diff --git a/examples/resources/routeros_interface_bridge_settings/import.sh b/examples/resources/routeros_interface_bridge_settings/import.sh new file mode 100644 index 00000000..1a0673ba --- /dev/null +++ b/examples/resources/routeros_interface_bridge_settings/import.sh @@ -0,0 +1 @@ +terraform import routeros_interface_bridge_settings.settings . diff --git a/examples/resources/routeros_interface_bridge_settings/resource.tf b/examples/resources/routeros_interface_bridge_settings/resource.tf new file mode 100644 index 00000000..7ba51adc --- /dev/null +++ b/examples/resources/routeros_interface_bridge_settings/resource.tf @@ -0,0 +1,3 @@ +resource "routeros_interface_bridge_settings" "settings" { + use_ip_firewall = true +} diff --git a/routeros/provider.go b/routeros/provider.go index 6e921d2a..43159d64 100644 --- a/routeros/provider.go +++ b/routeros/provider.go @@ -95,19 +95,20 @@ func Provider() *schema.Provider { "routeros_dns_record": ResourceDnsRecord(), // Interface Objects - "routeros_interface_bridge": ResourceInterfaceBridge(), - "routeros_interface_bridge_port": ResourceInterfaceBridgePort(), - "routeros_interface_bridge_vlan": ResourceInterfaceBridgeVlan(), - "routeros_interface_gre": ResourceInterfaceGre(), - "routeros_interface_vlan": ResourceInterfaceVlan(), - "routeros_interface_vrrp": ResourceInterfaceVrrp(), - "routeros_interface_wireguard": ResourceInterfaceWireguard(), - "routeros_interface_wireguard_peer": ResourceInterfaceWireguardPeer(), - "routeros_interface_list": ResourceInterfaceList(), - "routeros_interface_list_member": ResourceInterfaceListMember(), - "routeros_interface_ovpn_server": ResourceInterfaceOpenVPNServer(), - "routeros_interface_veth": ResourceInterfaceVeth(), - "routeros_interface_bonding": ResourceInterfaceBonding(), + "routeros_interface_bridge": ResourceInterfaceBridge(), + "routeros_interface_bridge_port": ResourceInterfaceBridgePort(), + "routeros_interface_bridge_vlan": ResourceInterfaceBridgeVlan(), + "routeros_interface_bridge_settings": ResourceInterfaceBridgeSettings(), + "routeros_interface_gre": ResourceInterfaceGre(), + "routeros_interface_vlan": ResourceInterfaceVlan(), + "routeros_interface_vrrp": ResourceInterfaceVrrp(), + "routeros_interface_wireguard": ResourceInterfaceWireguard(), + "routeros_interface_wireguard_peer": ResourceInterfaceWireguardPeer(), + "routeros_interface_list": ResourceInterfaceList(), + "routeros_interface_list_member": ResourceInterfaceListMember(), + "routeros_interface_ovpn_server": ResourceInterfaceOpenVPNServer(), + "routeros_interface_veth": ResourceInterfaceVeth(), + "routeros_interface_bonding": ResourceInterfaceBonding(), // Aliases for interface objects to retain compatibility between original and fork "routeros_bridge": ResourceInterfaceBridge(), diff --git a/routeros/resource_interface_bridge_settings.go b/routeros/resource_interface_bridge_settings.go new file mode 100644 index 00000000..e74059f3 --- /dev/null +++ b/routeros/resource_interface_bridge_settings.go @@ -0,0 +1,99 @@ +package routeros + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +/* + { + "allow-fast-path": "true", + "bridge-fast-forward-bytes": "0", + "bridge-fast-forward-packets": "0", + "bridge-fast-path-active": "true", + "bridge-fast-path-bytes": "0", + "bridge-fast-path-packets": "0", + "use-ip-firewall": "false", + "use-ip-firewall-for-pppoe": "false", + "use-ip-firewall-for-vlan": "false" + } +*/ + +// https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_Settings +func ResourceInterfaceBridgeSettings() *schema.Resource { + resSchema := map[string]*schema.Schema{ + MetaResourcePath: PropResourcePath("/interface/bridge/settings"), + MetaId: PropId(Name), + + "use_ip_firewall": { + Type: schema.TypeBool, + Optional: true, + Default: false, + Description: "Force bridged traffic to also be processed by prerouting, forward and postrouting sections " + + "of IP routing ( Packet Flow). This does not apply to