {
	Alias
	IPSet
	Rule
	Options
}

API is an interface for the Proxmox firewall API.

type Alias

type Alias interface {
	CreateAlias(ctx context.Context, d *AliasCreateRequestBody) error
	DeleteAlias(ctx context.Context, name string) error
	GetAlias(ctx context.Context, name string) (*AliasGetResponseData, error)
	ListAliases(ctx context.Context) ([]*AliasGetResponseData, error)
	UpdateAlias(ctx context.Context, name string, d *AliasUpdateRequestBody) error
}

Alias is an interface for managing firewall aliases.

type AliasCreateRequestBody

type AliasCreateRequestBody struct {
	Comment *string `json:"comment,omitempty" url:"comment,omitempty"`
	Name    string  `json:"name"              url:"name"`
	CIDR    string  `json:"cidr"              url:"cidr"`
}

AliasCreateRequestBody contains the data for an alias create request.

type AliasGetResponseBody

type AliasGetResponseBody struct {
	Data *AliasGetResponseData `json:"data,omitempty"`
}

AliasGetResponseBody contains the body from an alias get response.

type AliasGetResponseData

type AliasGetResponseData struct {
	Comment   *string `json:"comment,omitempty" url:"comment,omitempty"`
	Name      string  `json:"name"              url:"name"`
	CIDR      string  `json:"cidr"              url:"cidr"`
	Digest    *string `json:"digest"            url:"digest"`
	IPVersion int     `json:"ipversion"         url:"ipversion"`
}

AliasGetResponseData contains the data from an alias get response.

type AliasListResponseBody

type AliasListResponseBody struct {
	Data []*AliasGetResponseData `json:"data,omitempty"`
}

AliasListResponseBody contains the data from an alias get response.

type AliasUpdateRequestBody

type AliasUpdateRequestBody struct {
	Comment *string `json:"comment,omitempty" url:"comment,omitempty"`
	ReName  string  `json:"rename"            url:"rename"`
	CIDR    string  `json:"cidr"              url:"cidr"`
}

AliasUpdateRequestBody contains the data for an alias update request.

type BaseRule

type BaseRule struct {
	Comment  *string           `json:"comment,omitempty"   url:"comment,omitempty"`
	Dest     *string           `json:"dest,omitempty"      url:"dest,omitempty"`
	Digest   *string           `json:"digest,omitempty"    url:"digest,omitempty"`
	DPort    *string           `json:"dport,omitempty"     url:"dport,omitempty"`
	Enable   *types.CustomBool `json:"enable,omitempty"    url:"enable,omitempty,int"`
	ICMPType *string           `json:"icmp-type,omitempty" url:"icmp-type,omitempty"`
	IFace    *string           `json:"iface,omitempty"     url:"iface,omitempty"`
	Log      *string           `json:"log,omitempty"       url:"log,omitempty"`
	Macro    *string           `json:"macro,omitempty"     url:"macro,omitempty"`
	Proto    *string           `json:"proto,omitempty"     url:"proto,omitempty"`
	Source   *string           `json:"source,omitempty"    url:"source,omitempty"`
	SPort    *string           `json:"sport,omitempty"     url:"sport,omitempty"`
}

BaseRule is the base struct for firewall rules.

type Client

type Client struct {
	api.Client
}

Client is an interface for accessing the Proxmox firewall API.

func (*Client) AddCIDRToIPSet

func (c *Client) AddCIDRToIPSet(ctx context.Context, id string, d IPSetGetResponseData) error

AddCIDRToIPSet adds IP or Network to IPSet.

func (*Client) CreateAlias

func (c *Client) CreateAlias(ctx context.Context, d *AliasCreateRequestBody) error

CreateAlias create an alias.

func (*Client) CreateIPSet

func (c *Client) CreateIPSet(ctx context.Context, d *IPSetCreateRequestBody) error

CreateIPSet create an IPSet.

func (*Client) CreateRule

func (c *Client) CreateRule(ctx context.Context, d *RuleCreateRequestBody) error

CreateRule creates a firewall rule.

func (*Client) DeleteAlias

func (c *Client) DeleteAlias(ctx context.Context, name string) error

DeleteAlias delete an alias.

func (*Client) DeleteIPSet

func (c *Client) DeleteIPSet(ctx context.Context, id string) error

DeleteIPSet delete an IPSet.

func (*Client) DeleteIPSetContent

func (c *Client) DeleteIPSetContent(ctx context.Context, id string, cidr string) error

DeleteIPSetContent remove IP or Network from IPSet.

func (*Client) DeleteRule

func (c *Client) DeleteRule(ctx context.Context, pos int) error

DeleteRule deletes a firewall rule.

func (*Client) GetAlias

func (c *Client) GetAlias(ctx context.Context, name string) (*AliasGetResponseData, error)

