UpCloudLtd
diff --git a/‎README.md‎
Lines changed: 2 additions & 0 deletions b/‎README.md‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎docs/Firewall.md‎
Lines changed: 117 additions & 0 deletions b/‎docs/Firewall.md‎
Lines changed: 117 additions & 0 deletions
diff --git a/‎mkdocs.yml‎
Lines changed: 1 addition & 0 deletions b/‎mkdocs.yml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎test/conftest.py‎
Lines changed: 9 additions & 7 deletions b/‎test/conftest.py‎
Lines changed: 9 additions & 7 deletions
diff --git a/‎test/json_data/firewall_rule.json‎
Lines changed: 17 additions & 0 deletions b/‎test/json_data/firewall_rule.json‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎test/json_data/firewall_rules.json‎
Lines changed: 86 additions & 0 deletions b/‎test/json_data/firewall_rules.json‎
Lines changed: 86 additions & 0 deletions
@@ -172,6 +172,8 @@ To test against python3.2=< and pypy3-2.4.0, run:
 tox
 ``` 
 
+The project also supplies a small test suite to test against the live API at `test/live_test.py`. This suite is NOT run with `py.test` as it will permanently remove all resources related to an account. It should only be run with a throwaway dev-only account when preparing for a new release. It is not shipped with PyPI releases. See source code on how to run the live tests.
+
 ## Bugs, Issues, Problems, Ideas
 
 Feel free to open a new issue : )
 
@@ -0,0 +1,117 @@
+The code examples use the following:
+
+```python
+import upcloud
+from upcloud import FirewallRule
+
+manager = upcloud.CloudManager("username", "password")
+```
+
+# About
+
+Firewall is configured with FirewallRule objects that are specific to each server.
+Please note that a servers firewall rules are ignored if firewall is turned off
+(see [Server](/server) and [API documentation](https://www.upcloud.com/api/7-servers/#modify-server)).
+
+If a server is removed, its firewall and thus its firewall rules are removed too.
+
+Please refer to the [API documentation](https://www.upcloud.com/api/10-firewall/#create-firewall-rule)
+for more info on the attributes of FirewallRule.
+
+## List / Get
+
+```python
+server = manager.get_servers()[0]
+
+# all firewall rules
+firewall_rules = server.get_firewall_rules()
+```
+
+## Create
+
+```python
+server = manager.get_servers()[0]
+
+rule = server.add_firewall_rule(
+    FirewallRule(
+        position = "1",
+        direction = "in",
+        family = "IPv4",
+        protocol = "tcp",
+        source_address_start = "192.168.1.1",
+        source_address_end = "192.168.1.255",
+        destination_port_start = "22",
+        destination_port_end = "22",
+        action = "accept"
+    )
+)
+```
+
+### Configure Firewall
+
+Server provides a helper function to add several firewall rules in series.
+Please note that the function does not know about pre-existing rules
+(UpCloud servers are created without any firewall rules by default).
+
+```python
+server = manager.get_servers()[0]
+
+rules = server.configure_firewall(
+    [
+        FirewallRule(
+            position = "1",
+            direction = "in",
+            family = "IPv4",
+            protocol = "tcp",
+            source_address_start = "192.168.1.1",
+            source_address_end = "192.168.1.255",
+            destination_port_start = "22",
+            destination_port_end = "22",
+            action = "accept"
+        ),
+        FirewallRule(
+            position = "2",
+            direction = "in",
+            family = "IPv4",
+            protocol = "tcp",
+            source_address_start = "192.168.1.1",
+            source_address_end = "192.168.1.255",
+            destination_port_start = "21",
+            destination_port_end = "21",
+            action = "accept"
+        )
+    ]
+)
+```
+
+## Destroy
+
+```python
+server = manager.get_servers()[0]
+server.get_firewall_rules()[0].destroy()
+```
+
+### Destroying all firewall rules
+
+Due to how the API handles positions, the following will NOT work:
+
+```python
+# does NOT work
+for rule in server.get_firewall_rules():
+    rule.destroy()
+```
+
+This is because rules are based on position and the positions are always so
+that they start from 1 and are increment by one for each consecutive rule.
