1*d5c09012SAndroid Build Coastguard Worker// Copyright 2020 Google LLC 2*d5c09012SAndroid Build Coastguard Worker// 3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*d5c09012SAndroid Build Coastguard Worker// 7*d5c09012SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*d5c09012SAndroid Build Coastguard Worker// 9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*d5c09012SAndroid Build Coastguard Worker// limitations under the License. 14*d5c09012SAndroid Build Coastguard Worker 15*d5c09012SAndroid Build Coastguard Workersyntax = "proto3"; 16*d5c09012SAndroid Build Coastguard Worker 17*d5c09012SAndroid Build Coastguard Workerpackage google.appengine.v1; 18*d5c09012SAndroid Build Coastguard Worker 19*d5c09012SAndroid Build Coastguard Workeroption csharp_namespace = "Google.Cloud.AppEngine.V1"; 20*d5c09012SAndroid Build Coastguard Workeroption go_package = "cloud.google.com/go/appengine/apiv1/appenginepb;appenginepb"; 21*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true; 22*d5c09012SAndroid Build Coastguard Workeroption java_outer_classname = "FirewallProto"; 23*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.appengine.v1.firewall"; 24*d5c09012SAndroid Build Coastguard Workeroption php_namespace = "Google\\Cloud\\AppEngine\\V1"; 25*d5c09012SAndroid Build Coastguard Workeroption ruby_package = "Google::Cloud::AppEngine::V1"; 26*d5c09012SAndroid Build Coastguard Worker 27*d5c09012SAndroid Build Coastguard Worker// A single firewall rule that is evaluated against incoming traffic 28*d5c09012SAndroid Build Coastguard Worker// and provides an action to take on matched requests. 29*d5c09012SAndroid Build Coastguard Workermessage FirewallRule { 30*d5c09012SAndroid Build Coastguard Worker // Available actions to take on matching requests. 31*d5c09012SAndroid Build Coastguard Worker enum Action { 32*d5c09012SAndroid Build Coastguard Worker UNSPECIFIED_ACTION = 0; 33*d5c09012SAndroid Build Coastguard Worker 34*d5c09012SAndroid Build Coastguard Worker // Matching requests are allowed. 35*d5c09012SAndroid Build Coastguard Worker ALLOW = 1; 36*d5c09012SAndroid Build Coastguard Worker 37*d5c09012SAndroid Build Coastguard Worker // Matching requests are denied. 38*d5c09012SAndroid Build Coastguard Worker DENY = 2; 39*d5c09012SAndroid Build Coastguard Worker } 40*d5c09012SAndroid Build Coastguard Worker 41*d5c09012SAndroid Build Coastguard Worker // A positive integer between [1, Int32.MaxValue-1] that defines the order of 42*d5c09012SAndroid Build Coastguard Worker // rule evaluation. Rules with the lowest priority are evaluated first. 43*d5c09012SAndroid Build Coastguard Worker // 44*d5c09012SAndroid Build Coastguard Worker // A default rule at priority Int32.MaxValue matches all IPv4 and IPv6 traffic 45*d5c09012SAndroid Build Coastguard Worker // when no previous rule matches. Only the action of this rule can be modified 46*d5c09012SAndroid Build Coastguard Worker // by the user. 47*d5c09012SAndroid Build Coastguard Worker int32 priority = 1; 48*d5c09012SAndroid Build Coastguard Worker 49*d5c09012SAndroid Build Coastguard Worker // The action to take on matched requests. 50*d5c09012SAndroid Build Coastguard Worker Action action = 2; 51*d5c09012SAndroid Build Coastguard Worker 52*d5c09012SAndroid Build Coastguard Worker // IP address or range, defined using CIDR notation, of requests that this 53*d5c09012SAndroid Build Coastguard Worker // rule applies to. You can use the wildcard character "*" to match all IPs 54*d5c09012SAndroid Build Coastguard Worker // equivalent to "0/0" and "::/0" together. 55*d5c09012SAndroid Build Coastguard Worker // Examples: `192.168.1.1` or `192.168.0.0/16` or `2001:db8::/32` 56*d5c09012SAndroid Build Coastguard Worker // or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. 57*d5c09012SAndroid Build Coastguard Worker // 58*d5c09012SAndroid Build Coastguard Worker // 59*d5c09012SAndroid Build Coastguard Worker // <p>Truncation will be silently performed on addresses which are not 60*d5c09012SAndroid Build Coastguard Worker // properly truncated. For example, `1.2.3.4/24` is accepted as the same 61*d5c09012SAndroid Build Coastguard Worker // address as `1.2.3.0/24`. Similarly, for IPv6, `2001:db8::1/32` is accepted 62*d5c09012SAndroid Build Coastguard Worker // as the same address as `2001:db8::/32`. 63*d5c09012SAndroid Build Coastguard Worker string source_range = 3; 64*d5c09012SAndroid Build Coastguard Worker 65*d5c09012SAndroid Build Coastguard Worker // An optional string description of this rule. 66*d5c09012SAndroid Build Coastguard Worker // This field has a maximum length of 100 characters. 67*d5c09012SAndroid Build Coastguard Worker string description = 4; 68*d5c09012SAndroid Build Coastguard Worker} 69