Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var AddRuleCmd = base.Cmd{ BaseCobraCommand: func(client hcapi2.Client) *cobra.Command { cmd := &cobra.Command{ Use: "add-rule FIREWALL FLAGS", Short: "Add a single rule to a firewall", Args: cobra.ExactArgs(1), ValidArgsFunction: cmpl.SuggestArgs(cmpl.SuggestCandidatesF(client.Firewall().Names)), TraverseChildren: true, DisableFlagsInUseLine: true, } cmd.Flags().String("direction", "", "Direction (in, out) (required)") cmd.RegisterFlagCompletionFunc("direction", cmpl.SuggestCandidates("in", "out")) cmd.MarkFlagRequired("direction") cmd.Flags().String("protocol", "", "Protocol (icmp, esp, gre, udp or tcp) (required)") cmd.RegisterFlagCompletionFunc("protocol", cmpl.SuggestCandidates("icmp", "udp", "tcp", "esp", "gre")) cmd.MarkFlagRequired("protocol") cmd.Flags().StringArray("source-ips", []string{}, "Source IPs (CIDR Notation) (required when direction is in)") cmd.Flags().StringArray("destination-ips", []string{}, "Destination IPs (CIDR Notation) (required when direction is out)") cmd.Flags().String("port", "", "Port to which traffic will be allowed, only applicable for protocols TCP and UDP, you can specify port ranges, sample: 80-85") cmd.Flags().String("description", "", "Description of the firewall rule") return cmd }, Run: func(ctx context.Context, client hcapi2.Client, waiter state.ActionWaiter, cmd *cobra.Command, args []string) error { direction, _ := cmd.Flags().GetString("direction") protocol, _ := cmd.Flags().GetString("protocol") sourceIPs, _ := cmd.Flags().GetStringArray("source-ips") destinationIPs, _ := cmd.Flags().GetStringArray("destination-ips") port, _ := cmd.Flags().GetString("port") description, _ := cmd.Flags().GetString("description") idOrName := args[0] firewall, _, err := client.Firewall().Get(ctx, idOrName) if err != nil { return err } if firewall == nil { return fmt.Errorf("Firewall not found: %v", idOrName) } d := hcloud.FirewallRuleDirection(direction) rule := hcloud.FirewallRule{ Direction: d, Protocol: hcloud.FirewallRuleProtocol(protocol), } if port != "" { rule.Port = hcloud.String(port) } if description != "" { rule.Description = hcloud.String(description) } switch rule.Protocol { case hcloud.FirewallRuleProtocolTCP: case hcloud.FirewallRuleProtocolUDP: if port == "" { return fmt.Errorf("port is required") } default: if port != "" { return fmt.Errorf("port is not allowed for this protocol") } } switch d { case hcloud.FirewallRuleDirectionOut: rule.DestinationIPs = make([]net.IPNet, len(destinationIPs)) for i, ip := range destinationIPs { n, err := validateFirewallIP(ip) if err != nil { return fmt.Errorf("destination error on index %d: %s", i, err) } rule.DestinationIPs[i] = *n } case hcloud.FirewallRuleDirectionIn: rule.SourceIPs = make([]net.IPNet, len(sourceIPs)) for i, ip := range sourceIPs { n, err := validateFirewallIP(ip) if err != nil { return fmt.Errorf("source ips error on index %d: %s", i, err) } rule.SourceIPs[i] = *n } } rules := append(firewall.Rules, rule) actions, _, err := client.Firewall().SetRules(ctx, firewall, hcloud.FirewallSetRulesOpts{Rules: rules}, ) if err != nil { return err } if err := waiter.WaitForActions(ctx, actions); err != nil { return err } cmd.Printf("Firewall Rules for Firewall %d updated\n", firewall.ID) return nil }, }
View Source
