firewalls.go raw

   1  package linodego
   2  
   3  import (
   4  	"context"
   5  	"encoding/json"
   6  	"time"
   7  
   8  	"github.com/linode/linodego/internal/parseabletime"
   9  )
  10  
  11  // FirewallStatus enum type
  12  type FirewallStatus string
  13  
  14  // FirewallStatus enums start with Firewall
  15  const (
  16  	FirewallEnabled  FirewallStatus = "enabled"
  17  	FirewallDisabled FirewallStatus = "disabled"
  18  	FirewallDeleted  FirewallStatus = "deleted"
  19  )
  20  
  21  // A Firewall is a set of networking rules (iptables) applied to Devices with which it is associated
  22  type Firewall struct {
  23  	ID      int             `json:"id"`
  24  	Label   string          `json:"label"`
  25  	Status  FirewallStatus  `json:"status"`
  26  	Tags    []string        `json:"tags,omitempty"`
  27  	Rules   FirewallRuleSet `json:"rules"`
  28  	Created *time.Time      `json:"-"`
  29  	Updated *time.Time      `json:"-"`
  30  }
  31  
  32  // DevicesCreationOptions fields are used when adding devices during the Firewall creation process.
  33  type DevicesCreationOptions struct {
  34  	Linodes       []int `json:"linodes,omitempty"`
  35  	NodeBalancers []int `json:"nodebalancers,omitempty"`
  36  	Interfaces    []int `json:"interfaces,omitempty"`
  37  }
  38  
  39  // FirewallCreateOptions fields are those accepted by CreateFirewall
  40  type FirewallCreateOptions struct {
  41  	Label   string                 `json:"label,omitempty"`
  42  	Rules   FirewallRuleSet        `json:"rules"`
  43  	Tags    []string               `json:"tags,omitempty"`
  44  	Devices DevicesCreationOptions `json:"devices,omitzero"`
  45  }
  46  
  47  // FirewallUpdateOptions is an options struct used when Updating a Firewall
  48  type FirewallUpdateOptions struct {
  49  	Label  string         `json:"label,omitempty"`
  50  	Status FirewallStatus `json:"status,omitempty"`
  51  	Tags   *[]string      `json:"tags,omitempty"`
  52  }
  53  
  54  // FirewallSettings represents the default firewalls for Linodes,
  55  // Linode VPC and public interfaces, and NodeBalancers.
  56  type FirewallSettings struct {
  57  	DefaultFirewallIDs DefaultFirewallIDs `json:"default_firewall_ids"`
  58  }
  59  
  60  type DefaultFirewallIDs struct {
  61  	Linode          *int `json:"linode"`
  62  	NodeBalancer    *int `json:"nodebalancer"`
  63  	PublicInterface *int `json:"public_interface"`
  64  	VPCInterface    *int `json:"vpc_interface"`
  65  }
  66  
  67  // FirewallSettingsUpdateOptions is an options struct used when Updating FirewallSettings
  68  type FirewallSettingsUpdateOptions struct {
  69  	DefaultFirewallIDs *DefaultFirewallIDsOptions `json:"default_firewall_ids,omitempty"`
  70  }
  71  
  72  type DefaultFirewallIDsOptions struct {
  73  	Linode          **int `json:"linode,omitempty"`
  74  	NodeBalancer    **int `json:"nodebalancer,omitempty"`
  75  	PublicInterface **int `json:"public_interface,omitempty"`
  76  	VPCInterface    **int `json:"vpc_interface,omitempty"`
  77  }
  78  
  79  // GetUpdateOptions converts a Firewall to FirewallUpdateOptions for use in Client.UpdateFirewall.
  80  func (f *Firewall) GetUpdateOptions() FirewallUpdateOptions {
  81  	return FirewallUpdateOptions{
  82  		Label:  f.Label,
  83  		Status: f.Status,
  84  		Tags:   &f.Tags,
  85  	}
  86  }
  87  
  88  // UnmarshalJSON for Firewall responses
  89  func (f *Firewall) UnmarshalJSON(b []byte) error {
  90  	type Mask Firewall
  91  
  92  	p := struct {
  93  		*Mask
  94  
  95  		Created *parseabletime.ParseableTime `json:"created"`
  96  		Updated *parseabletime.ParseableTime `json:"updated"`
  97  	}{
  98  		Mask: (*Mask)(f),
  99  	}
 100  
 101  	if err := json.Unmarshal(b, &p); err != nil {
 102  		return err
 103  	}
 104  
 105  	f.Created = (*time.Time)(p.Created)
 106  	f.Updated = (*time.Time)(p.Updated)
 107  
 108  	return nil
 109  }
 110  
 111  // ListFirewalls returns a paginated list of Cloud Firewalls
 112  func (c *Client) ListFirewalls(ctx context.Context, opts *ListOptions) ([]Firewall, error) {
 113  	return getPaginatedResults[Firewall](ctx, c, "networking/firewalls", opts)
 114  }
 115  
 116  // CreateFirewall creates a single Firewall with at least one set of inbound or outbound rules
 117  func (c *Client) CreateFirewall(ctx context.Context, opts FirewallCreateOptions) (*Firewall, error) {
 118  	return doPOSTRequest[Firewall](ctx, c, "networking/firewalls", opts)
 119  }
 120  
 121  // GetFirewall gets a single Firewall with the provided ID
 122  func (c *Client) GetFirewall(ctx context.Context, firewallID int) (*Firewall, error) {
 123  	e := formatAPIPath("networking/firewalls/%d", firewallID)
 124  	return doGETRequest[Firewall](ctx, c, e)
 125  }
 126  
 127  // UpdateFirewall updates a Firewall with the given ID
 128  func (c *Client) UpdateFirewall(ctx context.Context, firewallID int, opts FirewallUpdateOptions) (*Firewall, error) {
 129  	e := formatAPIPath("networking/firewalls/%d", firewallID)
 130  	return doPUTRequest[Firewall](ctx, c, e, opts)
 131  }
 132  
 133  // DeleteFirewall deletes a single Firewall with the provided ID
 134  func (c *Client) DeleteFirewall(ctx context.Context, firewallID int) error {
 135  	e := formatAPIPath("networking/firewalls/%d", firewallID)
 136  	return doDELETERequest(ctx, c, e)
 137  }
 138  
 139  // GetFirewallSettings returns default firewalls for Linodes, Linode VPC and public interfaces, and NodeBalancers.
 140  func (c *Client) GetFirewallSettings(ctx context.Context) (*FirewallSettings, error) {
 141  	return doGETRequest[FirewallSettings](ctx, c, "networking/firewalls/settings")
 142  }
 143  
 144  // UpdateFirewallSettings updates the default firewalls for Linodes, Linode VPC and public interfaces, and NodeBalancers.
 145  func (c *Client) UpdateFirewallSettings(ctx context.Context, opts FirewallSettingsUpdateOptions) (*FirewallSettings, error) {
 146  	return doPUTRequest[FirewallSettings](ctx, c, "networking/firewalls/settings", opts)
 147  }
 148