1*d5c09012SAndroid Build Coastguard Worker// Copyright 2021 Google LLC 2*d5c09012SAndroid Build Coastguard Worker// 3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*d5c09012SAndroid Build Coastguard Worker// 7*d5c09012SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*d5c09012SAndroid Build Coastguard Worker// 9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*d5c09012SAndroid Build Coastguard Worker// limitations under the License. 14*d5c09012SAndroid Build Coastguard Worker 15*d5c09012SAndroid Build Coastguard Workersyntax = "proto3"; 16*d5c09012SAndroid Build Coastguard Worker 17*d5c09012SAndroid Build Coastguard Workerpackage google.appengine.v1beta; 18*d5c09012SAndroid Build Coastguard Worker 19*d5c09012SAndroid Build Coastguard Worker 20*d5c09012SAndroid Build Coastguard Workeroption csharp_namespace = "Google.Cloud.AppEngine.V1Beta"; 21*d5c09012SAndroid Build Coastguard Workeroption go_package = "google.golang.org/genproto/googleapis/appengine/v1beta;appengine"; 22*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true; 23*d5c09012SAndroid Build Coastguard Workeroption java_outer_classname = "FirewallProto"; 24*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.appengine.v1beta.firewall"; 25*d5c09012SAndroid Build Coastguard Workeroption php_namespace = "Google\\Cloud\\AppEngine\\V1beta"; 26*d5c09012SAndroid Build Coastguard Workeroption ruby_package = "Google::Cloud::AppEngine::V1beta"; 27*d5c09012SAndroid Build Coastguard Worker 28*d5c09012SAndroid Build Coastguard Worker// A single firewall rule that is evaluated against incoming traffic 29*d5c09012SAndroid Build Coastguard Worker// and provides an action to take on matched requests. 30*d5c09012SAndroid Build Coastguard Workermessage FirewallRule { 31*d5c09012SAndroid Build Coastguard Worker // Available actions to take on matching requests. 32*d5c09012SAndroid Build Coastguard Worker enum Action { 33*d5c09012SAndroid Build Coastguard Worker UNSPECIFIED_ACTION = 0; 34*d5c09012SAndroid Build Coastguard Worker 35*d5c09012SAndroid Build Coastguard Worker // Matching requests are allowed. 36*d5c09012SAndroid Build Coastguard Worker ALLOW = 1; 37*d5c09012SAndroid Build Coastguard Worker 38*d5c09012SAndroid Build Coastguard Worker // Matching requests are denied. 39*d5c09012SAndroid Build Coastguard Worker DENY = 2; 40*d5c09012SAndroid Build Coastguard Worker } 41*d5c09012SAndroid Build Coastguard Worker 42*d5c09012SAndroid Build Coastguard Worker // A positive integer between [1, Int32.MaxValue-1] that defines the order of 43*d5c09012SAndroid Build Coastguard Worker // rule evaluation. Rules with the lowest priority are evaluated first. 44*d5c09012SAndroid Build Coastguard Worker // 45*d5c09012SAndroid Build Coastguard Worker // A default rule at priority Int32.MaxValue matches all IPv4 and IPv6 traffic 46*d5c09012SAndroid Build Coastguard Worker // when no previous rule matches. Only the action of this rule can be modified 47*d5c09012SAndroid Build Coastguard Worker // by the user. 48*d5c09012SAndroid Build Coastguard Worker int32 priority = 1; 49*d5c09012SAndroid Build Coastguard Worker 50*d5c09012SAndroid Build Coastguard Worker // The action to take on matched requests. 51*d5c09012SAndroid Build Coastguard Worker Action action = 2; 52*d5c09012SAndroid Build Coastguard Worker 53*d5c09012SAndroid Build Coastguard Worker // IP address or range, defined using CIDR notation, of requests that this 54*d5c09012SAndroid Build Coastguard Worker // rule applies to. You can use the wildcard character "*" to match all IPs 55*d5c09012SAndroid Build Coastguard Worker // equivalent to "0/0" and "::/0" together. 56*d5c09012SAndroid Build Coastguard Worker // Examples: `192.168.1.1` or `192.168.0.0/16` or `2001:db8::/32` 57*d5c09012SAndroid Build Coastguard Worker // or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. 58*d5c09012SAndroid Build Coastguard Worker // 59*d5c09012SAndroid Build Coastguard Worker // 60*d5c09012SAndroid Build Coastguard Worker // <p>Truncation will be silently performed on addresses which are not 61*d5c09012SAndroid Build Coastguard Worker // properly truncated. For example, `1.2.3.4/24` is accepted as the same 62*d5c09012SAndroid Build Coastguard Worker // address as `1.2.3.0/24`. Similarly, for IPv6, `2001:db8::1/32` is accepted 63*d5c09012SAndroid Build Coastguard Worker // as the same address as `2001:db8::/32`. 64*d5c09012SAndroid Build Coastguard Worker string source_range = 3; 65*d5c09012SAndroid Build Coastguard Worker 66*d5c09012SAndroid Build Coastguard Worker // An optional string description of this rule. 67*d5c09012SAndroid Build Coastguard Worker // This field has a maximum length of 100 characters. 68*d5c09012SAndroid Build Coastguard Worker string description = 4; 69*d5c09012SAndroid Build Coastguard Worker} 70