clientapi-pve 2026.5.24

/*
 * Proxmox Virtual Environment API
 *
 * Generated from apidoc.js. NOT an official Proxmox specification. See https://pve.proxmox.com/pve-docs/api-viewer/ for the upstream documentation.
 *
 * The version of the OpenAPI document: 9.x
 * 
 * Generated by: https://openapi-generator.tech
 */

use crate::models;
use serde::{Deserialize, Serialize};

#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
pub struct ClusterFirewallCreateRuleRequest {

    /// Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.
    #[serde(rename = "action")]
    pub action: String,

    /// Descriptive comment.
    #[serde(rename = "comment", skip_serializing_if = "Option::is_none")]
    pub comment: Option<String>,

    /// Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.
    #[serde(rename = "dest", skip_serializing_if = "Option::is_none")]
    pub dest: Option<String>,

    /// Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.
    #[serde(rename = "digest", skip_serializing_if = "Option::is_none")]
    pub digest: Option<String>,

    /// Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.
    #[serde(rename = "dport", skip_serializing_if = "Option::is_none")]
    pub dport: Option<String>,

    /// Flag to enable/disable a rule.
    #[serde(rename = "enable", skip_serializing_if = "Option::is_none")]
    pub enable: Option<i64>,

    /// Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.
    #[serde(rename = "icmp-type", skip_serializing_if = "Option::is_none")]
    pub icmp_type: Option<String>,

    /// Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.
    #[serde(rename = "iface", skip_serializing_if = "Option::is_none")]
    pub iface: Option<String>,

    /// Log level for firewall rule.
    #[serde(rename = "log", skip_serializing_if = "Option::is_none")]
    pub log: Option<models::PveLogEnum>,

    /// Use predefined standard macro.
    #[serde(rename = "macro", skip_serializing_if = "Option::is_none")]
    pub r#macro: Option<String>,

    /// Update rule at position <pos>.
    #[serde(rename = "pos", skip_serializing_if = "Option::is_none")]
    pub pos: Option<i64>,

    /// IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.
    #[serde(rename = "proto", skip_serializing_if = "Option::is_none")]
    pub proto: Option<String>,

    /// Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.
    #[serde(rename = "source", skip_serializing_if = "Option::is_none")]
    pub source: Option<String>,

    /// Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.
    #[serde(rename = "sport", skip_serializing_if = "Option::is_none")]
    pub sport: Option<String>,

    /// Rule type.
    #[serde(rename = "type")]
    pub r#type: models::PveClusterFirewallTypeEnum,


}

impl ClusterFirewallCreateRuleRequest {
    pub fn new(action: String, r#type: models::PveClusterFirewallTypeEnum) -> ClusterFirewallCreateRuleRequest {
        ClusterFirewallCreateRuleRequest {
            
            action,
            
            comment: None,
            
            dest: None,
            
            digest: None,
            
            dport: None,
            
            enable: None,
            
            icmp_type: None,
            
            iface: None,
            
            log: None,
            
            r#macro: None,
            
            pos: None,
            
            proto: None,
            
            source: None,
            
            sport: None,
            
            r#type,
            
        }
    }
}