Documentation
¶
Index ¶
- Variables
- type BlacklistWhitelistRequest
- type BlacklistWhitelistResponse
- type ComparePolicyRequest
- type ComparePolicyResult
- type Config
- type ConfigFragmentPolicy
- type ExcelPolicyRule
- type NodemapService
- func (mnm *NodemapService) ApplyBlacklistWhitelist(deviceConfigs []config.DeviceConfig, request *BlacklistWhitelistRequest, ...) (*BlacklistWhitelistResponse, error)
- func (mnm *NodemapService) CheckPresetConfig(deviceConfigs []config.DeviceConfig, request *PresetConfigCheckRequest, ...) (*PresetConfigCheckResponse, error)
- func (mnm *NodemapService) Compare(nodeName, ruleName string, intent *policy.Intent, nm *nodemap.NodeMap) (*ComparePolicyResult, error)
- func (mnm *NodemapService) L3NodeMapQuery(ctx context.Context, queryInfo *structs.L3Query, ...) error
- func (mnm *NodemapService) MakeL3Templates(sourceInfo *structs.NodemapInfo, result *model.TemplatesReplay) error
- type PresetConfig
- type PresetConfigCheckRequest
- type PresetConfigCheckResponse
- type RuleConsistencyResult
Constants ¶
This section is empty.
Variables ¶
View Source
var Logger = global.GetLogger()
Functions ¶
This section is empty.
Types ¶
type BlacklistWhitelistRequest ¶
type BlacklistWhitelistRequest struct {
DeviceName string `json:"device_name"` // 设备名称
Type string `json:"type"` // "blacklist" 或 "whitelist"
IPs []string `json:"ips"` // IP 地址列表(支持 CIDR)
PresetConfig *PresetConfig `json:"preset_config"` // 预设配置信息
Operation string `json:"operation"` // "add" 或 "remove"
Description string `json:"description,omitempty"` // 描述
}
BlacklistWhitelistRequest 黑白名单请求
type BlacklistWhitelistResponse ¶
type BlacklistWhitelistResponse struct {
Success bool `json:"success"`
DeviceName string `json:"device_name"`
PolicyName string `json:"policy_name"`
AddressGroup string `json:"address_group"`
CLI string `json:"cli"` // 生成的配置命令(策略方式)或 API 调用信息(专门功能方式)
Method string `json:"method"` // "policy" 或 "api"
Message string `json:"message,omitempty"`
}
BlacklistWhitelistResponse 黑白名单响应
type ComparePolicyRequest ¶
type ComparePolicyRequest struct {
NodeName string `json:"node_name"` // 节点名称
RuleName string `json:"rule_name"` // 规则名称
Intent policy.Intent `json:"intent"` // 策略意图
}
ComparePolicyRequest 策略对比请求结构
type ComparePolicyResult ¶
type ComparePolicyResult struct {
NodeName string `json:"node_name"` // 节点名称
RuleName string `json:"rule_name"` // 规则名称
PolicyFound bool `json:"policy_found"` // 是否找到策略
Result *RuleConsistencyResult `json:"result,omitempty"` // 对比结果
ErrorMessage string `json:"error_message,omitempty"` // 错误信息
}
ComparePolicyResult 策略对比结果结构
type Config ¶
type Config struct {
NodeMap struct {
Name string `yaml:"name"`
Force bool `yaml:"force"`
TaskID uint `yaml:"task_id"`
} `yaml:"nodemap"`
Devices []struct {
config.DeviceConfig `yaml:",inline"`
FilePath string `yaml:"file_path"`
} `yaml:"devices"`
Policy struct {
Source string `yaml:"source"`
Destination string `yaml:"destination"`
RealIp string `yaml:"realIp"`
RealPort string `yaml:"realPort"`
TicketNumber string `yaml:"ticketNumber"`
Area string `yaml:"area"`
SubTicket string `yaml:"subTicket"`
Service struct {
Protocol string `yaml:"protocol"`
Port string `yaml:"port"`
} `yaml:"service"`
Snat string `yaml:"snat"`
MetaData map[string]string `yaml:"metadata"`
InputNode string `yaml:"inputNode"`
} `yaml:"policy"`
}
type ConfigFragmentPolicy ¶
type ConfigFragmentPolicy struct {
RuleName string `json:"rule_name"` // 规则名称
SourceZone []string `json:"source_zone"` // 源区域
DestinationZone []string `json:"destination_zone"` // 目的区域
SourceIP string `json:"source_ip"` // 源IP
DestinationIP string `json:"destination_ip"` // 目的IP
Port string `json:"port"` // 端口
Protocol string `json:"protocol"` // 协议
Action string `json:"action"` // 动作
CLI string `json:"cli"` // CLI命令
}
ConfigFragmentPolicy 配置中的规则片段(用于展示)
type ExcelPolicyRule ¶
type ExcelPolicyRule struct {