var ApplyToResourceCmd = base.Cmd{ BaseCobraCommand: func(client hcapi2.Client) *cobra.Command { cmd := &cobra.Command{ Use: "apply-to-resource FIREWALL FLAGS", Short: "Applies a Firewall to a single resource", Args: cobra.ExactArgs(1), ValidArgsFunction: cmpl.SuggestArgs(cmpl.SuggestCandidatesF(client.Firewall().Names)), TraverseChildren: true, DisableFlagsInUseLine: true, } cmd.Flags().String("type", "", "Resource Type (server) (required)") cmd.RegisterFlagCompletionFunc("type", cmpl.SuggestCandidates("server", "label_selector")) cmd.MarkFlagRequired("type") cmd.Flags().String("server", "", "Server name of ID (required when type is server)") cmd.RegisterFlagCompletionFunc("server", cmpl.SuggestCandidatesF(client.Server().Names)) cmd.Flags().StringP("label-selector", "l", "", "Label Selector") return cmd }, Run: func(ctx context.Context, client hcapi2.Client, waiter state.ActionWaiter, cmd *cobra.Command, args []string) error { resourceType, _ := cmd.Flags().GetString("type") switch resourceType { case string(hcloud.FirewallResourceTypeServer): server, _ := cmd.Flags().GetString("server") if server == "" { return fmt.Errorf("type %s need a --server specific", resourceType) } case string(hcloud.FirewallResourceTypeLabelSelector): labelSelector, _ := cmd.Flags().GetString("label-selector") if labelSelector == "" { return fmt.Errorf("type %s need a --label-selector specific", resourceType) } default: return fmt.Errorf("unknown type %s", resourceType) } serverIdOrName, _ := cmd.Flags().GetString("server") labelSelector, _ := cmd.Flags().GetString("label-selector") idOrName := args[0] firewall, _, err := client.Firewall().Get(ctx, idOrName) if err != nil { return err } if firewall == nil { return fmt.Errorf("Firewall not found: %v", idOrName) } opts := hcloud.FirewallResource{Type: hcloud.FirewallResourceType(resourceType)} switch opts.Type { case hcloud.FirewallResourceTypeServer: server, _, err := client.Server().Get(ctx, serverIdOrName) if err != nil { return err } if server == nil { return fmt.Errorf("Server not found: %v", serverIdOrName) } opts.Server = &hcloud.FirewallResourceServer{ID: server.ID} case hcloud.FirewallResourceTypeLabelSelector: opts.LabelSelector = &hcloud.FirewallResourceLabelSelector{Selector: labelSelector} default: return fmt.Errorf("unknown type %s", opts.Type) } actions, _, err := client.Firewall().ApplyResources(ctx, firewall, []hcloud.FirewallResource{opts}) if err != nil { return err } if err := waiter.WaitForActions(ctx, actions); err != nil { return err } cmd.Printf("Firewall %d applied\n", firewall.ID) return nil }, }
View Source
var CreateCmd = base.CreateCmd{ BaseCobraCommand: func(client hcapi2.Client) *cobra.Command { cmd := &cobra.Command{ Use: "create FLAGS", Short: "Create a Firewall", Args: cobra.NoArgs, } cmd.Flags().String("name", "", "Name") cmd.MarkFlagRequired("name") cmd.Flags().StringToString("label", nil, "User-defined labels ('key=value') (can be specified multiple times)") cmd.Flags().String("rules-file", "", "JSON file containing your routes (use - to read from stdin). The structure of the file needs to be the same as within the API: https://docs.hetzner.cloud/#firewalls-get-a-firewall ") return cmd }, Run: func(ctx context.Context, client hcapi2.Client, waiter state.ActionWaiter, cmd *cobra.Command, strings []string) (*hcloud.Response, any, error) { name, _ := cmd.Flags().GetString("name") labels, _ := cmd.Flags().GetStringToString("label") opts := hcloud.FirewallCreateOpts{ Name: name, Labels: labels, } rulesFile, _ := cmd.Flags().GetString("rules-file") if