This repository has been archived by the owner on Nov 7, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
accessRule.go
143 lines (117 loc) · 3.43 KB
/
accessRule.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
package goftd
import (
"encoding/json"
"fmt"
"strconv"
"github.com/golang/glog"
)
// AccessRule Access Rule Object
type AccessRule struct {
ReferenceObject
RuleID int `json:"ruleId,omitempty"`
SourceZones []*ReferenceObject `json:"sourceZones,omitempty"`
DestinationZones []*ReferenceObject `json:"destinationZones,omitempty"`
SourceNetworks []*ReferenceObject `json:"sourceNetworks,omitempty"`
DestinationNetworks []*ReferenceObject `json:"destinationNetworks,omitempty"`
SourcePorts []*ReferenceObject `json:"sourcePorts,omitempty"`
DestinationPorts []*ReferenceObject `json:"destinationPorts,omitempty"`
RuleAction string `json:"ruleAction,omitempty"`
EventLogAction string `json:"eventLogAction,omitempty"`
VLANTags []*ReferenceObject `json:"vlanTags,omitempty"`
Users []*ReferenceObject `json:"users,omitempty"`
IntrusionPolicy *ReferenceObject `json:"intrusionPolicy,omitempty"`
FilePolicy *ReferenceObject `json:"filePolicy,omitempty"`
LogFiles bool `json:"logFiles,omitempty"`
SyslogServer *ReferenceObject `json:"syslogServer,omitempty"`
Links *Links `json:"links,omitempty"`
parent string
}
// Reference Returns a reference object
func (a *AccessRule) Reference() *ReferenceObject {
r := ReferenceObject{
ID: a.ID,
Name: a.Name,
Version: a.Version,
Type: a.Type,
}
return &r
}
// GetAccessRules Get a list of access rules
func (f *FTD) GetAccessRules(policy string, limit int) ([]*AccessRule, error) {
var err error
filter := make(map[string]string)
filter["limit"] = strconv.Itoa(limit)
endpoint := fmt.Sprintf("policy/accesspolicies/%s/accessrules", policy)
data, err := f.Get(endpoint, filter)
if err != nil {
return nil, err
}
var v struct {
Items []*AccessRule `json:"items"`
}
err = json.Unmarshal(data, &v)
if err != nil {
if f.debug {
glog.Errorf("Error: %s\n", err)
}
return nil, err
}
return v.Items, nil
}
func (f *FTD) getAccessRuleBy(filterString, policy string) ([]*AccessRule, error) {
var err error
filter := make(map[string]string)
filter["filter"] = filterString
endpoint := fmt.Sprintf("policy/accesspolicies/%s/accessrules", policy)
data, err := f.Get(endpoint, filter)
if err != nil {
return nil, err
}
var v struct {
Items []*AccessRule `json:"items"`
}
err = json.Unmarshal(data, &v)
if err != nil {
if f.debug {
glog.Errorf("Error: %s\n", err)
}
return nil, err
}
return v.Items, nil
}
// CreateAccessRule Create a new access rule
func (f *FTD) CreateAccessRule(n *AccessRule, policy string) error {
var err error
// Define expected type for this object
n.Type = "accessrule"
endpoint := fmt.Sprintf("policy/accesspolicies/%s/accessrules", policy)
data, err := f.Post(endpoint, n)
if err != nil {
if f.debug {
glog.Errorf("Error: %s\n", err)
}
return err
}
err = json.Unmarshal(data, &n)
if err != nil {
if f.debug {
glog.Errorf("Error: %s\n", err)
}
return err
}
n.parent = policy
return nil
}
// DeleteAccessRule Delete an access rule
func (f *FTD) DeleteAccessRule(n *AccessRule) error {
var err error
endpoint := fmt.Sprintf("policy/accesspolicies/%s/accessrules/%s", n.parent, n.ID)
err = f.Delete(endpoint)
if err != nil {
if f.debug {
glog.Errorf("Error: %s\n", err)
}
return err
}
return nil
}