RuleName string `json:"rule_name"` // 规则名称
SourceZone []string `json:"source_zone"` // 源区域
DestinationZone []string `json:"destination_zone"` // 目的区域
SourceIP string `json:"source_ip"` // 源IP
DestinationIP string `json:"destination_ip"` // 目的IP
Port string `json:"port"` // 端口
Protocol string `json:"protocol"` // 协议
Action string `json:"action"` // 动作
}
ExcelPolicyRule Excel中的策略规则(用于展示)
type NodemapService ¶
type NodemapService struct {
MNM meta.MetaNodeMap
}
func (*NodemapService) ApplyBlacklistWhitelist ¶
func (mnm *NodemapService) ApplyBlacklistWhitelist( deviceConfigs []config.DeviceConfig, request *BlacklistWhitelistRequest, nm *nodemap.NodeMap, ) (*BlacklistWhitelistResponse, error)
ApplyBlacklistWhitelist 应用黑白名单(添加或移除IP)
func (*NodemapService) CheckPresetConfig ¶
func (mnm *NodemapService) CheckPresetConfig( deviceConfigs []config.DeviceConfig, request *PresetConfigCheckRequest, nm *nodemap.NodeMap, ) (*PresetConfigCheckResponse, error)
CheckPresetConfig 检查预设配置是否准备就绪
func (*NodemapService) Compare ¶
func (mnm *NodemapService) Compare(nodeName, ruleName string, intent *policy.Intent, nm *nodemap.NodeMap) (*ComparePolicyResult, error)
Compare 对比策略方法 根据 node name、rule name、intent 进行 policy 对比
func (*NodemapService) L3NodeMapQuery ¶
func (mnm *NodemapService) L3NodeMapQuery(ctx context.Context, queryInfo *structs.L3Query, deviceConfigs []config.DeviceConfig, result *structs.PolicyData, nm *nodemap.NodeMap) error
func (*NodemapService) MakeL3Templates ¶
func (mnm *NodemapService) MakeL3Templates(sourceInfo *structs.NodemapInfo, result *model.TemplatesReplay) error
type PresetConfig ¶
type PresetConfig struct {
BlacklistPolicyName string `json:"blacklist_policy_name"` // 预设黑名单策略名称
BlacklistPolicyID string `json:"blacklist_policy_id,omitempty"` // 预设黑名单策略ID
WhitelistPolicyName string `json:"whitelist_policy_name"` // 预设白名单策略名称
WhitelistPolicyID string `json:"whitelist_policy_id,omitempty"` // 预设白名单策略ID
BlacklistGroupName string `json:"blacklist_group_name"` // 预设黑名单地址组名称
WhitelistGroupName string `json:"whitelist_group_name"` // 预设白名单地址组名称
}
PresetConfig 预设配置信息
type PresetConfigCheckRequest ¶
type PresetConfigCheckRequest struct {
DeviceName string `json:"device_name"`
PresetConfig *PresetConfig `json:"preset_config"`
}
PresetConfigCheckRequest 预设配置检查请求
type PresetConfigCheckResponse ¶
type PresetConfigCheckResponse struct {
Success bool `json:"success"`
DeviceName string `json:"device_name"`
BlacklistPolicyOK bool `json:"blacklist_policy_ok"` // 黑名单策略是否存在
WhitelistPolicyOK bool `json:"whitelist_policy_ok"` // 白名单策略是否存在
BlacklistGroupOK bool `json:"blacklist_group_ok"` // 黑名单地址组是否存在
WhitelistGroupOK bool `json:"whitelist_group_ok"` // 白名单地址组是否存在
Message string `json:"message,omitempty"`
Details map[string]string `json:"details,omitempty"` // 详细信息
}
PresetConfigCheckResponse 预设配置检查响应
type RuleConsistencyResult ¶
type RuleConsistencyResult struct {
Rule string `json:"rule"` // 规则名称
RuleExists bool `json:"rule_exists"` // 规则是否存在
SourceZoneConsistent bool `json:"source_zone_consistent"` // 源区域一致
DestinationZoneConsistent bool `json:"destination_zone_consistent"` // 目的区域一致
SourceIPConsistent bool `json:"source_ip_consistent"` // 源IP一致
SourceInconsistentIPs string `json:"source_inconsistent_ips,omitempty"` // 源侧不一致IP(Excel中有但配置中没有的IP)
DestinationIPConsistent bool `json:"destination_ip_consistent"` // 目的IP一致
DestinationInconsistentIPs string `json:"destination_inconsistent_ips,omitempty"` // 目的侧不一致IP(Excel中有但配置中没有的IP)
PortConsistent bool `json:"port_consistent"` // 端口一致
DifferenceDetails string `json:"difference_details,omitempty"` // 差异详情描述
ExcelRule *ExcelPolicyRule `json:"excel_rule,omitempty"` // Excel中的策略规则
ConfigRule *ConfigFragmentPolicy `json:"config_rule,omitempty"` // 配置中的规则
}
RuleConsistencyResult 一致性对比详细结果项
Source Files
Click to show internal directories.
Click to hide internal directories.