1// Copyright 2021 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.appengine.v1beta; 18 19 20option csharp_namespace = "Google.Cloud.AppEngine.V1Beta"; 21option go_package = "google.golang.org/genproto/googleapis/appengine/v1beta;appengine"; 22option java_multiple_files = true; 23option java_outer_classname = "FirewallProto"; 24option java_package = "com.google.appengine.v1beta.firewall"; 25option php_namespace = "Google\\Cloud\\AppEngine\\V1beta"; 26option ruby_package = "Google::Cloud::AppEngine::V1beta"; 27 28// A single firewall rule that is evaluated against incoming traffic 29// and provides an action to take on matched requests. 30message FirewallRule { 31 // Available actions to take on matching requests. 32 enum Action { 33 UNSPECIFIED_ACTION = 0; 34 35 // Matching requests are allowed. 36 ALLOW = 1; 37 38 // Matching requests are denied. 39 DENY = 2; 40 } 41 42 // A positive integer between [1, Int32.MaxValue-1] that defines the order of 43 // rule evaluation. Rules with the lowest priority are evaluated first. 44 // 45 // A default rule at priority Int32.MaxValue matches all IPv4 and IPv6 traffic 46 // when no previous rule matches. Only the action of this rule can be modified 47 // by the user. 48 int32 priority = 1; 49 50 // The action to take on matched requests. 51 Action action = 2; 52 53 // IP address or range, defined using CIDR notation, of requests that this 54 // rule applies to. You can use the wildcard character "*" to match all IPs 55 // equivalent to "0/0" and "::/0" together. 56 // Examples: `192.168.1.1` or `192.168.0.0/16` or `2001:db8::/32` 57 // or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. 58 // 59 // 60 // <p>Truncation will be silently performed on addresses which are not 61 // properly truncated. For example, `1.2.3.4/24` is accepted as the same 62 // address as `1.2.3.0/24`. Similarly, for IPv6, `2001:db8::1/32` is accepted 63 // as the same address as `2001:db8::/32`. 64 string source_range = 3; 65 66 // An optional string description of this rule. 67 // This field has a maximum length of 100 characters. 68 string description = 4; 69} 70