start API for IPSet

[pve-firewall.git] / src / PVE / API2 / Firewall / Cluster.pm

diff --git a/src/PVE/API2/Firewall/Cluster.pm b/src/PVE/API2/Firewall/Cluster.pm
index b76c9245190a2fd5a4f200ba05cefa52aec0b736..b270010ff435eb344be1bc1470ce7fdd16207e4b 100644 (file)
--- a/src/PVE/API2/Firewall/Cluster.pm
+++ b/src/PVE/API2/Firewall/Cluster.pm
@@ -8,6 +8,7 @@ use PVE::JSONSchema qw(get_standard_option);
 use PVE::Firewall;
 use PVE::API2::Firewall::Rules;
 use PVE::API2::Firewall::Groups;
+use PVE::API2::Firewall::IPSet;
 
 #fixme: locking?
 
@@ -178,4 +179,45 @@ __PACKAGE__->register_method({
        return $res;
     }});
 
+__PACKAGE__->register_method({
+    name => 'ipset',
+    path => 'ipset',
+    method => 'GET',
+    description => "List IPSets",
+    parameters => {
+       additionalProperties => 0,
+    },
+    returns => {
+       type => 'array',
+       items => {
+           type => "object",
+           properties => { 
+               name => {
+                   description => "IPSet name.",
+                   type => 'string',
+               },
+           },
+       },
+       links => [ { rel => 'child', href => "{name}" } ],
+    },
+    code => sub {
+       my ($param) = @_;
+
+       my $cluster_conf = PVE::Firewall::load_clusterfw_conf();
+
+       my $res = [];
+       foreach my $name (keys %{$cluster_conf->{ipset}}) {
+           push @$res, { name => $name, count => scalar(@{$cluster_conf->{ipset}->{$name}}) };
+       }
+
+       return $res;
+    }});
+
+__PACKAGE__->register_method ({
+    subclass => "PVE::API2::Firewall::ClusterIPset",  
+    path => 'ipset/{name}',
+    # set fragment delimiter (no subdirs) - we need that, because CIDR address contain a slash '/' 
+    fragmentDelimiter => '', 
+});
+
 1;