firewall_audit 0.3.2

Cross-platform firewall audit tool (YAML/JSON rules, CSV/HTML/JSON export)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

use struct_field_names_as_array::FieldNamesAsSlice;

use std::collections::HashSet;
use std::net::IpAddr;

/// Error type for `firewall_rule` operations.
#[derive(Debug, thiserror::Error)]
pub enum FirewallRuleError {
    /// I/O error
    #[error("I/O error: {0}")]
    Io(#[from] std::io::Error),
    /// Windows Firewall error
    #[cfg(target_os = "windows")]
    #[error("Windows Firewall error: {0}")]
    WindowsFirewallError(String),
    /// Linux Firewall error
    #[cfg(target_os = "linux")]
    #[error("Linux Firewall error: {0}")]
    LinuxFirewallError(String),
}

#[cfg(target_os = "linux")]
pub mod linux;
#[cfg(target_os = "windows")]
pub mod windows;

/// Represents a firewall rule (cross-platform abstraction).
#[derive(Debug, Clone, FieldNamesAsSlice)]
pub struct FirewallRule {
    /// OS of rule origin (e.g., "linux", "windows")
    pub os: Option<String>,
    /// Rule name
    pub name: String,
    /// Rule direction (In/Out)
    pub direction: String,
    /// Whether the rule is enabled
    pub enabled: bool,
    /// Action (Allow/Deny)
    pub action: String,
    /// Description
    pub description: Option<String>,
    /// Application name
    pub application_name: Option<String>,
    /// Service name
    pub service_name: Option<String>,
    /// Protocol
    pub protocol: Option<String>,
    /// Local ports
    pub local_ports: Option<HashSet<u16>>,
    /// Remote ports
    pub remote_ports: Option<HashSet<u16>>,
    /// Local addresses
    pub local_addresses: Option<HashSet<IpAddr>>,
    /// Remote addresses
    pub remote_addresses: Option<HashSet<IpAddr>>,
    /// ICMP types and codes
    pub icmp_types_and_codes: Option<String>,
    /// Interfaces
    pub interfaces: Option<HashSet<String>>,
    /// Interface types
    pub interface_types: Option<HashSet<String>>,
    /// Grouping
    pub grouping: Option<String>,
    /// Profiles
    pub profiles: Option<String>,
    /// Edge traversal
    pub edge_traversal: Option<bool>,
}

impl FirewallRule {
    /// Returns the list of valid field names for criteria expressions.
    pub fn valid_fields() -> &'static [&'static str] {
        Self::FIELD_NAMES_AS_SLICE
    }
}

/// A trait for types that can provide firewall rules.
pub trait FirewallRuleProvider {
    /// Lists all firewall rules available from this provider.
    ///
    /// # Errors
    /// Returns an error if the firewall rules cannot be listed.
    fn list_rules() -> Result<Vec<FirewallRule>, FirewallRuleError>;
}

#[cfg(target_os = "windows")]
pub use crate::firewall_rule::windows::WindowsFirewallProvider as PlatformFirewallProvider;

#[cfg(target_os = "linux")]
pub use crate::firewall_rule::linux::LinuxFirewallProvider as PlatformFirewallProvider;

#[cfg(test)]
mod tests {
    use crate::firewall_rule::{FirewallRuleProvider, PlatformFirewallProvider};

    #[test]
    fn test_list_rules_compiles() {
        let rules = PlatformFirewallProvider::list_rules().unwrap();
        for rule in rules {
            println!("{rule:?}");
        }
    }
}