GetAlias retrieves an alias.

func (*Client) GetIPSetContent

func (c *Client) GetIPSetContent(ctx context.Context, id string) ([]*IPSetGetResponseData, error)

GetIPSetContent retrieve a list of IPSet content.

func (*Client) GetOptions

func (c *Client) GetOptions(ctx context.Context) (*OptionsGetResponseData, error)

GetOptions retrieves the options object.

func (*Client) GetOptionsID

func (c *Client) GetOptionsID() string

GetOptionsID returns the ID of the options object.

func (*Client) GetRule

func (c *Client) GetRule(ctx context.Context, pos int) (*RuleGetResponseData, error)

GetRule retrieves a firewall rule.

func (*Client) GetRulesID

func (c *Client) GetRulesID() string

GetRulesID returns the ID of the rules object.

func (*Client) ListAliases

func (c *Client) ListAliases(ctx context.Context) ([]*AliasGetResponseData, error)

ListAliases retrieves a list of aliases.

func (*Client) ListIPSets

func (c *Client) ListIPSets(ctx context.Context) ([]*IPSetListResponseData, error)

ListIPSets retrieves list of IPSets.

func (*Client) ListRules

func (c *Client) ListRules(ctx context.Context) ([]*RuleListResponseData, error)

ListRules retrieves a list of firewall rules.

func (*Client) SetOptions

func (c *Client) SetOptions(ctx context.Context, d *OptionsPutRequestBody) error

SetOptions sets the options object.

func (*Client) UpdateAlias

func (c *Client) UpdateAlias(ctx context.Context, name string, d *AliasUpdateRequestBody) error

UpdateAlias updates an alias.

func (*Client) UpdateIPSet

func (c *Client) UpdateIPSet(ctx context.Context, d *IPSetUpdateRequestBody) error

UpdateIPSet updates an IPSet.

func (*Client) UpdateRule

func (c *Client) UpdateRule(ctx context.Context, pos int, d *RuleUpdateRequestBody) error

UpdateRule updates a firewall rule.

type IPSet

type IPSet interface {
	CreateIPSet(ctx context.Context, d *IPSetCreateRequestBody) error
	AddCIDRToIPSet(ctx context.Context, id string, d IPSetGetResponseData) error
	UpdateIPSet(ctx context.Context, d *IPSetUpdateRequestBody) error
	DeleteIPSet(ctx context.Context, id string) error
	DeleteIPSetContent(ctx context.Context, id string, cidr string) error
	GetIPSetContent(ctx context.Context, id string) ([]*IPSetGetResponseData, error)
	ListIPSets(ctx context.Context) ([]*IPSetListResponseData, error)
}

IPSet is an interface for managing IP sets.

type IPSetContent

type IPSetContent []IPSetGetResponseData

IPSetContent is an array of IPSetGetResponseData.

type IPSetCreateRequestBody

type IPSetCreateRequestBody struct {
	Comment string `json:"comment,omitempty" url:"comment,omitempty"`
	Name    string `json:"name"              url:"name"`
}

IPSetCreateRequestBody contains the data for an IPSet create request.

type IPSetGetResponseBody

type IPSetGetResponseBody struct {
	Data []*IPSetGetResponseData `json:"data,omitempty"`
}

IPSetGetResponseBody contains the body from an IPSet get response.

type IPSetGetResponseData

type IPSetGetResponseData struct {
	CIDR    string            `json:"cidr"              url:"cidr"`
	NoMatch *types.CustomBool `json:"nomatch,omitempty" url:"nomatch,omitempty,int"`
	Comment *string           `json:"comment,omitempty" url:"comment,omitempty"`
}

IPSetGetResponseData contains the data from an IPSet get response.

type IPSetListResponseBody

type IPSetListResponseBody struct {
	Data []*IPSetListResponseData `json:"data,omitempty"`
}

IPSetListResponseBody contains the data from an IPSet get response.

type IPSetListResponseData

type IPSetListResponseData struct {
	Comment *string `json:"comment,omitempty" url:"comment,omitempty"`
	Name    string  `json:"name"              url:"name"`
}

IPSetListResponseData contains list of IPSets from.

type IPSetUpdateRequestBody

type IPSetUpdateRequestBody struct {
	ReName  string  `json:"rename,omitempty"  url:"rename,omitempty"`
	Comment *string `json:"comment,omitempty" url:"comment,omitempty"`
	Name    string  `json:"name"              url:"name"`
}

IPSetUpdateRequestBody contains the data for an IPSet update request.

type Options

type Options interface {
	GetOptionsID() string
	SetOptions(ctx context.Context, d *OptionsPutRequestBody) error
	GetOptions(ctx context.Context) (*OptionsGetResponseData, error)
}

