Skip to main content

unifly_api/model/
firewall.rs

1// ── Firewall domain types ──
2
3use serde::{Deserialize, Serialize};
4
5use super::common::{DataSource, EntityOrigin};
6use super::entity_id::EntityId;
7
8#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
9pub enum FirewallAction {
10    Allow,
11    Block,
12    Reject,
13}
14
15#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
16pub enum IpVersion {
17    Ipv4,
18    Ipv6,
19    Both,
20}
21
22/// Firewall Zone -- container for networks, policies operate between zones.
23#[derive(Debug, Clone, Serialize, Deserialize)]
24pub struct FirewallZone {
25    pub id: EntityId,
26    pub name: String,
27    pub network_ids: Vec<EntityId>,
28    pub origin: Option<EntityOrigin>,
29
30    #[serde(skip)]
31    #[allow(dead_code)]
32    pub(crate) source: DataSource,
33}
34
35/// Firewall Policy -- a rule between two zones.
36#[derive(Debug, Clone, Serialize, Deserialize)]
37pub struct FirewallPolicy {
38    pub id: EntityId,
39    pub name: String,
40    pub description: Option<String>,
41    pub enabled: bool,
42    pub index: Option<i32>,
43
44    pub action: FirewallAction,
45    pub ip_version: IpVersion,
46
47    pub source_zone_id: Option<EntityId>,
48    pub destination_zone_id: Option<EntityId>,
49
50    // Simplified traffic filter summary (the full filter tree is in unifly-api)
51    pub source_summary: Option<String>,
52    pub destination_summary: Option<String>,
53
54    // Protocol and schedule display fields
55    pub protocol_summary: Option<String>,
56    pub schedule: Option<String>,
57    pub ipsec_mode: Option<String>,
58
59    pub connection_states: Vec<String>,
60    pub logging_enabled: bool,
61
62    pub origin: Option<EntityOrigin>,
63
64    #[serde(skip)]
65    #[allow(dead_code)]
66    pub(crate) source: DataSource,
67}
68
69/// ACL Rule action.
70#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
71pub enum AclAction {
72    Allow,
73    Block,
74}
75
76/// ACL Rule type.
77#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
78pub enum AclRuleType {
79    Ipv4,
80    Mac,
81}
82
83/// ACL Rule.
84#[derive(Debug, Clone, Serialize, Deserialize)]
85pub struct AclRule {
86    pub id: EntityId,
87    pub name: String,
88    pub enabled: bool,
89    pub rule_type: AclRuleType,
90    pub action: AclAction,
91    pub source_summary: Option<String>,
92    pub destination_summary: Option<String>,
93    pub origin: Option<EntityOrigin>,
94
95    #[serde(skip)]
96    #[allow(dead_code)]
97    pub(crate) source: DataSource,
98}