-
Notifications
You must be signed in to change notification settings - Fork 107
Expand file tree
/
Copy pathfirewalls.go
More file actions
148 lines (122 loc) · 5.14 KB
/
firewalls.go
File metadata and controls
148 lines (122 loc) · 5.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
package linodego
import (
"context"
"encoding/json"
"time"
"github.com/linode/linodego/internal/parseabletime"
)
// FirewallStatus enum type
type FirewallStatus string
// FirewallStatus enums start with Firewall
const (
FirewallEnabled FirewallStatus = "enabled"
FirewallDisabled FirewallStatus = "disabled"
FirewallDeleted FirewallStatus = "deleted"
)
// A Firewall is a set of networking rules (iptables) applied to Devices with which it is associated
type Firewall struct {
ID int `json:"id"`
Label string `json:"label"`
Status FirewallStatus `json:"status"`
Tags []string `json:"tags"`
Rules FirewallRuleSet `json:"rules"`
Entities []FirewallDeviceEntity `json:"entities"`
Created *time.Time `json:"-"`
Updated *time.Time `json:"-"`
}
// DevicesCreationOptions fields are used when adding devices during the Firewall creation process.
type DevicesCreationOptions struct {
Linodes []int `json:"linodes,omitempty"`
NodeBalancers []int `json:"nodebalancers,omitempty"`
LinodeInterfaces []int `json:"linode_interfaces,omitempty"`
}
// FirewallCreateOptions fields are those accepted by CreateFirewall
type FirewallCreateOptions struct {
Label string `json:"label,omitempty"`
Rules FirewallRuleSet `json:"rules"`
Tags []string `json:"tags,omitempty"`
Devices DevicesCreationOptions `json:"devices,omitzero"`
}
// FirewallUpdateOptions is an options struct used when Updating a Firewall
type FirewallUpdateOptions struct {
Label string `json:"label,omitempty"`
Status FirewallStatus `json:"status,omitempty"`
Tags *[]string `json:"tags,omitempty"`
}
// FirewallSettings represents the default firewalls for Linodes,
// Linode VPC and public interfaces, and NodeBalancers.
type FirewallSettings struct {
DefaultFirewallIDs DefaultFirewallIDs `json:"default_firewall_ids"`
}
type DefaultFirewallIDs struct {
Linode *int `json:"linode"`
NodeBalancer *int `json:"nodebalancer"`
PublicInterface *int `json:"public_interface"`
VPCInterface *int `json:"vpc_interface"`
}
// FirewallSettingsUpdateOptions is an options struct used when Updating FirewallSettings
type FirewallSettingsUpdateOptions struct {
DefaultFirewallIDs *DefaultFirewallIDsOptions `json:"default_firewall_ids,omitempty"`
}
type DefaultFirewallIDsOptions struct {
Linode **int `json:"linode,omitempty"`
NodeBalancer **int `json:"nodebalancer,omitempty"`
PublicInterface **int `json:"public_interface,omitempty"`
VPCInterface **int `json:"vpc_interface,omitempty"`
}
// GetUpdateOptions converts a Firewall to FirewallUpdateOptions for use in Client.UpdateFirewall.
func (f *Firewall) GetUpdateOptions() FirewallUpdateOptions {
return FirewallUpdateOptions{
Label: f.Label,
Status: f.Status,
Tags: &f.Tags,
}
}
// UnmarshalJSON for Firewall responses
func (f *Firewall) UnmarshalJSON(b []byte) error {
type Mask Firewall
p := struct {
*Mask
Created *parseabletime.ParseableTime `json:"created"`
Updated *parseabletime.ParseableTime `json:"updated"`
}{
Mask: (*Mask)(f),
}
if err := json.Unmarshal(b, &p); err != nil {
return err
}
f.Created = (*time.Time)(p.Created)
f.Updated = (*time.Time)(p.Updated)
return nil
}
// ListFirewalls returns a paginated list of Cloud Firewalls
func (c *Client) ListFirewalls(ctx context.Context, opts *ListOptions) ([]Firewall, error) {
return getPaginatedResults[Firewall](ctx, c, "networking/firewalls", opts)
}
// CreateFirewall creates a single Firewall with at least one set of inbound or outbound rules
func (c *Client) CreateFirewall(ctx context.Context, opts FirewallCreateOptions) (*Firewall, error) {
return doPOSTRequest[Firewall](ctx, c, "networking/firewalls", opts)
}
// GetFirewall gets a single Firewall with the provided ID
func (c *Client) GetFirewall(ctx context.Context, firewallID int) (*Firewall, error) {
e := formatAPIPath("networking/firewalls/%d", firewallID)
return doGETRequest[Firewall](ctx, c, e)
}
// UpdateFirewall updates a Firewall with the given ID
func (c *Client) UpdateFirewall(ctx context.Context, firewallID int, opts FirewallUpdateOptions) (*Firewall, error) {
e := formatAPIPath("networking/firewalls/%d", firewallID)
return doPUTRequest[Firewall](ctx, c, e, opts)
}
// DeleteFirewall deletes a single Firewall with the provided ID
func (c *Client) DeleteFirewall(ctx context.Context, firewallID int) error {
e := formatAPIPath("networking/firewalls/%d", firewallID)
return doDELETERequest(ctx, c, e)
}
// GetFirewallSettings returns default firewalls for Linodes, Linode VPC and public interfaces, and NodeBalancers.
func (c *Client) GetFirewallSettings(ctx context.Context) (*FirewallSettings, error) {
return doGETRequest[FirewallSettings](ctx, c, "networking/firewalls/settings")
}
// UpdateFirewallSettings updates the default firewalls for Linodes, Linode VPC and public interfaces, and NodeBalancers.
func (c *Client) UpdateFirewallSettings(ctx context.Context, opts FirewallSettingsUpdateOptions) (*FirewallSettings, error) {
return doPUTRequest[FirewallSettings](ctx, c, "networking/firewalls/settings", opts)
}