github.com/vmware/govmomi@v0.43.0/govc/host/firewall/find.go (about) 1 /* 2 Copyright (c) 2015 VMware, Inc. All Rights Reserved. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package firewall 18 19 import ( 20 "context" 21 "flag" 22 "fmt" 23 "os" 24 25 "github.com/vmware/govmomi/govc/cli" 26 "github.com/vmware/govmomi/govc/flags" 27 "github.com/vmware/govmomi/govc/host/esxcli" 28 "github.com/vmware/govmomi/object" 29 "github.com/vmware/govmomi/vim25/types" 30 ) 31 32 type find struct { 33 *flags.ClientFlag 34 *flags.OutputFlag 35 *flags.HostSystemFlag 36 37 enabled bool 38 check bool 39 40 types.HostFirewallRule 41 } 42 43 func init() { 44 cli.Register("firewall.ruleset.find", &find{}) 45 } 46 47 func (cmd *find) Register(ctx context.Context, f *flag.FlagSet) { 48 cmd.ClientFlag, ctx = flags.NewClientFlag(ctx) 49 cmd.ClientFlag.Register(ctx, f) 50 cmd.OutputFlag, ctx = flags.NewOutputFlag(ctx) 51 cmd.OutputFlag.Register(ctx, f) 52 cmd.HostSystemFlag, ctx = flags.NewHostSystemFlag(ctx) 53 cmd.HostSystemFlag.Register(ctx, f) 54 55 f.BoolVar(&cmd.check, "c", true, "Check if esx firewall is enabled") 56 f.BoolVar(&cmd.enabled, "enabled", true, "Find enabled rule sets if true, disabled if false") 57 f.StringVar((*string)(&cmd.Direction), "direction", string(types.HostFirewallRuleDirectionOutbound), "Direction") 58 f.StringVar((*string)(&cmd.PortType), "type", string(types.HostFirewallRulePortTypeDst), "Port type") 59 f.StringVar((*string)(&cmd.Protocol), "proto", string(types.HostFirewallRuleProtocolTcp), "Protocol") 60 f.Var(flags.NewInt32(&cmd.Port), "port", "Port") 61 } 62 63 func (cmd *find) Process(ctx context.Context) error { 64 if err := cmd.ClientFlag.Process(ctx); err != nil { 65 return err 66 } 67 if err := cmd.OutputFlag.Process(ctx); err != nil { 68 return err 69 } 70 if err := cmd.HostSystemFlag.Process(ctx); err != nil { 71 return err 72 } 73 return nil 74 } 75 76 func (cmd *find) Description() string { 77 return `Find firewall rulesets matching the given rule. 78 79 For a complete list of rulesets: govc host.esxcli network firewall ruleset list 80 For a complete list of rules: govc host.esxcli network firewall ruleset rule list 81 82 Examples: 83 govc firewall.ruleset.find -direction inbound -port 22 84 govc firewall.ruleset.find -direction outbound -port 2377` 85 } 86 87 func (cmd *find) Run(ctx context.Context, f *flag.FlagSet) error { 88 host, err := cmd.HostSystem() 89 if err != nil { 90 return err 91 } 92 93 fs, err := host.ConfigManager().FirewallSystem(ctx) 94 if err != nil { 95 return err 96 } 97 98 if cmd.check { 99 esxfw, err := esxcli.GetFirewallInfo(host) 100 if err != nil { 101 return err 102 } 103 104 if !esxfw.Enabled { 105 fmt.Fprintln(os.Stderr, "host firewall is disabled") 106 } 107 } 108 109 info, err := fs.Info(ctx) 110 if err != nil { 111 return err 112 } 113 114 if f.NArg() != 0 { 115 // TODO: f.Args() -> types.HostFirewallRulesetIpList 116 return flag.ErrHelp 117 } 118 119 rs := object.HostFirewallRulesetList(info.Ruleset) 120 matched, err := rs.EnabledByRule(cmd.HostFirewallRule, cmd.enabled) 121 122 if err != nil { 123 return err 124 } 125 126 for _, r := range matched { 127 fmt.Println(r.Key) 128 } 129 130 return nil 131 }