+
+A better approach would be to use CloudManager/FirewallManager directly
+(CloudManager and its mixins provide API functionality to Server, Storage, FirewallRule, etc. objects)
+
+```python
+for rule in server.get_firewall_rules():
+    manager.delete_firewall_rule(server.uuid, 1)
+```
+
+
+
+
@@ -6,6 +6,7 @@ pages:
 - [Server.md, Usage, Server]
 - [Storage.md, Usage, Storage]
 - [IP-address.md, Usage, IP-address]
+- [Firewall.md, Usage, Firewall]
 - [CloudManager.md, CloudManager API, General Info]
 - [server-mixin.md, CloudManager API, Server Manager]
 - [storage-mixin.md, CloudManager API, Storage Manager]
 
@@ -11,20 +11,23 @@ def manager():
 
 
 class Mock():
-	base_url = 'https://api.upcloud.com/1.1'
+	base_url = 'https://api.upcloud.com/1.2'
 
 	@staticmethod
 	def read_from_file(filename):
-		
+
 		filename = filename.replace("/", "_")
 
 		cwd = os.path.dirname(__file__)
 		f = open(cwd + '/json_data/'+filename, 'r')
 		return f.read()
 
 	@staticmethod
-	def mock_get(target):
-		data = Mock.read_from_file(target + '.json')
+	def mock_get(target, response_file=None):
+		if not response_file:
+			response_file = target + '.json'
+
+		data = Mock.read_from_file(response_file)
 		responses.add(responses.GET, Mock.base_url + '/' + target,
 						body=data,
 						status=200,
@@ -35,11 +38,10 @@ def mock_get(target):
 	def __put_post_callback(request, target, data):
 		data_field = target.split("/")[0]
 		payload = json.loads(request.body)
-		
+
 		for field in data[data_field]:
 			if field in payload[data_field]:
 				data[data_field][field] = payload[data_field][field]
-		print(data)
 		return(200, {}, json.dumps(data))
 
 	@staticmethod
@@ -76,7 +78,7 @@ def mock_server_operation(target):
 		targetfile = "/".join( targetsplit[:2] )
 
 		data = json.loads( Mock.read_from_file(targetfile + '.json') )
-		
+
 		# API will always respond state: "started", see: Server.stop, Server.start, Server,restart
 		data["server"]["state"] = "started"
 
 
@@ -0,0 +1,17 @@
+{
+    "firewall_rule" : {
+        "protocol" : "tcp",
+        "destination_port_end" : "22",
+        "source_address_start" : "192.168.1.0",
+        "source_address_end" : "192.168.1.255",
+        "position" : "1",
+        "source_port_end" : "",
+        "source_port_start" : "",
+        "destination_address_start" : "",
+        "direction" : "in",
+        "action" : "accept",
+        "icmp_type" : "",
+        "destination_port_start" : "22",
+        "destination_address_end" : ""
+    }
+}
@@ -0,0 +1,86 @@
+{
+    "firewall_rules": {
+        "firewall_rule" : [
+            {
+                "action" : "accept",
+                "destination_address_end" : "",
+                "destination_address_start" : "",
+                "destination_port_end" : "80",
+                "destination_port_start" : "80",
+                "direction" : "in",
+                "family" : "IPv4",
+                "icmp_type" : "",
+                "position" : "1",
+                "protocol" : "",
+                "source_address_end" : "",
+                "source_address_start" : "",
+                "source_port_end" : "",
+                "source_port_start" : ""
+            },
+            {
+                "action" : "accept",
+                "destination_address_end" : "",
+                "destination_address_start" : "",
+                "destination_port_end" : "22",
+                "destination_port_start" : "22",
+                "direction" : "in",
+                "family" : "IPv4",
+                "icmp_type" : "",
+                "position" : "2",
+                "protocol" : "tcp",
+                "source_address_end" : "192.168.1.255",
+                "source_address_start" : "192.168.1.1",
+                "source_port_end" : "",
+                "source_port_start" : ""
+            },
+            {
+                "action" : "accept",
+                "destination_address_end" : "",
+                "destination_address_start" : "",
+                "destination_port_end" : "22",
+                "destination_port_start" : "22",
+                "direction" : "in",
+                "family" : "IPv6",
+                "icmp_type" : "",
+                "position" : "3",
+                "protocol" : "tcp",
+                "source_address_end" : "2a04:3540:1000:aaaa:bbbb:cccc:d001",
+                "source_address_start" : "2a04:3540:1000:aaaa:bbbb:cccc:d001",
+                "source_port_end" : "",
+                "source_port_start" : ""
+            },
+            {
+                "action" : "accept",
+                "destination_address_end" : "",
+                "destination_address_start" : "",
+                "destination_port_end" : "",
+                "destination_port_start" : "",
+                "direction" : "in",
+                "family" : "IPv4",
+                "icmp_type" : "8",
+                "position" : "4",
+                "protocol" : "icmp",
+                "source_address_end" : "",
+                "source_address_start" : "",
+                "source_port_end" : "",
+                "source_port_start" : ""
+            },
+            {
+                "action" : "drop",
+                "destination_address_end" : "",
+                "destination_address_start" : "",
+                "destination_port_end" : "",
+                "destination_port_start" : "",
+                "direction" : "in",
+                "family" : "",
+                "icmp_type" : "",
+                "position" : "5",
+                "protocol" : "",
+                "source_address_end" : "",
+                "source_address_start" : "",
+                "source_port_end" : "",
+                "source_port_start" : ""
+            }
+        ]
+    }
+}