File: firewall_rule.go

package info (click to toggle)
golang-github-vultr-govultr 2.17.2-2
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, sid, trixie
  • size: 604 kB
  • sloc: makefile: 2
file content (128 lines) | stat: -rw-r--r-- 4,019 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
 
package govultr

import (
	"context"
	"fmt"
	"net/http"

	"github.com/google/go-querystring/query"
)

// FireWallRuleService is the interface to interact with the firewall rule endpoints on the Vultr API
// Link : https://www.vultr.com/api/#tag/firewall
type FireWallRuleService interface {
	Create(ctx context.Context, fwGroupID string, fwRuleReq *FirewallRuleReq) (*FirewallRule, error)
	Get(ctx context.Context, fwGroupID string, fwRuleID int) (*FirewallRule, error)
	Delete(ctx context.Context, fwGroupID string, fwRuleID int) error
	List(ctx context.Context, fwGroupID string, options *ListOptions) ([]FirewallRule, *Meta, error)
}

// FireWallRuleServiceHandler handles interaction with the firewall rule methods for the Vultr API
type FireWallRuleServiceHandler struct {
	client *Client
}

// FirewallRule represents a Vultr firewall rule
type FirewallRule struct {
	ID     int    `json:"id"`
	Action string `json:"action"`
	// Deprecated:  Type should no longer be used. Instead, use IPType.
	Type       string `json:"type"`
	IPType     string `json:"ip_type"`
	Protocol   string `json:"protocol"`
	Port       string `json:"port"`
	Subnet     string `json:"subnet"`
	SubnetSize int    `json:"subnet_size"`
	Source     string `json:"source"`
	Notes      string `json:"notes"`
}

// FirewallRuleReq struct used to create a FirewallRule.
type FirewallRuleReq struct {
	IPType     string `json:"ip_type"`
	Protocol   string `json:"protocol"`
	Subnet     string `json:"subnet"`
	SubnetSize int    `json:"subnet_size"`
	Port       string `json:"port,omitempty"`
	Source     string `json:"source,omitempty"`
	Notes      string `json:"notes,omitempty"`
}

type firewallRulesBase struct {
	FirewallRules []FirewallRule `json:"firewall_rules"`
	Meta          *Meta          `json:"meta"`
}

type firewallRuleBase struct {
	FirewallRule *FirewallRule `json:"firewall_rule"`
}

// Create will create a rule in a firewall group.
func (f *FireWallRuleServiceHandler) Create(ctx context.Context, fwGroupID string, fwRuleReq *FirewallRuleReq) (*FirewallRule, error) {
	uri := fmt.Sprintf("/v2/firewalls/%s/rules", fwGroupID)

	req, err := f.client.NewRequest(ctx, http.MethodPost, uri, fwRuleReq)
	if err != nil {
		return nil, err
	}

	firewallRule := new(firewallRuleBase)
	if err = f.client.DoWithContext(ctx, req, firewallRule); err != nil {
		return nil, err
	}

	return firewallRule.FirewallRule, nil
}

// Get will get a rule in a firewall group.
func (f *FireWallRuleServiceHandler) Get(ctx context.Context, fwGroupID string, fwRuleID int) (*FirewallRule, error) {
	uri := fmt.Sprintf("/v2/firewalls/%s/rules/%d", fwGroupID, fwRuleID)

	req, err := f.client.NewRequest(ctx, http.MethodGet, uri, nil)
	if err != nil {
		return nil, err
	}

	firewallRule := new(firewallRuleBase)
	if err = f.client.DoWithContext(ctx, req, firewallRule); err != nil {
		return nil, err
	}

	return firewallRule.FirewallRule, nil
}

// Delete will delete a firewall rule on your Vultr account
func (f *FireWallRuleServiceHandler) Delete(ctx context.Context, fwGroupID string, fwRuleID int) error {
	uri := fmt.Sprintf("/v2/firewalls/%s/rules/%d", fwGroupID, fwRuleID)

	req, err := f.client.NewRequest(ctx, http.MethodDelete, uri, nil)
	if err != nil {
		return err
	}

	return f.client.DoWithContext(ctx, req, nil)
}

// List will return both ipv4 an ipv6 firewall rules that are defined within a firewall group
func (f *FireWallRuleServiceHandler) List(ctx context.Context, fwGroupID string, options *ListOptions) ([]FirewallRule, *Meta, error) {
	uri := fmt.Sprintf("/v2/firewalls/%s/rules", fwGroupID)

	req, err := f.client.NewRequest(ctx, http.MethodGet, uri, nil)
	if err != nil {
		return nil, nil, err
	}

	newValues, err := query.Values(options)
	if err != nil {
		return nil, nil, err
	}

	req.URL.RawQuery = newValues.Encode()

	firewallRule := new(firewallRulesBase)
	if err = f.client.DoWithContext(ctx, req, firewallRule); err != nil {
		return nil, nil, err
	}

	return firewallRule.FirewallRules, firewallRule.Meta, nil
}