routed traffic. This property is required in " + + "case you want to assign Simple Queues or global Queue Tree to traffic in a bridge. Property " + + "use-ip-firewall-for-vlan is required in case bridge vlan-filtering is used.", + }, + "use_ip_firewall_for_pppoe": { + Type: schema.TypeBool, + Optional: true, + Default: false, + Description: "Send bridged un-encrypted PPPoE traffic to also be processed by IP/Firewall. This " + + "property only has effect when use-ip-firewall is set to yes. This property is required " + + "in case you want to assign Simple Queues or global Queue Tree to PPPoE traffic in a " + + "bridge.", + }, + "use_ip_firewall_for_vlan": { + Type: schema.TypeBool, + Optional: true, + Default: false, + Description: "Send bridged VLAN traffic to also be processed by IP/Firewall. This property only has " + + "effect when use-ip-firewall is set to yes. This property is required in case you want " + + "to assign Simple Queues or global Queue Tree to VLAN traffic in a bridge.", + }, + "allow_fast_path": { + Type: schema.TypeBool, + Optional: true, + Default: true, + Description: "Whether to enable a bridge FastPath globally.", + }, + "bridge_fast_path_active": { + Type: schema.TypeBool, + Computed: true, + Description: "Shows whether a bridge FastPath is active globally, FastPatch status per bridge " + + "interface is not displayed.", + }, + "bridge_fast_path_packets": { + Type: schema.TypeInt, + Computed: true, + Description: "Shows packet count forwarded by Bridge FastPath.", + }, + "bridge_fast_path_bytes": { + Type: schema.TypeInt, + Computed: true, + Description: "Shows byte count forwarded by Bridge Fast Path.", + }, + "bridge_fast_forward_packets": { + Type: schema.TypeInt, + Computed: true, + Description: "Shows packet count forwarded by Bridge Fast Forward.", + }, + "bridge_fast_forward_bytes": { + Type: schema.TypeInt, + Computed: true, + Description: "Shows byte count forwarded by Bridge Fast Forward.", + }, + } + + return &schema.Resource{ + CreateContext: DefaultSystemCreate(resSchema), + ReadContext: DefaultSystemRead(resSchema), + UpdateContext: DefaultSystemUpdate(resSchema), + DeleteContext: DefaultSystemDelete(resSchema), + + Importer: &schema.ResourceImporter{ + StateContext: schema.ImportStatePassthroughContext, + }, + + Schema: resSchema, + } +} diff --git a/routeros/resource_interface_bridge_settings_test.go b/routeros/resource_interface_bridge_settings_test.go new file mode 100644 index 00000000..63d9980b --- /dev/null +++ b/routeros/resource_interface_bridge_settings_test.go @@ -0,0 +1,65 @@ +package routeros + +import ( + "fmt" + "strings" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/terraform" +) + +const testInterfaceBridgeSettingsAddress = "routeros_interface_bridge_settings.test" + +func TestAccInterfaceBridgeSettingsTest_basic(t *testing.T) { + for _, name := range testNames { + t.Run(name, func(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + testSetTransportEnv(t, name) + }, + ProviderFactories: testAccProviderFactories, + Steps: []resource.TestStep{ + { + Config: testAccInterfaceBridgeSettingsConfig(name), + Check: resource.ComposeTestCheckFunc( + testAccCheckInterfaceBridgeSettingsExists(testInterfaceBridgeSettingsAddress), + resource.TestCheckResourceAttr(testInterfaceBridgeSettingsAddress, "id", "interface.bridge.settings"), + ), + }, + }, + }) + }) + } +} + +func testAccCheckInterfaceBridgeSettingsExists(name string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("not found: %s", name) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no id is set") + } + + return nil + } +} + +func testAccInterfaceBridgeSettingsConfig(testName string) string { + if strings.Contains(testName, "API") { + return providerConfig + ` +resource "routeros_interface_bridge_settings" "test" { + use_ip_firewall = true +} +` + } + return providerConfig + ` +resource "routeros_interface_bridge_settings" "test" { + use_ip_firewall = false +} + ` +}