-
Notifications
You must be signed in to change notification settings - Fork 51
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(no-release): Added ipv6 filter data (#496)
* added ipv6 filter data entry Signed-off-by: dn <dn@nuvotex.de> * fixed test Signed-off-by: dn <dn@nuvotex.de> * docs: Small changes for the current PR --------- Signed-off-by: dn <dn@nuvotex.de> Co-authored-by: Vaerh <vaerh@tutanota.com>
- Loading branch information
1 parent
8571dea
commit 6d45e88
Showing
12 changed files
with
388 additions
and
54 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
data "routeros_ip_firewall" "fw" { | ||
rules { | ||
filter = { | ||
chain = "input" | ||
comment = "rule_2" | ||
} | ||
} | ||
|
||
rules { | ||
filter = { | ||
chain = "forward" | ||
} | ||
} | ||
|
||
nat {} | ||
} | ||
|
||
output "rules" { | ||
value = [for value in data.routeros_ip_firewall.fw.rules: [value.id, value.src_address]] | ||
} | ||
|
||
output "nat" { | ||
value = [for value in data.routeros_ip_firewall.fw.nat: [value.id, value.comment]] | ||
} | ||
|
||
resource "routeros_ip_firewall" "rule_3" { | ||
action = "accept" | ||
chain = "input" | ||
comment = "rule_3" | ||
src_address = "192.168.0.5" | ||
place_before = "${data.routeros_ip_firewall_filter.fw.rules[0].id}" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
package routeros | ||
|
||
import ( | ||
"context" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/diag" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" | ||
) | ||
|
||
var ipv6firewallSections = []string{"rules"} | ||
|
||
func DatasourceIPv6Firewall() *schema.Resource { | ||
return &schema.Resource{ | ||
ReadContext: datasourceIPv6FirewallFilterRead, | ||
Description: `This datasource contains all supported firewall resources: | ||
- rules (aka filter) | ||
`, | ||
Schema: map[string]*schema.Schema{ | ||
"rules": getIPv6FirewallFilterSchema(), | ||
}, | ||
} | ||
} | ||
|
||
func datasourceIPv6FirewallFilterRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { | ||
var diags diag.Diagnostics | ||
basePath := "/ipv6/firewall/" | ||
|
||
s := DatasourceIPv6Firewall().Schema | ||
|
||
var isEmpty = true | ||
for _, section := range ipv6firewallSections { | ||
isEmpty = isEmpty && len(d.Get(section).([]interface{})) == 0 | ||
} | ||
|
||
if isEmpty { | ||
return diag.Diagnostics{ | ||
diag.Diagnostic{ | ||
Severity: diag.Error, | ||
Summary: "You must specify at least one return section of the resource.", | ||
Detail: "Please specify one or more sections of the firewall, information from which will be " + | ||
"returned as a result of the data source query: rules{}, nat { filter = {...}}, etc.", | ||
}, | ||
} | ||
} | ||
|
||
for _, section := range ipv6firewallSections { | ||
if len(d.Get(section).([]interface{})) == 0 { | ||
continue | ||
} | ||
|
||
path := basePath | ||
// The filtering section is named 'rules' to avoid confusion: filter { filter = { ... }}. | ||
if section == "rules" { | ||
path += "filter" | ||
} else { | ||
// Kebab case! | ||
path += SnakeToKebab(section) | ||
} | ||
|
||
// Snake case! | ||
var res []MikrotikItem | ||
|
||
for _, sectionResourceData := range d.Get(section).([]interface{}) { | ||
filter := sectionResourceData.(map[string]interface{})[KeyFilter].(map[string]interface{}) | ||
|
||
r, err := ReadItemsFiltered(buildReadFilter(filter), path, m.(Client)) | ||
if err != nil { | ||
return diag.FromErr(err) | ||
} | ||
|
||
res = append(res, *r...) | ||
} | ||
diags = append(diags, MikrotikResourceDataToTerraformDatasource(&res, section, s, d)...) | ||
} | ||
return diags | ||
} |
Oops, something went wrong.