len(rulesFile) > 0 { var data []byte var err error if rulesFile == "-" { data, err = ioutil.ReadAll(os.Stdin) } else { data, err = ioutil.ReadFile(rulesFile) } if err != nil { return nil, nil, err } var rules []schema.FirewallRule err = json.Unmarshal(data, &rules) if err != nil { return nil, nil, err } for _, rule := range rules { var sourceNets []net.IPNet for i, sourceIP := range rule.SourceIPs { _, sourceNet, err := net.ParseCIDR(sourceIP) if err != nil { return nil, nil, fmt.Errorf("invalid CIDR on index %d : %s", i, err) } sourceNets = append(sourceNets, *sourceNet) } opts.Rules = append(opts.Rules, hcloud.FirewallRule{ Direction: hcloud.FirewallRuleDirection(rule.Direction), SourceIPs: sourceNets, Protocol: hcloud.FirewallRuleProtocol(rule.Protocol), Port: rule.Port, Description: rule.Description, }) } } result, response, err := client.Firewall().Create(ctx, opts) if err != nil { return nil, nil, err } if err := waiter.WaitForActions(ctx, result.Actions); err != nil { return nil, nil, err } cmd.Printf("Firewall %d created\n", result.Firewall.ID) return response, nil, err }, }
View Source
var DeleteCmd = base.DeleteCmd{ ResourceNameSingular: "firewall", ShortDescription: "Delete a firewall", NameSuggestions: func(c hcapi2.Client) func() []string { return c.Firewall().Names }, Fetch: func(ctx context.Context, client hcapi2.Client, cmd *cobra.Command, idOrName string) (interface{}, *hcloud.Response, error) { return client.Firewall().Get(ctx, idOrName) }, Delete: func(ctx context.Context, client hcapi2.Client, _ state.ActionWaiter, cmd *cobra.Command, resource interface{}) error { firewall := resource.(*hcloud.Firewall) if _, err := client.Firewall().Delete(ctx, firewall); err != nil { return err } return nil }, }
View Source
var DeleteRuleCmd = base.Cmd{ BaseCobraCommand: func(client hcapi2.Client) *cobra.Command { cmd := &cobra.Command{ Use: "delete-rule FIREWALL FLAGS", Short: "Delete a single rule to a firewall", Args: cobra.ExactArgs(1), ValidArgsFunction: cmpl.SuggestArgs(cmpl.SuggestCandidatesF(client.Firewall().Names)), TraverseChildren: true, DisableFlagsInUseLine: true, } cmd.Flags().String("direction", "", "Direction (in, out) (required)") cmd.RegisterFlagCompletionFunc("direction", cmpl.SuggestCandidates("in", "out")) cmd.MarkFlagRequired("direction") cmd.Flags().String("protocol", "", "Protocol (icmp, esp, gre, udp or tcp) (required)") cmd.RegisterFlagCompletionFunc("protocol", cmpl.SuggestCandidates("icmp", "udp", "tcp", "esp", "gre")) cmd.MarkFlagRequired("protocol") cmd.Flags().StringArray("source-ips", []string{}, "Source IPs (CIDR Notation) (required when direction is in)") cmd.Flags().StringArray("destination-ips", []string{}, "Destination IPs (CIDR Notation) (required when direction is out)") cmd.Flags().String("port", "", "Port to which traffic will be allowed, only applicable for protocols TCP and UDP") cmd.Flags().String("description", "", "Description of the firewall rule") return cmd }, Run: func(ctx context.Context, client hcapi2.Client, waiter state.ActionWaiter, cmd *cobra.Command, args []string) error { direction, _ := cmd.Flags().GetString("direction") protocol, _ := cmd.Flags().GetString("protocol") sourceIPs, _ := cmd.Flags().GetStringArray("source-ips") destinationIPs, _ := cmd.Flags().GetStringArray("destination-ips") port, _ := cmd.Flags().GetString("port") description, _ := cmd.Flags().GetString("description") idOrName := args[0] firewall, _, err := client.Firewall().Get(ctx, idOrName) if err != nil { return err } if firewall == nil { return fmt.Errorf("Firewall not found: %v", idOrName) } d := hcloud.FirewallRuleDirection(direction) rule := hcloud.FirewallRule{ Direction: d, Protocol: hcloud.FirewallRuleProtocol(protocol), } if port != "" { rule.Port = hcloud.String(port) } if description != "" { rule.Description = hcloud.String(description) } switch rule.Protocol { case hcloud.FirewallRuleProtocolTCP: case hcloud.FirewallRuleProtocolUDP: if port == "" { return fmt.Errorf("port is required") } default: if port != "" { return fmt.Errorf("port is not allowed for this protocol") } } switch d { case hcloud.FirewallRuleDirectionOut: rule.DestinationIPs = make([]net.IPNet, len(destinationIPs)) for i, ip := range destinationIPs { n, err := validateFirewallIP(ip) if err != nil { return fmt.Errorf("destination ips error on index %d: %s", i, err) } rule.DestinationIPs[i] = *n rule.SourceIPs = make([]net.IPNet, 0) } case hcloud.FirewallRuleDirectionIn: rule.SourceIPs = make([]net.IPNet, len(sourceIPs)) for i, ip := range sourceIPs { n, err := validateFirewallIP(ip) if err != nil { return fmt.Errorf("source ips error on index %d: %s", i, err) } rule.DestinationIPs = make([]net.IPNet, 0) rule.SourceIPs[i] = *n } } var rules []hcloud.FirewallRule for _, existingRule := range firewall.Rules { if !reflect.DeepEqual(existingRule, rule) { rules = append(rules, existingRule) } } if len(rules) == len(firewall.Rules) { return fmt.Errorf("the specified rule was not found in the ruleset of Firewall %d", firewall.ID) } actions, _, err := client.Firewall().SetRules(ctx, firewall, hcloud.FirewallSetRulesOpts{Rules: rules}, ) if err != nil { return err } if err := waiter.WaitForActions(ctx, actions); err != nil { return err } cmd.Printf("Firewall Rules for Firewall %d updated\n", firewall.ID) return nil }, }
View Source
var DescribeCmd = base.DescribeCmd{ ResourceNameSingular: "firewall", ShortDescription: "Describe an firewall", JSONKeyGetByID: "firewall", JSONKeyGetByName: "firewalls", NameSuggestions: func(c hcapi2.Client) func() []string { return c.Firewall().Names }, Fetch: func(ctx context.Context, client hcapi2.Client, cmd *cobra.Command, idOrName string) (interface{}, *hcloud.Response, error) { return client.Firewall().Get(ctx, idOrName) }, PrintText: func(_ context.Context, client hcapi2.Client, cmd *cobra.Command, resource interface{}) error { firewall := resource.(*hcloud.Firewall) cmd.Printf("ID:\t\t%d\n", firewall.ID) cmd.Printf("Name:\t\t%s\n", firewall.Name) cmd.Printf("Created:\t%s (%s)\n", util.Datetime(firewall.Created), humanize.Time(firewall.Created)) cmd.Print("Labels:\n") if len(firewall.Labels) == 0 { cmd.Print(" No labels\n") } else { for key, value := range firewall.Labels { cmd.Printf(" %s: %s\n", key, value) } } cmd.Print("Rules:\n") if len(firewall.Rules) == 0 { cmd.Print(" No rules\n") } else { for _, rule := range firewall.Rules { cmd.Printf(" - Direction:\t\t%s\n", rule.Direction) if rule.Description != nil { cmd.Printf(" Description:\t%s\n", *rule.Description) } cmd.Printf(" Protocol:\t\t%s\n", rule.Protocol) if rule.Port != nil { cmd.Printf(" Port:\t\t%s\n", *rule.Port) } var ips []net.IPNet switch rule.Direction { case hcloud.FirewallRuleDirectionIn: cmd.Print(" Source IPs:\n") ips = rule.SourceIPs case hcloud.FirewallRuleDirectionOut: cmd.Print(" Destination IPs:\n") ips = rule.DestinationIPs } for _, cidr := range