Options is an interface for the Proxmox firewall options API.

type OptionsGetResponseBody

type OptionsGetResponseBody struct {
	Data *OptionsGetResponseData `json:"data,omitempty"`
}

OptionsGetResponseBody is the response body for the GET /cluster/firewall/options API call.

type OptionsGetResponseData

type OptionsGetResponseData struct {
	DHCP        *types.CustomBool `json:"dhcp"          url:"dhcp,int"`
	Enable      *types.CustomBool `json:"enable"        url:"enable,int"`
	IPFilter    *types.CustomBool `json:"ipfilter"      url:"ipfilter,int"`
	LogLevelIN  *string           `json:"log_level_in"  url:"log_level_in"`
	LogLevelOUT *string           `json:"log_level_out" url:"log_level_out"`
	MACFilter   *types.CustomBool `json:"macfilter"     url:"macfilter,int"`
	NDP         *types.CustomBool `json:"ndp"           url:"ndp,int"`
	PolicyIn    *string           `json:"policy_in"     url:"policy_in"`
	PolicyOut   *string           `json:"policy_out"    url:"policy_out"`
	RAdv        *types.CustomBool `json:"radv"          url:"radv,int"`
}

OptionsGetResponseData is the data field of the response body for the GET /cluster/firewall/options API call.

type OptionsPutRequestBody

type OptionsPutRequestBody struct {
	DHCP        *types.CustomBool `json:"dhcp,omitempty"          url:"dhcp,omitempty,int"`
	Enable      *types.CustomBool `json:"enable,omitempty"        url:"enable,omitempty,int"`
	IPFilter    *types.CustomBool `json:"ipfilter,omitempty"      url:"ipfilter,omitempty,int"`
	LogLevelIN  *string           `json:"log_level_in,omitempty"  url:"log_level_in,omitempty"`
	LogLevelOUT *string           `json:"log_level_out,omitempty" url:"log_level_out,omitempty"`
	MACFilter   *types.CustomBool `json:"macfilter,omitempty"     url:"macfilter,omitempty,int"`
	NDP         *types.CustomBool `json:"ndp,omitempty"           url:"ndp,omitempty,int"`
	PolicyIn    *string           `json:"policy_in,omitempty"     url:"policy_in,omitempty"`
	PolicyOut   *string           `json:"policy_out,omitempty"    url:"policy_out,omitempty"`
	RAdv        *types.CustomBool `json:"radv,omitempty"          url:"radv,omitempty,int"`
}

OptionsPutRequestBody is the request body for the PUT /cluster/firewall/options API call.

type Rule

type Rule interface {
	GetRulesID() string
	CreateRule(ctx context.Context, d *RuleCreateRequestBody) error
	GetRule(ctx context.Context, pos int) (*RuleGetResponseData, error)
	ListRules(ctx context.Context) ([]*RuleListResponseData, error)
	UpdateRule(ctx context.Context, pos int, d *RuleUpdateRequestBody) error
	DeleteRule(ctx context.Context, pos int) error
}

Rule is an interface for the Proxmox firewall rule API.

type RuleCreateRequestBody

type RuleCreateRequestBody struct {
	BaseRule

	Action string `json:"action" url:"action"`
	Type   string `json:"type"   url:"type"`

	Group *string `json:"group,omitempty" url:"group,omitempty"`
}

RuleCreateRequestBody contains the data for a firewall rule create request.

type RuleGetResponseBody

type RuleGetResponseBody struct {
	Data *RuleGetResponseData `json:"data,omitempty"`
}

RuleGetResponseBody contains the body from a firewall rule get response.

type RuleGetResponseData

type RuleGetResponseData struct {
	BaseRule

	// NOTE: This is `int` in the PVE API docs, but it's actually a string in the response.
	Pos    string `json:"pos"    url:"pos"`
	Action string `json:"action" url:"action"`
	Type   string `json:"type"   url:"type"`
}

RuleGetResponseData contains the data from a firewall rule get response.

type RuleListResponseBody

type RuleListResponseBody struct {
	Data []*RuleListResponseData `json:"data,omitempty"`
}

RuleListResponseBody contains the data from a firewall rule get response.

type RuleListResponseData

type RuleListResponseData struct {
	Pos int `json:"pos" url:"pos"`
}

RuleListResponseData contains the data from a firewall rule get response.

type RuleUpdateRequestBody

type RuleUpdateRequestBody struct {
	BaseRule

	Pos    *int    `json:"pos,omitempty"    url:"pos,omitempty"`
	Action *string `json:"action,omitempty" url:"action,omitempty"`
	Type   *string `json:"type,omitempty"   url:"type,omitempty"`

	Group *string `json:"group,omitempty"   url:"group,omitempty"`
}

RuleUpdateRequestBody contains the data for a firewall rule update request.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL