49 lines
951 B
Go
49 lines
951 B
Go
package policy
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"net"
|
|
)
|
|
|
|
func parseCIDROrIP(value string) (net.IPNet, error) {
|
|
_, ipNet, err := net.ParseCIDR(value)
|
|
if err != nil {
|
|
ip := net.ParseIP(value)
|
|
if ip == nil {
|
|
return net.IPNet{}, fmt.Errorf("failed to parse CIDR: %s", err)
|
|
}
|
|
|
|
if ip4 := ip.To4(); ip4 != nil {
|
|
return net.IPNet{
|
|
IP: ip4,
|
|
// single ip
|
|
Mask: net.CIDRMask(len(ip4)*8, len(ip4)*8),
|
|
}, nil
|
|
}
|
|
return net.IPNet{
|
|
IP: ip,
|
|
// single ip
|
|
Mask: net.CIDRMask(len(ip)*8, len(ip)*8),
|
|
}, nil
|
|
} else if ipNet != nil {
|
|
return *ipNet, nil
|
|
} else {
|
|
return net.IPNet{}, errors.New("invalid CIDR")
|
|
}
|
|
}
|
|
|
|
type Policy struct {
|
|
|
|
// Networks map of networks and prefixes to be loaded
|
|
Networks map[string][]Network `yaml:"networks"`
|
|
|
|
Conditions map[string][]string `yaml:"conditions"`
|
|
|
|
Challenges map[string]Challenge `yaml:"challenges"`
|
|
|
|
Rules []Rule `yaml:"rules"`
|
|
|
|
Backends map[string]string `json:"backends"`
|
|
}
|