ips { cmd.Printf(" \t\t\t%s\n", cidr.String()) } } } cmd.Print("Applied To:\n") if len(firewall.AppliedTo) == 0 { cmd.Print(" Not applied\n") } else { for _, resource := range firewall.AppliedTo { cmd.Printf(" - Type:\t\t%s\n", resource.Type) switch resource.Type { case hcloud.FirewallResourceTypeServer: cmd.Printf(" Server ID:\t\t%d\n", resource.Server.ID) cmd.Printf(" Server Name:\t%s\n", client.Server().ServerName(resource.Server.ID)) case hcloud.FirewallResourceTypeLabelSelector: cmd.Printf(" Label Selector:\t%s\n", resource.LabelSelector.Selector) } } } return nil }, }
View Source
var LabelCmds = base.LabelCmds{ ResourceNameSingular: "firewall", ShortDescriptionAdd: "Add a label to an firewall", ShortDescriptionRemove: "Remove a label from an firewall", NameSuggestions: func(c hcapi2.Client) func() []string { return c.Firewall().Names }, LabelKeySuggestions: func(c hcapi2.Client) func(idOrName string) []string { return c.Firewall().LabelKeys }, FetchLabels: func(ctx context.Context, client hcapi2.Client, idOrName string) (map[string]string, int64, error) { firewall, _, err := client.Firewall().Get(ctx, idOrName) if err != nil { return nil, 0, err } if firewall == nil { return nil, 0, fmt.Errorf("firewall not found: %s", idOrName) } return firewall.Labels, firewall.ID, nil }, SetLabels: func(ctx context.Context, client hcapi2.Client, id int64, labels map[string]string) error { opts := hcloud.FirewallUpdateOpts{ Labels: labels, } _, _, err := client.Firewall().Update(ctx, &hcloud.Firewall{ID: id}, opts) return err }, }
View Source
var ListCmd = base.ListCmd{ ResourceNamePlural: "Firewalls", JSONKeyGetByName: "firewalls", DefaultColumns: []string{"id", "name", "rules_count", "applied_to_count"}, Fetch: func(ctx context.Context, client hcapi2.Client, _ *pflag.FlagSet, listOpts hcloud.ListOpts, sorts []string) ([]interface{}, error) { opts := hcloud.FirewallListOpts{ListOpts: listOpts} if len(sorts) > 0 { opts.Sort = sorts } firewalls, err := client.Firewall().AllWithOpts(ctx, opts) var resources []interface{} for _, n := range firewalls { resources = append(resources, n) } return resources, err }, OutputTable: func(client hcapi2.Client) *output.Table { return output.NewTable(). AddAllowedFields(hcloud.Firewall{}). AddFieldFn("rules_count", output.FieldFn(func(obj interface{}) string { firewall := obj.(*hcloud.Firewall) count := len(firewall.Rules) if count == 1 { return fmt.Sprintf("%d Rule", count) } return fmt.Sprintf("%d Rules", count) })). AddFieldFn("applied_to_count", output.FieldFn(func(obj interface{}) string { firewall := obj.(*hcloud.Firewall) servers := 0 labelSelectors := 0 for _, r := range firewall.AppliedTo { if r.Type == hcloud.FirewallResourceTypeLabelSelector { labelSelectors++ continue } servers++ } serversText := "Servers" if servers == 1 { serversText = "Server" } labelSelectorsText := "Label Selectors" if labelSelectors == 1 { labelSelectorsText = "Label Selector" } return fmt.Sprintf("%d %s | %d %s", servers, serversText, labelSelectors, labelSelectorsText) })) }, JSONSchema: func(resources []interface{}) interface{} { firewallSchemas := make([]schema.Firewall, 0, len(resources)) for _, resource := range resources { firewall := resource.