]>
Commit | Line | Data |
---|---|---|
1 | package PVE::API2::Firewall::VM; | |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | use PVE::JSONSchema qw(get_standard_option); | |
6 | use PVE::Cluster; | |
7 | use PVE::Firewall; | |
8 | ||
9 | use Data::Dumper; # fixme: remove | |
10 | ||
11 | use base qw(PVE::RESTHandler); | |
12 | ||
13 | __PACKAGE__->register_method({ | |
14 | name => 'index', | |
15 | path => '', | |
16 | method => 'GET', | |
17 | permissions => { user => 'all' }, | |
18 | description => "Directory index.", | |
19 | parameters => { | |
20 | additionalProperties => 0, | |
21 | properties => { | |
22 | node => get_standard_option('pve-node'), | |
23 | vmid => get_standard_option('pve-vmid'), | |
24 | }, | |
25 | }, | |
26 | returns => { | |
27 | type => 'array', | |
28 | items => { | |
29 | type => "object", | |
30 | properties => {}, | |
31 | }, | |
32 | links => [ { rel => 'child', href => "{name}" } ], | |
33 | }, | |
34 | code => sub { | |
35 | my ($param) = @_; | |
36 | ||
37 | my $result = [ | |
38 | { name => 'rules' }, | |
39 | { name => 'options' }, | |
40 | ]; | |
41 | ||
42 | return $result; | |
43 | }}); | |
44 | ||
45 | __PACKAGE__->register_method({ | |
46 | name => 'get_rules', | |
47 | path => 'rules', | |
48 | method => 'GET', | |
49 | description => "List VM firewall rules.", | |
50 | proxyto => 'node', | |
51 | parameters => { | |
52 | additionalProperties => 0, | |
53 | properties => { | |
54 | node => get_standard_option('pve-node'), | |
55 | vmid => get_standard_option('pve-vmid'), | |
56 | }, | |
57 | }, | |
58 | returns => { | |
59 | type => 'array', | |
60 | items => { | |
61 | type => "object", | |
62 | properties => {}, | |
63 | }, | |
64 | }, | |
65 | code => sub { | |
66 | my ($param) = @_; | |
67 | ||
68 | my $vmid = $param->{vmid}; | |
69 | ||
70 | my $vmlist = PVE::Cluster::get_vmlist(); | |
71 | ||
72 | die "no such VM ('$vmid')\n" | |
73 | if !($vmlist && $vmlist->{ids} && defined($vmlist->{ids}->{$vmid})); | |
74 | ||
75 | my $vmfw_conf = PVE::Firewall::load_vmfw_conf($vmid); | |
76 | ||
77 | my $rules = $vmfw_conf->{rules} || []; | |
78 | ||
79 | my $digest = $vmfw_conf->{digest}; | |
80 | ||
81 | my $res = []; | |
82 | ||
83 | my $ind = 0; | |
84 | foreach my $rule (@$rules) { | |
85 | push @$res, PVE::Firewall::cleanup_fw_rule($rule, $digest, $ind++); | |
86 | } | |
87 | ||
88 | return $res; | |
89 | }}); | |
90 | ||
91 | __PACKAGE__->register_method({ | |
92 | name => 'get_options', | |
93 | path => 'options', | |
94 | method => 'GET', | |
95 | description => "Get host firewall options.", | |
96 | proxyto => 'node', | |
97 | parameters => { | |
98 | additionalProperties => 0, | |
99 | properties => { | |
100 | node => get_standard_option('pve-node'), | |
101 | vmid => get_standard_option('pve-vmid'), | |
102 | }, | |
103 | }, | |
104 | returns => { | |
105 | type => "object", | |
106 | properties => {}, | |
107 | }, | |
108 | code => sub { | |
109 | my ($param) = @_; | |
110 | ||
111 | my $vmid = $param->{vmid}; | |
112 | ||
113 | my $vmlist = PVE::Cluster::get_vmlist(); | |
114 | ||
115 | die "no such VM ('$vmid')\n" | |
116 | if !($vmlist && $vmlist->{ids} && defined($vmlist->{ids}->{$vmid})); | |
117 | ||
118 | my $vmfw_conf = PVE::Firewall::load_vmfw_conf($vmid); | |
119 | ||
120 | my $options = $vmfw_conf->{options} || {}; | |
121 | ||
122 | my $digest = $vmfw_conf->{digest}; | |
123 | ||
124 | $options->{digest} = $digest; | |
125 | ||
126 | return $options; | |
127 | }}); | |
128 | ||
129 | 1; |