forked from linode/linodego
-
Notifications
You must be signed in to change notification settings - Fork 0
/
firewall_rules.go
76 lines (65 loc) · 2.2 KB
/
firewall_rules.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
package linodego
import (
"context"
"encoding/json"
)
// NetworkProtocol enum type
type NetworkProtocol string
// NetworkProtocol enum values
const (
TCP NetworkProtocol = "TCP"
UDP NetworkProtocol = "UDP"
ICMP NetworkProtocol = "ICMP"
)
// NetworkAddresses are arrays of ipv4 and v6 addresses
type NetworkAddresses struct {
IPv4 *[]string `json:"ipv4,omitempty"`
IPv6 *[]string `json:"ipv6,omitempty"`
}
// A FirewallRule is a whitelist of ports, protocols, and addresses for which traffic should be allowed.
type FirewallRule struct {
Action string `json:"action"`
Label string `json:"label"`
Description string `json:"description,omitempty"`
Ports string `json:"ports,omitempty"`
Protocol NetworkProtocol `json:"protocol"`
Addresses NetworkAddresses `json:"addresses"`
}
// FirewallRuleSet is a pair of inbound and outbound rules that specify what network traffic should be allowed.
type FirewallRuleSet struct {
Inbound []FirewallRule `json:"inbound"`
InboundPolicy string `json:"inbound_policy"`
Outbound []FirewallRule `json:"outbound"`
OutboundPolicy string `json:"outbound_policy"`
}
// GetFirewallRules gets the FirewallRuleSet for the given Firewall.
func (c *Client) GetFirewallRules(ctx context.Context, firewallID int) (*FirewallRuleSet, error) {
e, err := c.FirewallRules.endpointWithParams(firewallID)
if err != nil {
return nil, err
}
r, err := coupleAPIErrors(c.R(ctx).SetResult(&FirewallRuleSet{}).Get(e))
if err != nil {
return nil, err
}
return r.Result().(*FirewallRuleSet), nil
}
// UpdateFirewallRules updates the FirewallRuleSet for the given Firewall
func (c *Client) UpdateFirewallRules(ctx context.Context, firewallID int, rules FirewallRuleSet) (*FirewallRuleSet, error) {
e, err := c.FirewallRules.endpointWithParams(firewallID)
if err != nil {
return nil, err
}
var body string
req := c.R(ctx).SetResult(&FirewallRuleSet{})
if bodyData, err := json.Marshal(rules); err == nil {
body = string(bodyData)
} else {
return nil, NewError(err)
}
r, err := coupleAPIErrors(req.SetBody(body).Put(e))
if err != nil {
return nil, err
}
return r.Result().(*FirewallRuleSet), nil
}