(*hcloud.Firewall) firewallSchema := schema.Firewall{ ID: firewall.ID, Name: firewall.Name, Labels: firewall.Labels, Created: firewall.Created, } for _, rule := range firewall.Rules { var sourceNets []string for _, sourceIP := range rule.SourceIPs { sourceNets = append(sourceNets, sourceIP.Network()) } var destinationNets []string for _, destinationIP := range rule.DestinationIPs { destinationNets = append(destinationNets, destinationIP.Network()) } firewallSchema.Rules = append(firewallSchema.Rules, schema.FirewallRule{ Direction: string(rule.Direction), SourceIPs: sourceNets, DestinationIPs: destinationNets, Protocol: string(rule.Protocol), Port: rule.Port, Description: rule.Description, }) } for _, AppliedTo := range firewall.AppliedTo { s := schema.FirewallResource{ Type: string(AppliedTo.Type), } switch AppliedTo.Type { case hcloud.FirewallResourceTypeServer: s.Server = &schema.FirewallResourceServer{ID: AppliedTo.Server.ID} case hcloud.FirewallResourceTypeLabelSelector: s.LabelSelector = &schema.FirewallResourceLabelSelector{Selector: AppliedTo.LabelSelector.Selector} } firewallSchema.AppliedTo = append(firewallSchema.AppliedTo, s) } firewallSchemas = append(firewallSchemas, firewallSchema) } return firewallSchemas }, }
View Source
var RemoveFromResourceCmd = base.Cmd{ BaseCobraCommand: func(client hcapi2.Client) *cobra.Command { cmd := &cobra.Command{ Use: "remove-from-resource FIREWALL FLAGS", Short: "Removes a Firewall from a single resource", Args: cobra.ExactArgs(1), ValidArgsFunction: cmpl.SuggestArgs(cmpl.SuggestCandidatesF(client.Firewall().Names)), TraverseChildren: true, DisableFlagsInUseLine: true, } cmd.Flags().String("type", "", "Resource Type (server) (required)") cmd.RegisterFlagCompletionFunc("type", cmpl.SuggestCandidates("server", "label_selector")) cmd.MarkFlagRequired("type") cmd.Flags().String("server", "", "Server name of ID (required when type is server)") cmd.RegisterFlagCompletionFunc("server", cmpl.SuggestCandidatesF(client.Server().Names)) cmd.Flags().StringP("label-selector", "l", "", "Label Selector") return cmd }, Run: func(ctx context.Context, client hcapi2.Client, waiter state.ActionWaiter, cmd *cobra.Command, args []string) error { resourceType, _ := cmd.Flags().GetString("type") switch resourceType { case string(hcloud.FirewallResourceTypeServer): server, _ := cmd.Flags().GetString("server") if server == "" { return fmt.Errorf("type %s need a --server specific", resourceType) } case string(hcloud.FirewallResourceTypeLabelSelector): labelSelector, _ := cmd.Flags().GetString("label-selector") if labelSelector == "" { return fmt.Errorf("type %s need a --label-selector specific", resourceType) } default: return fmt.Errorf("unknown type %s", resourceType) } serverIdOrName, _ := cmd.Flags().GetString("server") labelSelector, _ := cmd.Flags().GetString("label-selector") idOrName := args[0] firewall, _, err := client.Firewall().Get(ctx, idOrName) if err != nil { return err } if firewall == nil { return fmt.Errorf("Firewall not found: %v", idOrName) } opts := hcloud.FirewallResource{Type: hcloud.FirewallResourceType(resourceType)} switch opts.Type { case hcloud.FirewallResourceTypeServer: server, _, err := client.Server().Get(ctx, serverIdOrName) if err != nil { return err } if server == nil { return fmt.Errorf("Server not found: %v", serverIdOrName) } opts.Server = &hcloud.FirewallResourceServer{ID: server.ID} case hcloud.FirewallResourceTypeLabelSelector: opts.LabelSelector = &hcloud.FirewallResourceLabelSelector{Selector: labelSelector} default: return fmt.Errorf("unknown type %s", opts.Type) } actions, _, err := client.Firewall().RemoveResources(ctx, firewall, []hcloud.FirewallResource{opts}) if err != nil { return err } if err := waiter.WaitForActions(ctx, actions); err != nil { return err } cmd.Printf("Firewall %d applied\n", firewall.ID) return nil }, }
