Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

firewall

package

Go to main page

Versions in this module

v0

v0.0.1

Jan 1, 2026

Changes in this version

+ const DEFAULT_VRF

+ const DefaultFirewallTemplatePath

+ const MAX_NAME_LENGTH

+ func GetName(name, sep string, checkFunc func(string) bool) (string, error)

+ func GetTemplatePath(ctx *PolicyContext) string

+ func PrintDebug(oneName string, onePolicyEntry policy.PolicyEntryInf, twoName string, ...)

+ type Action int

+ const NAT_MATCHED

+ const NAT_NOMATCHED

+ const POLICY_DENY

+ const POLICY_IMPLICIT_DENY

+ const POLICY_IMPLICIT_PERMIT

+ const POLICY_PERMIT

+ const POLICY_REJECT

+ func LocateAction(index int) Action

+ func (ac Action) String() string

+ type BaseIterator struct

+ func NewBaseIterator(items []Namer, options *IteratorOptions, ...) *BaseIterator

+ func (bi *BaseIterator) HasNext() bool

+ func (bi *BaseIterator) Next() Namer

+ func (bi *BaseIterator) Reset()

+ type BlacklistWhitelistHandler interface

+ AddIPsToGroup func(listType string, groupName string, ips []string) (string, error)

+ AddIPsViaAPI func(listType string, ips []string) (map[string]interface{}, error)

+ CheckPresetConfig func(presetConfig *PresetConfig) (*PresetConfigCheckResult, error)

+ GetImplementationMethod func() string

+ RemoveIPsFromGroup func(listType string, groupName string, ips []string) (string, error)

+ RemoveIPsViaAPI func(listType string, ips []string) (map[string]interface{}, error)

+ type FirewallConfigAction interface

+ RunConfig func(interface{}) (interface{}, error)

+ type FirewallL4PortObject interface

+ Cli func() string

+ L4Port func(map[string]FirewallL4PortObject) *service.L4Port

+ Name func() string

+ Type func() FirewallObjectType

+ type FirewallMatchResult interface

+ type FirewallNatRule interface

+ Cli func() string

+ Extended func() map[string]interface{}

+ Name func() string

+ Original func() policy.PolicyEntryInf

+ Translate func() policy.PolicyEntryInf

+ type FirewallNetworkObject interface

+ Cli func() string

+ Name func() string

+ Network func(FirewallNode) *network.NetworkGroup

+ Type func() FirewallObjectType

+ type FirewallNode interface

+ DefaultStep func(fp *FirewallProcess)

+ DetermineNatObjectType func(natType string, metaData map[string]interface{}) (NatObjectType, bool)

+ FlyConfig func(cli interface{})

+ GenerateVipMipSnatPoolName func(objectType string, intent *policy.Intent, metaData map[string]interface{}) string

+ GetObjectByNetworkGroup func(*network.NetworkGroup, ObjectSearchType, api.Port) (FirewallNetworkObject, bool)

+ GetObjectByService func(*service.Service, ObjectSearchType) (FirewallServiceObject, bool)

+ GetObjectByVipMipSnatPool func(objectType string, intent *policy.Intent) (FirewallNetworkObject, bool)

+ GetPolicyName func(ctx *PolicyContext) (string, error)

+ GetPoolByNetworkGroup func(ng *network.NetworkGroup, natType NatType) (FirewallNetworkObject, bool)

+ GetReuseNatObject func(natType string, intent *policy.Intent, metaData map[string]interface{}) (name string, reused bool)

+ GetSupportedNatObjectTypes func(natType string) []NatObjectType

+ HasNatName func(name string) bool

+ HasObjectName func(name string) bool

+ HasPolicyName func(name string) bool

+ HasPoolName func(name string) bool

+ InputNat func(intent *policy.Intent, inPort api.Port) processor.AbstractMatchResult

+ InputNatTargetCheck func(intent *policy.Intent, inPort, outPort api.Port) (bool, FirewallNatRule)

+ InputPolicy func(intent *policy.Intent, inPort, outPort api.Port) processor.AbstractMatchResult

+ L4Port func(name string) (*service.L4Port, bool)

+ Network func(zone, name string) (*network.NetworkGroup, bool)

+ OutputNat func(intent *policy.Intent, inPort, outPort api.Port) processor.AbstractMatchResult

+ OutputPolicy func(intent *policy.Intent, inPort, outPort api.Port) processor.AbstractMatchResult

+ Policies func() []FirewallPolicy

+ Service func(name string) (*service.Service, bool)

+ Type func() terminalmode.DeviceType

+ UpdateSnatStep func(from, to api.Port, intent *policy.Intent, fp *FirewallProcess)

