Merge pull request #36 from janeczku/firewall

Adds support for firewall API in lib and CLI
JamesClonk · Jun 18, 2017 · b29240b · b29240b
2 parents d1ca9b7 + fd3699d
commit b29240b
Show file tree

Hide file tree

Showing 7 changed files with 594 additions and 4 deletions.
diff --git a/cmd/commands.go b/cmd/commands.go
@@ -25,6 +25,20 @@ func (c *CLI) RegisterCommands() {
 		})
 	})
 
+	// firewall
+	c.Command("firewall", "modify firewall groups and rules", func(cmd *cli.Cmd) {
+		cmd.Command("group", "show and change firewall groups", func(cmd *cli.Cmd) {
+			cmd.Command("create", "create a firewall group", firewallGroupCreate)
+			cmd.Command("delete", "delete a firewall group", firewallGroupDelete)
+			cmd.Command("list", "list all firewall groups", firewallGroupList)
+		})
+		cmd.Command("rule", "show and change firewall rules", func(cmd *cli.Cmd) {
+			cmd.Command("create", "create a firewall rule", firewallRuleCreate)
+			cmd.Command("delete", "delete a firewall rule", firewallRuleDelete)
+			cmd.Command("list", "list all firewall rules in a group", firewallRuleList)
+		})
+	})
+
 	// info
 	c.Command("info", "display account information", accountInfo)
 

diff --git a/cmd/commands_firewall.go b/cmd/commands_firewall.go
@@ -0,0 +1,155 @@
+package cmd
+
+import (
+	"fmt"
+	"log"
+	"net"
+
+	"github.com/jawher/mow.cli"
+)
+
+func firewallGroupCreate(cmd *cli.Cmd) {
+	cmd.Spec = "[DESCRIPTION]"
+
+	desc := cmd.StringArg("DESCRIPTION", "", "Optional description for the new group")
+
+	cmd.Action = func() {
+		id, err := GetClient().CreateFirewallGroup(*desc)
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		fmt.Printf("Firewall group created\n\n")
+		lengths := []int{10, 64}
+		tabsPrint(columns{"GROUP_ID", "DESCRIPTION"}, lengths)
+		tabsPrint(columns{id, *desc}, lengths)
+		tabsFlush()
+	}
+}
+
+func firewallGroupDelete(cmd *cli.Cmd) {
+	cmd.Spec = "GROUP_ID"
+
+	gid := cmd.StringArg("GROUP_ID", "", "Firewall group ID")
+
+	cmd.Action = func() {
+		if err := GetClient().DeleteFirewallGroup(*gid); err != nil {
+			log.Fatal(err)
+		}
+
+		fmt.Printf("Firewall group %s deleted\n", *gid)
+	}
+}
+
+func firewallGroupList(cmd *cli.Cmd) {
+	cmd.Action = func() {
+		groups, err := GetClient().GetFirewallGroups()
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		if len(groups) == 0 {
+			fmt.Println()
+			return
+		}
+
+		lengths := []int{10, 64, 12, 16}
+		tabsPrint(columns{"GROUP_ID", "DESCRIPTION", "RULE_COUNT", "INSTANCE_COUNT"}, lengths)
+		for _, g := range groups {
+			tabsPrint(columns{
+				g.ID,
+				g.Description,
+				g.RuleCount,
+				g.InstanceCount,
+			}, lengths)
+		}
+		tabsFlush()
+	}
+}
+
+func firewallRuleCreate(cmd *cli.Cmd) {
+	cmd.Spec = "-g -n ((--tcp --port) | (--udp --port) | --icmp | --gre)"
+	gid := cmd.StringOpt("g group-id", "", "Firewall group ID (see <firewall group list>)")
+	cidr := cmd.StringOpt("n network", "0.0.0.0/0", "IPv4/IPv6 network in CIDR notation")
+	tcp := cmd.BoolOpt("tcp", false, "TCP protocol")
+	udp := cmd.BoolOpt("udp", false, "UDP protocol")
+	icmp := cmd.BoolOpt("icmp", false, "ICMP protocol")
+	gre := cmd.BoolOpt("gre", false, "GRE protocol")
+	port := cmd.StringOpt("port", "", "Port number or port range (TCP/UDP only)")
+
+	cmd.Action = func() {
+		var protocol string
+		switch {
+		case *tcp:
+			protocol = "tcp"
+		case *udp:
+			protocol = "udp"
+		case *icmp:
+			protocol = "icmp"
+		case *gre:
+			protocol = "gre"
+		}
+
+		_, network, err := net.ParseCIDR(*cidr)
+		if err != nil {
+			log.Fatalf("Invalid network CIDR: %s", *cidr)
+		}
+
+		ruleNum, err := GetClient().CreateFirewallRule(*gid, protocol, *port, network)
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		fmt.Printf("Firewall rule created\n\n")
+		lengths := []int{10, 10, 10, 12, 20}
+		tabsPrint(columns{"GROUP_ID", "RULE_NUM", "PROTOCOL", "PORT", "NETWORK"}, lengths)
+		tabsPrint(columns{*gid, ruleNum, protocol, *port, network}, lengths)
+		tabsFlush()
+	}
+}
+
+func firewallRuleDelete(cmd *cli.Cmd) {
+	cmd.Spec = "GROUP_ID RULE_NUM"
+
+	gid := cmd.StringArg("GROUP_ID", "", "Firewall group ID")
+	rule := cmd.IntArg("RULE_NUM", 0, "Firewall rule number")
+
+	cmd.Action = func() {
+		if err := GetClient().DeleteFirewallRule(*rule, *gid); err != nil {
+			log.Fatal(err)
+		}
+
+		fmt.Printf("Firewall rule %d in group %s deleted\n", *rule, *gid)
+	}
+}
+
+func firewallRuleList(cmd *cli.Cmd) {
+	cmd.Spec = "GROUP_ID"
+
+	gid := cmd.StringArg("GROUP_ID", "", "Firewall group ID (see <firewall group list>)")
+
+	cmd.Action = func() {
+		rules, err := GetClient().GetFirewallRules(*gid)
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		if len(rules) == 0 {
+			fmt.Println()
+			return
+		}
+
+		lengths := []int{10, 10, 8, 12, 20}
+		tabsPrint(columns{"RULE_NUM", "ACTION", "PROTOCOL", "PORT", "NETWORK"}, lengths)
+		for _, r := range rules {
+			tabsPrint(columns{
+				r.RuleNumber,
+				r.Action,
+				r.Protocol,
+				r.Port,
+				r.Network.String(),
+			}, lengths)
+		}
+		tabsFlush()
+	}
+}
diff --git a/cmd/commands_servers.go b/cmd/commands_servers.go
@@ -341,6 +341,9 @@ func serversShow(cmd *cli.Cmd) {
 			tabsPrint(columns{fmt.Sprintf("#%d IPv6 Network:", n+1), v6network.Network}, lengths)
 			tabsPrint(columns{fmt.Sprintf("#%d IPv6 Network Size:", n+1), v6network.NetworkSize}, lengths)
 		}
+		if len(server.FirewallGroupID) != 0 {
+			tabsPrint(columns{"Firewall Group ID:", server.FirewallGroupID}, lengths)
+		}
 		tabsPrint(columns{"Created date:", server.Created}, lengths)
 		tabsPrint(columns{"Default password:", server.DefaultPassword}, lengths)
 		tabsPrint(columns{"Auto backups:", server.AutoBackups}, lengths)