feat(fw): Models + Repos für Firewall-v2 (6 Entities)
Models (internal/models/): * FirewallAddressObject (host|network|range|fqdn) * FirewallAddressGroup mit MemberIDs gorm:"-"-Slice * FirewallService (proto+ports, builtin-Flag) * FirewallServiceGroup mit MemberIDs * FirewallRule (v2-Shape, src/dst nullable refs, exactly-one-of-Validation in Handler-Layer) * FirewallNATRule (kind=dnat|snat|masquerade, alle nullable) Repos (internal/services/firewall/, ein Paket): * AddressObjectsRepo, AddressGroupsRepo (mit Members-Junction-Ops) * ServicesRepo (refused Update/Delete für builtin=TRUE Rows), ServiceGroupsRepo * RulesRepo, NATRulesRepo Jeweils Standard-CRUD; Group-Repos handhaben Members atomic in einer TX (Update ersetzt komplette Membership). Handler + Renderer-Rewrite + Frontend folgen in den nächsten Commits. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Debian
7
internal/services/firewall/doc.go
Normal file
7
internal/services/firewall/doc.go
Normal file
@@ -0,0 +1,7 @@
|
||||
// Package firewall holds the v2 (Fortigate-style) firewall data
|
||||
// repos: address objects + groups, services + groups, policy rules,
|
||||
// and NAT rules. Each entity has its own *.go file; the public
|
||||
// surface is one Repo per entity, all sharing the same *pgxpool.Pool.
|
||||
//
|
||||
// Render-Logik (Joins zu nftables) wohnt in internal/firewall/.
|
||||
package firewall
|
||||
Reference in New Issue
Block a user