1// Copyright 2020 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.appengine.v1; 18 19option csharp_namespace = "Google.Cloud.AppEngine.V1"; 20option go_package = "cloud.google.com/go/appengine/apiv1/appenginepb;appenginepb"; 21option java_multiple_files = true; 22option java_outer_classname = "FirewallProto"; 23option java_package = "com.google.appengine.v1.firewall"; 24option php_namespace = "Google\\Cloud\\AppEngine\\V1"; 25option ruby_package = "Google::Cloud::AppEngine::V1"; 26 27// A single firewall rule that is evaluated against incoming traffic 28// and provides an action to take on matched requests. 29message FirewallRule { 30 // Available actions to take on matching requests. 31 enum Action { 32 UNSPECIFIED_ACTION = 0; 33 34 // Matching requests are allowed. 35 ALLOW = 1; 36 37 // Matching requests are denied. 38 DENY = 2; 39 } 40 41 // A positive integer between [1, Int32.MaxValue-1] that defines the order of 42 // rule evaluation. Rules with the lowest priority are evaluated first. 43 // 44 // A default rule at priority Int32.MaxValue matches all IPv4 and IPv6 traffic 45 // when no previous rule matches. Only the action of this rule can be modified 46 // by the user. 47 int32 priority = 1; 48 49 // The action to take on matched requests. 50 Action action = 2; 51 52 // IP address or range, defined using CIDR notation, of requests that this 53 // rule applies to. You can use the wildcard character "*" to match all IPs 54 // equivalent to "0/0" and "::/0" together. 55 // Examples: `192.168.1.1` or `192.168.0.0/16` or `2001:db8::/32` 56 // or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. 57 // 58 // 59 // <p>Truncation will be silently performed on addresses which are not 60 // properly truncated. For example, `1.2.3.4/24` is accepted as the same 61 // address as `1.2.3.0/24`. Similarly, for IPv6, `2001:db8::1/32` is accepted 62 // as the same address as `2001:db8::/32`. 63 string source_range = 3; 64 65 // An optional string description of this rule. 66 // This field has a maximum length of 100 characters. 67 string description = 4; 68} 69