Class: Aws::NetworkFirewall::Types::MatchAttributes

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb

Overview

Note:

When making an API call, you may pass MatchAttributes data as a hash:

{
  sources: [
    {
      address_definition: "AddressDefinition", # required
    },
  ],
  destinations: [
    {
      address_definition: "AddressDefinition", # required
    },
  ],
  source_ports: [
    {
      from_port: 1, # required
      to_port: 1, # required
    },
  ],
  destination_ports: [
    {
      from_port: 1, # required
      to_port: 1, # required
    },
  ],
  protocols: [1],
  tcp_flags: [
    {
      flags: ["FIN"], # required, accepts FIN, SYN, RST, PSH, ACK, URG, ECE, CWR
      masks: ["FIN"], # accepts FIN, SYN, RST, PSH, ACK, URG, ECE, CWR
    },
  ],
}

Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#destination_portsArray<Types::PortRange>

The destination ports to inspect for. If not specified, this matches with any destination port. This setting is only used for protocols 6 (TCP) and 17 (UDP).

You can specify individual ports, for example 1994 and you can specify port ranges, for example 1990:1994.

Returns:



2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 2930

class MatchAttributes < Struct.new(
  :sources,
  :destinations,
  :source_ports,
  :destination_ports,
  :protocols,
  :tcp_flags)
  SENSITIVE = []
  include Aws::Structure
end

#destinationsArray<Types::Address>

The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.

Returns:



2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 2930

class MatchAttributes < Struct.new(
  :sources,
  :destinations,
  :source_ports,
  :destination_ports,
  :protocols,
  :tcp_flags)
  SENSITIVE = []
  include Aws::Structure
end

#protocolsArray<Integer>

The protocols to inspect for, specified using each protocol's assigned internet protocol number (IANA). If not specified, this matches with any protocol.

Returns:

  • (Array<Integer>)


2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 2930

class MatchAttributes < Struct.new(
  :sources,
  :destinations,
  :source_ports,
  :destination_ports,
  :protocols,
  :tcp_flags)
  SENSITIVE = []
  include Aws::Structure
end

#source_portsArray<Types::PortRange>

The source ports to inspect for. If not specified, this matches with any source port. This setting is only used for protocols 6 (TCP) and 17 (UDP).

You can specify individual ports, for example 1994 and you can specify port ranges, for example 1990:1994.

Returns:



2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 2930

class MatchAttributes < Struct.new(
  :sources,
  :destinations,
  :source_ports,
  :destination_ports,
  :protocols,
  :tcp_flags)
  SENSITIVE = []
  include Aws::Structure
end

#sourcesArray<Types::Address>

The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.

Returns:



2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 2930

class MatchAttributes < Struct.new(
  :sources,
  :destinations,
  :source_ports,
  :destination_ports,
  :protocols,
  :tcp_flags)
  SENSITIVE = []
  include Aws::Structure
end

#tcp_flagsArray<Types::TCPFlagField>

The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).

Returns:



2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 2930

class MatchAttributes < Struct.new(
  :sources,
  :destinations,
  :source_ports,
  :destination_ports,
  :protocols,
  :tcp_flags)
  SENSITIVE = []
  include Aws::Structure
end