chore(release): 1.71.0

CHANGELOG.md

@@ -1,3 +1,13 @@
+## [1.71.0](https://github.com/terraform-routeros/terraform-provider-routeros/compare/v1.70.0...v1.71.0) (2024-12-02)
+
+### Features
+
+* Add interface bridge filter ([#608](https://github.com/terraform-routeros/terraform-provider-routeros/issues/608)) ([441f11c](https://github.com/terraform-routeros/terraform-provider-routeros/commit/441f11cc21f0637096f68bc1c22c90afb01dfb08))
+
+### Bug Fixes
+
+* routeros_ipv6_dhcp_client prefix_hint validation issue ([#611](https://github.com/terraform-routeros/terraform-provider-routeros/issues/611)) ([fb51382](https://github.com/terraform-routeros/terraform-provider-routeros/commit/fb51382092de81ad6846c980403a314cc479fbf7)), closes [#609](https://github.com/terraform-routeros/terraform-provider-routeros/issues/609)
+
 ## [1.70.0](https://github.com/terraform-routeros/terraform-provider-routeros/compare/v1.69.2...v1.70.0) (2024-11-24)
 
 ### Features

docs/data-sources/interface_bridge_filter.md

@@ -0,0 +1,37 @@
+# routeros_interface_bridge_filter (Data Source)
+
+
+## Example Usage
+```terraform
+data "routeros_ip_firewall_filter" "rules" {}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Optional
+
+- `filter` (Map of String) Additional request filtering options.
+
+### Read-Only
+
+- `filters` (List of Object) (see [below for nested schema](#nestedatt--filters))
+- `id` (String) The ID of this resource.
+
+<a id="nestedatt--filters"></a>
+### Nested Schema for `filters`
+
+Read-Only:
+
+- `action` (String)
+- `bytes` (Number)
+- `chain` (String)
+- `comment` (String)
+- `dynamic` (Boolean)
+- `id` (String)
+- `in_interface` (String)
+- `invalid` (Boolean)
+- `mac_protocol` (String)
+- `packets` (Number)
+
+

