firewall_audit 0.1.0

Cross-platform firewall audit tool and library (YAML/JSON rules, CSV/HTML/JSON export)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

use struct_field_names_as_array::FieldNamesAsSlice;

use crate::FirewallAuditError;
use std::collections::HashSet;
use std::net::IpAddr;

#[cfg(target_os = "linux")]
pub mod linux;
#[cfg(target_os = "windows")]
pub mod windows;

/// Represents a firewall rule (cross-platform abstraction).
#[derive(Debug, Clone, FieldNamesAsSlice)]
pub struct FirewallRule {
    /// OS of rule origin (e.g., "linux", "windows")
    pub os: Option<String>,
    /// Rule name
    pub name: String,
    /// Rule direction (In/Out)
    pub direction: String,
    /// Whether the rule is enabled
    pub enabled: bool,
    /// Action (Allow/Deny)
    pub action: String,
    /// Description
    pub description: Option<String>,
    /// Application name
    pub application_name: Option<String>,
    /// Service name
    pub service_name: Option<String>,
    /// Protocol
    pub protocol: Option<String>,
    /// Local ports
    pub local_ports: Option<HashSet<u16>>,
    /// Remote ports
    pub remote_ports: Option<HashSet<u16>>,
    /// Local addresses
    pub local_addresses: Option<HashSet<IpAddr>>,
    /// Remote addresses
    pub remote_addresses: Option<HashSet<IpAddr>>,
    /// ICMP types and codes
    pub icmp_types_and_codes: Option<String>,
    /// Interfaces
    pub interfaces: Option<HashSet<String>>,
    /// Interface types
    pub interface_types: Option<HashSet<String>>,
    /// Grouping
    pub grouping: Option<String>,
    /// Profiles
    pub profiles: Option<String>,
    /// Edge traversal
    pub edge_traversal: Option<bool>,
}

impl FirewallRule {
    /// Returns the list of valid field names for criteria expressions.
    pub fn valid_fields() -> &'static [&'static str] {
        Self::FIELD_NAMES_AS_SLICE
    }
}

/// A trait for types that can provide firewall rules.
pub trait FirewallRuleProvider {
    /// Lists all firewall rules available from this provider.
    ///
    /// # Errors
    /// Returns an error if the firewall rules cannot be listed.
    fn list_rules() -> Result<Vec<FirewallRule>, FirewallAuditError>;
}

#[cfg(target_os = "windows")]
pub use crate::firewall_rule::windows::WindowsFirewallProvider as PlatformFirewallProvider;

#[cfg(target_os = "linux")]
pub use crate::firewall_rule::linux::LinuxFirewallProvider as PlatformFirewallProvider;

#[cfg(test)]
mod tests {
    use crate::FirewallRuleProvider;

    #[test]
    fn test_list_rules_compiles() {
        #[cfg(target_os = "windows")]
        {
            use crate::PlatformFirewallProvider;

            let rules = PlatformFirewallProvider::list_rules().unwrap();
            for rule in rules {
                println!("{rule:?}");
            }
        }
        #[cfg(target_os = "linux")]
        {
            use crate::firewall_rule::linux::LinuxFirewallProvider;

            let rules = LinuxFirewallProvider::list_rules().unwrap();
            for rule in rules {
                println!("{rule:?}");
            }
        }
    }
}