+ type FirewallObjectType int

+ const GROUP_ICMP_TYPE

+ const GROUP_NETWORK

+ const GROUP_PROTOCOL

+ const GROUP_SERVICE

+ const L4PORT

+ const OBJECT_NETWORK

+ const OBJECT_POOL

+ const OBJECT_SERVICE

+ const POOL

+ func (aot FirewallObjectType) String() string

+ type FirewallPhase int

+ const INPUT_NAT

+ const INPUT_POLICY

+ const OUTPUT_NAT

+ const OUTPUT_POLICY

+ func NewFirewallPhase(phase string) FirewallPhase

+ func (fp FirewallPhase) String() string

+ type FirewallPolicy interface

+ Action func() Action

+ Cli func() string

+ Description func() string

+ Extended func() map[string]interface{}

+ FromPorts func() []api.Port

+ FromZones func() []string

+ GetDestinationAddressObject func() (FirewallNetworkObject, bool)

+ GetServiceObject func() (FirewallServiceObject, bool)

+ GetSourceAddressObject func() (FirewallNetworkObject, bool)

+ ID func() string

+ Name func() string

+ PolicyEntry func() policy.PolicyEntryInf

+ ToPorts func() []api.Port

+ ToZones func() []string

+ type FirewallPort interface

+ MainIpv4 func() string

+ MainIpv6 func() string

+ type FirewallProcess struct

+ func NewFirewallProcess(node FirewallNode, inEntry policy.PolicyEntryInf) *FirewallProcess

+ func (fp *FirewallProcess) Intent() policy.PolicyEntryInf

+ func (fp *FirewallProcess) Iterator() *StepIterator

+ func (fp *FirewallProcess) MakeTemplates(ctx context.Context, intent *policy.Intent, inPort api.Port, vrf api.Vrf, ...) (translateTo *policy.Intent, cmdList []interface{}, additionCli []string, ...)

+ func (fp *FirewallProcess) MarshalJSON() ([]byte, error)

+ func (fp *FirewallProcess) RemoveStep(step string)

+ func (fp *FirewallProcess) Step(phase FirewallPhase) *processor.ProcessStep

+ func (fp *FirewallProcess) StepCheck(intent *policy.Intent)

+ func (fp *FirewallProcess) UnmarshalJSON(b []byte) error

+ func (fp *FirewallProcess) WithInputNat() *FirewallProcess

+ func (fp *FirewallProcess) WithInputPolicy() *FirewallProcess

+ func (fp *FirewallProcess) WithLogger(logger *zap.Logger)

+ func (fp *FirewallProcess) WithOutputNat() *FirewallProcess

+ func (fp *FirewallProcess) WithOutputPolicy() *FirewallProcess

+ type FirewallServiceObject interface

+ Cli func() string

+ Name func() string

+ Service func(FirewallNode) *service.Service

+ Type func() FirewallObjectType

+ type FirewallTemplates interface

+ FlyObjectToFlattenCli func(flyObject interface{}, ctx *PolicyContext) string

+ MakeDynamicNatCli func(from, out api.Port, intent *policy.Intent, ctx *PolicyContext) (flyObject interface{}, cmdList command.CmdList)

+ MakeInputPolicyCli func(from, out api.Port, intent *policy.Intent, ctx *PolicyContext) (flyObject interface{}, cmdList command.CmdList, moveRule []string)

+ MakeOutputPolicyCli func(from, out api.Port, intent *policy.Intent, ctx *PolicyContext) (flyObject interface{}, cmdList command.CmdList)

+ MakeStaticNatCli func(from, out api.Port, intent *policy.Intent, ctx *PolicyContext) (flyObject interface{}, cmdList command.CmdList)

+ type IteratorFirewall interface

+ AclIterator func(opts ...IteratorOption) NamerIterator

+ DnatIterator func(opts ...IteratorOption) NamerIterator

+ NatPoolIterator func(opts ...IteratorOption) NamerIterator

+ NetworkIterator func(opts ...IteratorOption) NamerIterator

+ PolicyIterator func(opts ...IteratorOption) NamerIterator

+ ServiceIterator func(opts ...IteratorOption) NamerIterator

+ SnatIterator func(opts ...IteratorOption) NamerIterator

+ StaticNatIterator func(opts ...IteratorOption) NamerIterator

+ type IteratorOption func(interface{})

