/
fw.go
157 lines (129 loc) · 4.41 KB
/
fw.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
package router
import (
"github.com/PaloAltoNetworks/pango/namespace"
"github.com/PaloAltoNetworks/pango/util"
)
// Firewall is the client.Network.VirtualRouter namespace.
type Firewall struct {
ns *namespace.Importable
}
/*
SetInterface performs a SET to add an interface to a virtual router.
The virtual router can be either a string or an Entry object.
*/
func (c *Firewall) SetInterface(vr interface{}, iface string) error {
names, err := toNames([]interface{}{vr})
if err != nil {
return err
}
name := names[0]
c.ns.Client.LogAction("(set) interface for %s %q: %s", singular, name, iface)
path, _ := c.xpath([]string{name})
path = append(path, "interface")
_, err = c.ns.Client.Set(path, util.Member{Value: iface}, nil, nil)
return err
}
/*
DeleteInterface performs a DELETE to remove an interface from a virtual router.
The virtual router can be either a string or an Entry object.
*/
func (c *Firewall) DeleteInterface(vr interface{}, iface string) error {
names, err := toNames([]interface{}{vr})
if err != nil {
return err
}
name := names[0]
c.ns.Client.LogAction("(delete) interface for %s %q: %s", singular, name, iface)
path, _ := c.xpath([]string{name})
path = append(path, "interface", util.AsMemberXpath([]string{iface}))
_, err = c.ns.Client.Delete(path, nil, nil)
return err
}
// GetList performs GET to retrieve a list of all objects.
func (c *Firewall) GetList() ([]string, error) {
ans := c.container()
return c.ns.Listing(util.Get, c.pather(), ans)
}
// ShowList performs a SHOW to retrieve a list of all objects.
func (c *Firewall) ShowList() ([]string, error) {
ans := c.container()
return c.ns.Listing(util.Show, c.pather(), ans)
}
// Get performs GET to retrieve configuration for the given object.
func (c *Firewall) Get(name string) (Entry, error) {
ans := c.container()
err := c.ns.Object(util.Get, c.pather(), name, ans)
return first(ans, err)
}
// Show performs SHOW to retrieve configuration for the given object.
func (c *Firewall) Show(name string) (Entry, error) {
ans := c.container()
err := c.ns.Object(util.Show, c.pather(), name, ans)
return first(ans, err)
}
// GetAll performs GET to retrieve all objects configured.
func (c *Firewall) GetAll() ([]Entry, error) {
ans := c.container()
err := c.ns.Objects(util.Get, c.pather(), ans)
return all(ans, err)
}
// ShowAll performs SHOW to retrieve all objects configured.
func (c *Firewall) ShowAll() ([]Entry, error) {
ans := c.container()
err := c.ns.Objects(util.Show, c.pather(), ans)
return all(ans, err)
}
// Set performs SET to configure the specified objects.
func (c *Firewall) Set(vsys string, e ...Entry) error {
return c.ns.Set("", "", vsys, c.pather(), specifier(e...))
}
// Edit performs EDIT to configure the specified object.
func (c *Firewall) Edit(vsys string, e Entry) error {
return c.ns.Edit("", "", vsys, c.pather(), e)
}
// Delete performs DELETE to remove the specified objects.
//
// Objects can be either a string or an Entry object.
func (c *Firewall) Delete(e ...interface{}) error {
names, nErr := toNames(e)
return c.ns.Delete("", "", c.pather(), names, nErr)
}
// CleanupDefault clears the `default` route configuration instead of deleting
// it outright. This involves unimporting the route "default" from the given
// vsys, then performing an `EDIT` with an empty router.Entry object.
func (c *Firewall) CleanupDefault() error {
c.ns.Client.LogAction("(action) cleaning up %s: default", c.ns.Singular)
// Cleanup the interfaces the virtual router refers to.
info := Entry{Name: "default"}
return c.Edit("", info)
}
// FromPanosConfig retrieves the object stored in the retrieved config.
func (c *Firewall) FromPanosConfig(name string) (Entry, error) {
ans := c.container()
err := c.ns.FromPanosConfig(c.pather(), name, ans)
return first(ans, err)
}
// AllFromPanosConfig retrieves all objects stored in the retrieved config.
func (c *Firewall) AllFromPanosConfig() ([]Entry, error) {
ans := c.container()
err := c.ns.AllFromPanosConfig(c.pather(), ans)
return all(ans, err)
}
func (c *Firewall) pather() namespace.Pather {
return func(v []string) ([]string, error) {
return c.xpath(v)
}
}
func (c *Firewall) xpath(vals []string) ([]string, error) {
return []string{
"config",
"devices",
util.AsEntryXpath([]string{"localhost.localdomain"}),
"network",
"virtual-router",
util.AsEntryXpath(vals),
}, nil
}
func (c *Firewall) container() normalizer {
return container(c.ns.Client.Versioning())
}