You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::NetworkFirewall::Types::Header
- Inherits:
-
Struct
- Object
- Struct
- Aws::NetworkFirewall::Types::Header
- Defined in:
- (unknown)
Overview
When passing Header as input to an Aws::Client method, you can use a vanilla Hash:
{
protocol: "IP", # required, accepts IP, TCP, UDP, ICMP, HTTP, FTP, TLS, SMB, DNS, DCERPC, SSH, SMTP, IMAP, MSN, KRB5, IKEV2, TFTP, NTP, DHCP
source: "Source", # required
source_port: "Port", # required
direction: "FORWARD", # required, accepts FORWARD, ANY
destination: "Destination", # required
destination_port: "Port", # required
}
The 5-tuple criteria for AWS Network Firewall to use to inspect packet headers in stateful traffic flow inspection. Traffic flows that match the criteria are a match for the corresponding StatefulRule.
Returned by:
Instance Attribute Summary collapse
-
#destination ⇒ String
The destination IP address or address range to inspect for, in CIDR notation.
-
#destination_port ⇒ String
The destination port to inspect for.
-
#direction ⇒ String
The direction of traffic flow to inspect.
-
#protocol ⇒ String
The protocol to inspect for.
-
#source ⇒ String
The source IP address or address range to inspect for, in CIDR notation.
-
#source_port ⇒ String
The source port to inspect for.
Instance Attribute Details
#destination ⇒ String
The destination IP address or address range to inspect for, in CIDR
notation. To match with any address, specify ANY
.
Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4.
Examples:
To configure Network Firewall to inspect for the IP address 192.0.2.44, specify
192.0.2.44/32
.To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify
192.0.2.0/24
.
For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
#destination_port ⇒ String
The destination port to inspect for. You can specify an individual port,
for example 1994
and you can specify a port range, for example
1990-1994
. To match with any port, specify ANY
.
#direction ⇒ String
The direction of traffic flow to inspect. If set to ANY
, the
inspection matches bidirectional traffic, both from the source to the
destination and from the destination to the source. If set to FORWARD
,
the inspection only matches traffic going from the source to the
destination.
Possible values:
- FORWARD
- ANY
#protocol ⇒ String
The protocol to inspect for. To match with any protocol, specify ANY
.
Possible values:
- IP
- TCP
- UDP
- ICMP
- HTTP
- FTP
- TLS
- SMB
- DNS
- DCERPC
- SSH
- SMTP
- IMAP
- MSN
- KRB5
- IKEV2
- TFTP
- NTP
- DHCP
#source ⇒ String
The source IP address or address range to inspect for, in CIDR notation.
To match with any address, specify ANY
.
Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4.
Examples:
To configure Network Firewall to inspect for the IP address 192.0.2.44, specify
192.0.2.44/32
.To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify
192.0.2.0/24
.
For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
#source_port ⇒ String
The source port to inspect for. You can specify an individual port, for
example 1994
and you can specify a port range, for example
1990-1994
. To match with any port, specify ANY
.