+ func WithAclType(aclType string) IteratorOption

+ func WithFromZone(zone string) IteratorOption

+ func WithIPFamily(family network.IPFamily) IteratorOption

+ func WithNatType(natType NatType) IteratorOption

+ func WithNetworkGroup(ng *network.NetworkGroup) IteratorOption

+ func WithProtocol(protocol int) IteratorOption

+ func WithToZone(zone string) IteratorOption

+ func WithZone(zone string) IteratorOption

+ type IteratorOptions struct

+ AclType string

+ FromZone string

+ IPFamily network.IPFamily

+ NatType NatType

+ NetworkGroup *network.NetworkGroup

+ Protocol int

+ ToZone string

+ Zone string

+ func ApplyOptions(opts ...IteratorOption) *IteratorOptions

+ type MeetIntentStatus int

+ const MEET_INIENT_UNKNOWN

+ const MEET_INTENT_MAYBE

+ const MEET_INTENT_NO

+ const MEET_INTENT_OK

+ func (m MeetIntentStatus) String() string

+ type Namer interface

+ Name func() string

+ type NamerIterator interface

+ HasNext func() bool

+ Next func() Namer

+ Reset func()

+ type Naming struct

+ func NewNaming(node FirewallNode) *Naming

+ func (snn *Naming) NameNetwork(data interface{}, port api.Port) (create, reuse string, err error)

+ func (snn *Naming) NamePool(data interface{}, natType NatType) (create, reuse string, err error)

+ func (snn *Naming) NameService(data interface{}) (create, reuse string, err error)

+ func (snn *Naming) NewName(data interface{}, ruleType name.NamingRuleType) (string, error)

+ func (snn *Naming) Node() FirewallNode

+ func (snn *Naming) WithNameService(f func(data interface{}) (string, error)) *Naming

+ type NatMatchResult struct

+ func NewNatResultIntent(intent *policy.Intent) *NatMatchResult

+ func (mr *NatMatchResult) Analysis()

+ func (mr *NatMatchResult) MeetStatus() MeetIntentStatus

+ func (mr *NatMatchResult) Rule() FirewallNatRule

+ func (mr *NatMatchResult) RuleCli() string

+ func (mr *NatMatchResult) TranslateTo() *policy.Intent

+ func (mr *NatMatchResult) WithAction(action Action) policy.PolicyEntryInf

+ func (mr *NatMatchResult) WithFromPort(port api.Port) policy.PolicyEntryInf

+ func (mr *NatMatchResult) WithMeetIntentStatus(status MeetIntentStatus) policy.PolicyEntryInf

+ func (mr *NatMatchResult) WithOutPort(port api.Port) policy.PolicyEntryInf

+ func (mr *NatMatchResult) WithRule(rule FirewallNatRule) policy.PolicyEntryInf

+ func (mr *NatMatchResult) WithTranslate(intent *policy.Intent) policy.PolicyEntryInf

+ func (nr NatMatchResult) MarshalJSON() ([]byte, error)

+ type NatMatchState int

+ const NAT_MATCH_NONE

+ const NAT_MATCH_NOT_OK

+ const NAT_MATCH_OK

+ type NatObjectType int

+ const INLINE

+ const INTERFACE

+ const MIP

+ const NETWORK_OBJECT

+ const SNAT_POOL

+ const UNSUPPORTED

+ const VIP

+ type NatPool interface

+ Cli func() string

+ ID func() string

+ MatchNetworkGroup func(*network.NetworkGroup) bool

+ Name func() string

+ type NatPoolManager interface

+ CreateNatPool func(*network.NetworkGroup, string) (NatPool, error)

+ type NatStatus int

+ const NAT_ACTIVE

+ const NAT_INACTIVE

+ func (ns NatStatus) String() string

+ type NatType int

+ const DESTINATION_NAT

+ const DYNAMIC_NAT

+ const STATIC_NAT

+ const TWICE_NAT

+ func (nt NatType) String() string

+ type ObjectReferenceMethod int

+ const USE_ADDRESS

+ const USE_IPRANGE

+ const USE_OBJECT

+ const USE_SUBNET

+ type ObjectSearchType int

+ const SEARCH_GROUP

+ const SEARCH_OBJECT

+ const SEARCH_OBJECT_OR_GROUP

+ type PhaseProcessAction int

+ const PHASE_GENERATED

+ const PHASE_MATCHED

+ func NewPhaseProcessAction(action string) PhaseProcessAction

+ func (pa PhaseProcessAction) String() string

+ type PolicyContext struct

+ AdditionCli []string

+ CmdList []interface{}

+ DeviceSpecificData map[string]interface{}

+ Force bool

+ GeneratedObjects map[string]interface{}

+ GlobalNaming map[string]string

+ InPort api.Port

+ Intent *policy.Intent

+ Logger *zap.Logger

+ Node FirewallNode

+ OutPort api.Port

+ TemplatePath string

+ TranslateTo *policy.Intent

+ TraverseProcess interface{}

+ Variables map[string]interface{}

+ Vrf api.Vrf

+ func (pc *PolicyContext) GetAclId() string

+ func (pc *PolicyContext) GetBoolValue(key string) (bool, bool)