View Source
var ReplaceRulesCmd = base.Cmd{ BaseCobraCommand: func(client hcapi2.Client) *cobra.Command { cmd := &cobra.Command{ Use: "replace-rules FIREWALL FLAGS", Short: "Replaces all rules from a Firewall from a file", Args: cobra.ExactArgs(1), ValidArgsFunction: cmpl.SuggestArgs(cmpl.SuggestCandidatesF(client.Firewall().Names)), TraverseChildren: true, DisableFlagsInUseLine: true, } cmd.Flags().String("rules-file", "", "JSON file containing your routes (use - to read from stdin). The structure of the file needs to be the same as within the API: https://docs.hetzner.cloud/#firewalls-get-a-firewall") cmd.MarkFlagRequired("rules-file") return cmd }, Run: func(ctx context.Context, client hcapi2.Client, waiter state.ActionWaiter, cmd *cobra.Command, args []string) error { idOrName := args[0] firewall, _, err := client.Firewall().Get(ctx, idOrName) if err != nil { return err } if firewall == nil { return fmt.Errorf("Firewall not found: %v", idOrName) } opts := hcloud.FirewallSetRulesOpts{} rulesFile, _ := cmd.Flags().GetString("rules-file") var data []byte if rulesFile == "-" { data, err = ioutil.ReadAll(os.Stdin) } else { data, err = ioutil.ReadFile(rulesFile) } if err != nil { return err } var rules []schema.FirewallRule err = json.Unmarshal(data, &rules) if err != nil { return err } for _, rule := range rules { d := hcloud.FirewallRuleDirection(rule.Direction) r := hcloud.FirewallRule{ Direction: d, Protocol: hcloud.FirewallRuleProtocol(rule.Protocol), Port: rule.Port, Description: rule.Description, } switch d { case hcloud.FirewallRuleDirectionOut: r.DestinationIPs = make([]net.IPNet, len(rule.DestinationIPs)) for i, ip := range rule.DestinationIPs { _, n, err := net.ParseCIDR(ip) if err != nil { return fmt.Errorf("invalid CIDR on index %d : %s", i, err) } r.DestinationIPs[i] = *n } case hcloud.FirewallRuleDirectionIn: r.SourceIPs = make([]net.IPNet, len(rule.SourceIPs)) for i, ip := range rule.SourceIPs { _, n, err := net.ParseCIDR(ip) if err != nil { return fmt.Errorf("invalid CIDR on index %d : %s", i, err) } r.SourceIPs[i] = *n } } opts.Rules = append(opts.Rules, r) } actions, _, err := client.Firewall().SetRules(ctx, firewall, opts) if err != nil { return err } if err := waiter.WaitForActions(ctx, actions); err != nil { return err } cmd.Printf("Firewall Rules for Firewall %d updated\n", firewall.ID) return nil }, }
View Source
var UpdateCmd = base.UpdateCmd{ ResourceNameSingular: "Firewall", ShortDescription: "Update a firewall", NameSuggestions: func(c hcapi2.Client) func() []string { return c.Firewall().Names }, Fetch: func(ctx context.Context, client hcapi2.Client, cmd *cobra.Command, idOrName string) (interface{}, *hcloud.Response, error) { return client.Firewall().Get(ctx, idOrName) }, DefineFlags: func(cmd *cobra.Command) { cmd.Flags().String("name", "", "Firewall name") }, Update: func(ctx context.Context, client hcapi2.Client, cmd *cobra.Command, resource interface{}, flags map[string]pflag.Value) error { firewall := resource.(*hcloud.Firewall) updOpts := hcloud.FirewallUpdateOpts{ Name: flags["name"].String(), } _, _, err := client.Firewall().Update(ctx, firewall, updOpts) if err != nil { return err } return nil }, }
Functions ¶
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.