src/PVE/API2/Firewall/Host.pm

   1 package PVE::API2::Firewall::Host;
   2
   3 use strict;
   4 use warnings;
   5 use PVE::JSONSchema qw(get_standard_option);
   6
   7 use PVE::Firewall;
   8
   9
  10 use Data::Dumper; # fixme: remove
  11
  12 use base qw(PVE::RESTHandler);
  13
  14 __PACKAGE__->register_method({
  15     name => 'index',
  16     path => '',
  17     method => 'GET',
  18     permissions => { user => 'all' },
  19     description => "Directory index.",
  20     parameters => {
  21         additionalProperties => 0,
  22         properties => {
  23             node => get_standard_option('pve-node'),
  24         },
  25     },
  26     returns => {
  27         type => 'array',
  28         items => {
  29             type => "object",
  30             properties => {},
  31         },
  32         links => [ { rel => 'child', href => "{name}" } ],
  33     },
  34     code => sub {
  35         my ($param) = @_;
  36
  37         my $result = [
  38             { name => 'rules' },
  39             { name => 'options' },
  40             ];
  41
  42         return $result;
  43     }});
  44
  45 __PACKAGE__->register_method({
  46     name => 'get_rules',
  47     path => 'rules',
  48     method => 'GET',
  49     description => "List host firewall rules.",
  50     proxyto => 'node',
  51     parameters => {
  52         additionalProperties => 0,
  53         properties => {
  54             node => get_standard_option('pve-node'),
  55         },
  56     },
  57     returns => {
  58         type => 'array',
  59         items => {
  60             type => "object",
  61             properties => {},
  62         },
  63     },
  64     code => sub {
  65         my ($param) = @_;
  66
  67         my $hostfw_conf = PVE::Firewall::load_hostfw_conf();
  68
  69         my $rules = $hostfw_conf->{rules} || [];
  70
  71         my $digest = $hostfw_conf->{digest};
  72
  73         my $res = [];
  74
  75         my $ind = 0;
  76         foreach my $rule (@$rules) {
  77             push @$res, PVE::Firewall::cleanup_fw_rule($rule, $digest, $ind++);
  78         }
  79
  80         return $res;
  81     }});
  82
  83 __PACKAGE__->register_method({
  84     name => 'get_options',
  85     path => 'options',
  86     method => 'GET',
  87     description => "Get host firewall options.",
  88     proxyto => 'node',
  89     parameters => {
  90         additionalProperties => 0,
  91         properties => {
  92             node => get_standard_option('pve-node'),
  93         },
  94     },
  95     returns => {
  96         type => "object",
  97         properties => {},
  98     },
  99     code => sub {
 100         my ($param) = @_;
 101
 102         my $hostfw_conf = PVE::Firewall::load_hostfw_conf();
 103
 104         my $options = $hostfw_conf->{options} || {};
 105
 106         my $digest = $hostfw_conf->{digest};
 107
 108         $options->{digest} = $digest;
 109
 110         return $options;
 111     }});
 112
 113 1;