+ func (pc *PolicyContext) GetDeviceMetaData(node api.Node) (map[string]interface{}, bool)

+ func (pc *PolicyContext) GetDstAddrObjName() string

+ func (pc *PolicyContext) GetIntValue(key string) (int, bool)

+ func (pc *PolicyContext) GetNatPoolName() string

+ func (pc *PolicyContext) GetServiceName() string

+ func (pc *PolicyContext) GetSiteName() (string, bool)

+ func (pc *PolicyContext) GetSrcAddrObjName() string

+ func (pc *PolicyContext) GetStringValue(key string) (string, bool)

+ func (pc *PolicyContext) GetValue(key string) (interface{}, bool)

+ func (pc *PolicyContext) SetAclId(id string)

+ func (pc *PolicyContext) SetDstAddrObjName(name string)

+ func (pc *PolicyContext) SetNatPoolName(name string)

+ func (pc *PolicyContext) SetServiceName(name string)

+ func (pc *PolicyContext) SetSrcAddrObjName(name string)

+ func (pc *PolicyContext) WithValue(key string, value interface{}) *PolicyContext

+ type PolicyIdFirewall interface

+ FirstPolicyRuleId func(ipType network.IPFamily) string

+ NextPolicyId func(ipType network.IPFamily) int

+ type PolicyIteratorOption struct

+ IPFamily network.IPFamily

+ SpecificOptions map[string]interface{}

+ Zone string

+ type PolicyMatchResult struct

+ func NewPolicyResultIntent(intent *policy.Intent) *PolicyMatchResult

+ func (mr *PolicyMatchResult) Rule() FirewallPolicy

+ func (mr *PolicyMatchResult) WithAction(action Action) policy.PolicyEntryInf

+ func (mr *PolicyMatchResult) WithFromPort(port api.Port) policy.PolicyEntryInf

+ func (mr *PolicyMatchResult) WithOutPort(port api.Port) policy.PolicyEntryInf

+ func (mr *PolicyMatchResult) WithRule(rule FirewallPolicy) policy.PolicyEntryInf

+ func (pr PolicyMatchResult) MarshalJSON() ([]byte, error)

+ type PolicyStatus int

+ const POLICY_ACTIVE

+ const POLICY_INACTIVE

+ const POLICY_INCOMPLETE

+ func (ps PolicyStatus) String() string

+ type PoolIdFirewall interface

+ NextPoolId func(id string) string

+ type PresetConfig struct

+ BlacklistGroupName string

+ BlacklistPolicyID string

+ BlacklistPolicyName string

+ WhitelistGroupName string

+ WhitelistPolicyID string

+ WhitelistPolicyName string

+ type PresetConfigCheckResult struct

+ BlacklistGroupOK bool

+ BlacklistPolicyOK bool

+ Details map[string]string

+ WhitelistGroupOK bool

+ WhitelistPolicyOK bool

+ type ProcessStep struct

+ func (step *ProcessStep) Cli() string

+ func (step *ProcessStep) CmdList() interface{}

+ func (step *ProcessStep) IsMeetIntent(intent *policy.Intent) bool

+ func (step *ProcessStep) MarshalJSON() ([]byte, error)

+ func (step *ProcessStep) MatchResult() processor.AbstractMatchResult

+ func (step *ProcessStep) Phase() FirewallPhase

+ func (step *ProcessStep) PhaseAction() PhaseProcessAction

+ func (step *ProcessStep) UnmarshalJSON(b []byte) error

+ func (step *ProcessStep) WithCli(cli string) *ProcessStep

+ func (step *ProcessStep) WithCmdList(cmdList interface{}) *ProcessStep

+ func (step *ProcessStep) WithMatchResult(result processor.AbstractMatchResult) *ProcessStep

+ func (step *ProcessStep) WithPhaseAction(action PhaseProcessAction) *ProcessStep

+ type RouteCheckFirewall interface

+ IpRouteCheckInternal func(netList network.NetworkList, inPort, vrf string, af network.IPFamily) *model.RouteCheckResult

+ type SRXNameingInputValidator struct

+ func (aiv SRXNameingInputValidator) Validate(data map[string]interface{}) validator.Result

+ type StepIterator struct

+ func (it *StepIterator) HasNext() bool

+ func (it *StepIterator) Next() (FirewallPhase, *processor.ProcessStep)

+ type TemplatesRequest struct

+ InPort api.Port

+ Intent *policy.Intent

+ Node api.Node

+ OutPort api.Port

+ type UrlConfigStruct struct

+ Object interface{}

+ Url string

+ type ZoneFirewall interface

+ Zone func() string