docs/resources/interface_bridge_filter.md

@@ -0,0 +1,136 @@
+# routeros_interface_bridge_filter (Resource)
+
+
+## Example Usage
+```terraform
+variable "bridge_filter_rule" {
+  type = list(object({
+    chain              = string
+    action             = string
+    connection_state   = optional(string)
+    in_interface_list  = optional(string, "all")
+    out_interface_list = optional(string)
+    src_address        = optional(string)
+    dst_address        = optional(string)
+    src_port           = optional(string)
+    dst_port           = optional(string)
+    jump_target        = optional(string)
+    protocol           = optional(string)
+    comment            = optional(string, "(terraform-defined)")
+    log                = optional(bool, false)
+    log_prefix         = optional(string, "")
+    disabled           = optional(bool, false)
+  }))
+
+  default = [
+    { "action" = "drop", "chain" = "forward", "comment" = "Drop data between bridge ports" },
+    { "action" = "drop", "chain" = "forward", "comment" = "Block VLAN encap", "log_prefix" = "Block VLAN encap", "mac_protocol" = "vlan" },
+    { "action" = "accept", "chain" = "forward", "comment" = "", "disabled" = "true", "dst_address" = "224.0.0.251/32", "ip_protocol" = "udp", "log_prefix" = "Allow bonjour", "mac_protocol" = "ip" },
+  ]
+}
+
+locals {
+  rule_map = { for idx, rule in var.bridge_filter_rule : format("%03d", idx) => rule }
+}
+
+resource "routeros_interface_bridge_filter" "rules" {
+  for_each          = local.rule_map
+  chain             = each.value.chain
+  action            = each.value.action
+  comment           = each.value.comment
+  log               = each.value.log
+  log_prefix        = each.value.log_prefix
+  disabled          = each.value.disabled
+  connection_state  = each.value.connection_state
+  in_interface_list = each.value.in_interface_list
+  dst_port          = each.value.dst_port
+  protocol          = each.value.protocol
+  src_address       = each.value.src_address
+  jump_target       = each.value.jump_target
+}
+
+resource "routeros_move_items" "bridge_filter_rules" {
+  #  resource_name = "routeros_interface_bridge_filter"
+  resource_path = "/interface/bridge/filter"
+  sequence      = [for i, _ in local.rule_map : routeros_interface_bridge_filter.rules[i].id]
+  depends_on    = [routeros_interface_bridge_filter.rules]
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `action` (String) Action to take if a packet is matched by the rule
+- `chain` (String) Specifies to which chain rule will be added. If the input does not match the name of an already defined chain, a new chain will be created.
+
+### Optional
+
+- `arp_dst_mac_address` (String) ARP destination MAC address
+- `arp_gratuitous` (Boolean) Matches ARP gratuitous packets.
+- `arp_hardware_type` (Number) ARP hardware type. This is normally Ethernet (Type 1).
+- `arp_opcode` (String) Action to take if a packet is matched by the rule
+- `arp_packet_type` (Number) ARP Packet Type
+- `arp_src_address` (String) ARP source IP address.
+- `arp_src_mac_address` (String) ARP source MAC address.
+- `comment` (String)
+- `disabled` (Boolean)
+- `dst_address` (String) Destination IP address (only if MAC protocol is set to IP).
+- `dst_mac_address` (String) Destination MAC address.
+- `dst_port` (String) List of destination port numbers or port number ranges.
+- `in_bridge` (String) Bridge interface through which the packet is coming in.
+- `in_bridge_list` (String) Set of bridge interfaces defined in interface list. Works the same as in-bridge.
+- `in_interface` (String) Physical interface (i.e., bridge port) through which the packet is coming in.
+- `in_interface_list` (String) Set of interfaces defined in interface list. Works the same as in-interface.
+- `ingress_priority` (Number) Integer. Matches the priority of an ingress packet. Priority may be derived from VLAN, WMM, DSCP,or MPLS EXP bit.
+- `ip_protocol` (String) IP protocol (only if MAC protocol is set to IPv4)
+- `jump_target` (String) Name of the target chain to jump to. Applicable only if action=jump.
+- `limit` (String) Matches packets up to a limited rate (packet rate or bit rate). A rule using this matcher will match until this limit is reached. Parameters are written in the following format: rate[/time],burst:mode.
+- `log` (Boolean) Add a message to the system log.
+- `log_prefix` (String) Adds specified text at the beginning of every log message. Applicable if action=log or log=yes configured.
+- `mac_protocol` (String) Ethernet payload type (MAC-level protocol). To match protocol type for VLAN encapsulated frames (0x8100 or 0x88a8), a vlan-encap property should be used.
+- `new_packet_mark` (String) Sets a new packet-mark value.
+- `new_priority` (Number) Sets a new priority for a packet. This can be the VLAN, WMM or MPLS EXP priority
+- `out_bridge` (String) Bridge interface through which the packet going out.
+- `out_bridge_list` (String) Set of bridge interfaces defined in interface list. Works the same as out-bridge.
+- `out_interface` (String) Interface the packet has entered the router.
+- `out_interface_list` (String) Set of interfaces defined in interface list. Works the same as out-interface.
+- `packet_mark` (String) Match packets with a certain packet mark.
+- `packet_type` (String) Match packets with a certain packet mark.
+- `place_before` (String) Before which position the rule will be inserted.  
+	> Please check the effect of this option, as it does not work as you think!  
+	> Best way to use in conjunction with a data source. See [example](../data-sources/firewall.md#example-usage).
+- `src_address` (String) Source port number or range (only for TCP or UDP protocols).
+- `src_mac_address` (String) Source MAC address.
+- `src_port` (String) List of source port numbers or port number ranges.
+- `stp_flags` (String) Match packets with a certain packet mark.
+- `stp_forward_delay` (Number) Forward delay timer.
+- `stp_hello_time` (Number) STP hello packets time.
+- `stp_max_age` (Number) Maximal STP message age.
+- `stp_port` (Number) STP port identifier.
+- `stp_root_address` (String) Root bridge MAC address
+- `stp_root_cost` (Number) Root bridge cost.
+- `stp_root_priority` (Number)
+- `stp_sender_address` (String) STP message sender MAC address.
+- `stp_sender_priority` (Number) STP sender priority.
+- `stp_type` (String) The BPDU type: config - configuration BPDU OR tcn - topology change notification
+- `tls_host` (String) Allows matching https traffic based on TLS SNI hostname. Accepts GLOB syntax for wildcard matching
+- `vlan_encap` (Number) Matches the MAC protocol type encapsulated in the VLAN frame.
+- `vlan_id` (Number) Matches the VLAN identifier field.
+- `vlan_priority` (Number) Matches the VLAN identifier field.
+
+### Read-Only
+
+- `dynamic` (Boolean) Configuration item created by software, not by management interface. It is not exported, and cannot be directly modified.
+- `id` (String) The ID of this resource.
+
+## Import
+Import is supported using the following syntax:
+```shell
+#The ID can be found via API or the terminal
+#The command for the terminal is -> :put [/interface/bridge/filter get [print show-ids]]
+terraform import routeros_interface_bridge_filter.rule "*0"
+#Or you can import a resource using one of its attributes
+terraform import routeros_interface_bridge_filter.rule "dst_address=224.0.0.251/32"
+```

package.json

@@ -1,6 +1,6 @@
 {
     "name": "terraform-provider-routeros",
-    "version": "1.70.0",
+    "version": "1.71.0",
     "repository": {
         "type": "git",
         "url": "https://github.com/terraform-routeros/terraform-provider-routeros"