From 74c1746ff5bc5aa06e6d195e0b663332a674e28f Mon Sep 17 00:00:00 2001 From: shadyeip Date: Thu, 5 Feb 2026 13:26:28 -0500 Subject: [PATCH] feat: add network_ids support to FirewallZonePolicyDestination - Add NetworkIDs and MatchOppositeNetworks fields to destination struct - Add NETWORK to MatchingTarget validation for destination - Update codegen schema to include destination network targeting - Add AggregateNumPorts to DevicePortOverrides (compatibility fix) This enables firewall zone policies to target specific destination networks, matching the existing source.network_ids functionality. Co-Authored-By: Claude Opus 4.5 --- codegen/v2/FirewallZonePolicy.json | 4 +++- unifi/device.generated.go | 1 + unifi/firewall_zone_policy.generated.go | 30 +++++++++++++------------ 3 files changed, 20 insertions(+), 15 deletions(-) diff --git a/codegen/v2/FirewallZonePolicy.json b/codegen/v2/FirewallZonePolicy.json index 9f59dfe..cf73d72 100644 --- a/codegen/v2/FirewallZonePolicy.json +++ b/codegen/v2/FirewallZonePolicy.json @@ -13,8 +13,10 @@ "ip_group_id": "", "ips": ["^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$|^$"], "match_opposite_ips": "true|false", + "match_opposite_networks": "true|false", "match_opposite_ports": "true|false", - "matching_target": "ANY|APP|APP_CATEGORY|IP|REGION|WEB", + "matching_target": "ANY|APP|APP_CATEGORY|IP|NETWORK|REGION|WEB", + "network_ids": [""], "matching_target_type": "ANY|OBJECT|SPECIFIC", "port": "^[0-9]+(?:-[0-9]+)?(?:,[0-9]+(?:-[0-9]+)?)*$", "port_group_id": "", diff --git a/unifi/device.generated.go b/unifi/device.generated.go index 18b4cf8..a85efab 100644 --- a/unifi/device.generated.go +++ b/unifi/device.generated.go @@ -308,6 +308,7 @@ func (dst *DeviceOutletOverrides) UnmarshalJSON(b []byte) error { type DevicePortOverrides struct { AggregateMembers []int `json:"aggregate_members,omitempty"` // [1-9]|[1-4][0-9]|5[0-6] + AggregateNumPorts int `json:"aggregate_num_ports,omitempty"` Autoneg bool `json:"autoneg,omitempty"` Dot1XCtrl string `json:"dot1x_ctrl,omitempty" validate:"omitempty,oneof=auto force_authorized force_unauthorized mac_based multi_host"` // auto|force_authorized|force_unauthorized|mac_based|multi_host Dot1XIDleTimeout int `json:"dot1x_idle_timeout,omitempty"` // [0-9]|[1-9][0-9]{1,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5] diff --git a/unifi/firewall_zone_policy.generated.go b/unifi/firewall_zone_policy.generated.go index ea3a3f6..f15a41a 100644 --- a/unifi/firewall_zone_policy.generated.go +++ b/unifi/firewall_zone_policy.generated.go @@ -65,20 +65,22 @@ func (dst *FirewallZonePolicy) UnmarshalJSON(b []byte) error { } type FirewallZonePolicyDestination struct { - AppCategoryIDs []string `json:"app_category_ids,omitempty"` - AppIDs []string `json:"app_ids,omitempty"` - IPGroupID string `json:"ip_group_id,omitempty"` - IPs []string `json:"ips,omitempty" validate:"omitempty,ipv4"` // ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$|^$ - MatchOppositeIPs bool `json:"match_opposite_ips"` - MatchOppositePorts bool `json:"match_opposite_ports"` - MatchingTarget string `json:"matching_target,omitempty" validate:"omitempty,oneof=ANY APP APP_CATEGORY IP REGION WEB"` // ANY|APP|APP_CATEGORY|IP|REGION|WEB - MatchingTargetType string `json:"matching_target_type,omitempty" validate:"omitempty,oneof=ANY OBJECT SPECIFIC"` // ANY|OBJECT|SPECIFIC - Port string `json:"port,omitempty"` // ^[0-9]+(?:-[0-9]+)?(?:,[0-9]+(?:-[0-9]+)?)*$ - PortGroupID string `json:"port_group_id,omitempty"` - PortMatchingType string `json:"port_matching_type,omitempty" validate:"omitempty,oneof=ANY SPECIFIC OBJECT"` // ANY|SPECIFIC|OBJECT - Regions []string `json:"regions,omitempty"` - WebDomains []string `json:"web_domains,omitempty"` - ZoneID string `json:"zone_id"` + AppCategoryIDs []string `json:"app_category_ids,omitempty"` + AppIDs []string `json:"app_ids,omitempty"` + IPGroupID string `json:"ip_group_id,omitempty"` + IPs []string `json:"ips,omitempty" validate:"omitempty,ipv4"` // ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$|^$ + MatchOppositeIPs bool `json:"match_opposite_ips"` + MatchOppositeNetworks bool `json:"match_opposite_networks"` + MatchOppositePorts bool `json:"match_opposite_ports"` + MatchingTarget string `json:"matching_target,omitempty" validate:"omitempty,oneof=ANY APP APP_CATEGORY IP NETWORK REGION WEB"` // ANY|APP|APP_CATEGORY|IP|NETWORK|REGION|WEB + MatchingTargetType string `json:"matching_target_type,omitempty" validate:"omitempty,oneof=ANY OBJECT SPECIFIC"` // ANY|OBJECT|SPECIFIC + NetworkIDs []string `json:"network_ids,omitempty"` + Port string `json:"port,omitempty"` // ^[0-9]+(?:-[0-9]+)?(?:,[0-9]+(?:-[0-9]+)?)*$ + PortGroupID string `json:"port_group_id,omitempty"` + PortMatchingType string `json:"port_matching_type,omitempty" validate:"omitempty,oneof=ANY SPECIFIC OBJECT"` // ANY|SPECIFIC|OBJECT + Regions []string `json:"regions,omitempty"` + WebDomains []string `json:"web_domains,omitempty"` + ZoneID string `json:"zone_id"` } func (dst *FirewallZonePolicyDestination) UnmarshalJSON(b []byte) error {