{
  "name": "FirewallRule",
  "type": "object",
  "properties": {
    "name": {
      "type": "string",
      "title": "Rule Name"
    },
    "direction": {
      "type": "string",
      "enum": [
        "inbound",
        "outbound",
        "both"
      ],
      "title": "Direction"
    },
    "action": {
      "type": "string",
      "enum": [
        "allow",
        "deny",
        "rate_limit",
        "log"
      ],
      "title": "Action"
    },
    "protocol": {
      "type": "string",
      "enum": [
        "tcp",
        "udp",
        "icmp",
        "any"
      ],
      "title": "Protocol"
    },
    "source_ip": {
      "type": "string",
      "title": "Source IP / CIDR"
    },
    "destination_ip": {
      "type": "string",
      "title": "Destination IP / CIDR"
    },
    "port_range": {
      "type": "string",
      "title": "Port Range"
    },
    "priority": {
      "type": "number",
      "title": "Priority"
    },
    "enabled": {
      "type": "boolean",
      "title": "Enabled"
    },
    "applies_to": {
      "type": "string",
      "enum": [
        "all_nodes",
        "all_vms",
        "specific_node",
        "specific_vm"
      ],
      "title": "Applies To"
    },
    "target_id": {
      "type": "string",
      "title": "Target Node/VM ID"
    },
    "hit_count": {
      "type": "number",
      "title": "Hit Count"
    },
    "description": {
      "type": "string",
      "title": "Description"
    }
  },
  "required": [
    "name",
    "direction",
    "action",
    "protocol",
    "enabled"
  ]
}