class Aws::NetworkFirewall::Types::Header
The 5-tuple criteria for AWS Network Firewall
to use to inspect packet headers in stateful traffic flow inspection. Traffic flows that match the criteria are a match for the corresponding StatefulRule
.
@note When making an API call, you may pass Header
data as a hash: { protocol: "IP", # required, accepts IP, TCP, UDP, ICMP, HTTP, FTP, TLS, SMB, DNS, DCERPC, SSH, SMTP, IMAP, MSN, KRB5, IKEV2, TFTP, NTP, DHCP source: "Source", # required source_port: "Port", # required direction: "FORWARD", # required, accepts FORWARD, ANY destination: "Destination", # required destination_port: "Port", # required }
@!attribute [rw] protocol
The protocol to inspect for. To specify all, you can use `IP`, because all traffic on AWS and on the internet is IP. @return [String]
@!attribute [rw] source
The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY`. Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4. Examples: * To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32`. * To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24`. For more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing][1]. [1]: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing @return [String]
@!attribute [rw] source_port
The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990-1994`. To match with any port, specify `ANY`. @return [String]
@!attribute [rw] direction
The direction of traffic flow to inspect. If set to `ANY`, the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD`, the inspection only matches traffic going from the source to the destination. @return [String]
@!attribute [rw] destination
The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY`. Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4. Examples: * To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32`. * To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24`. For more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing][1]. [1]: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing @return [String]
@!attribute [rw] destination_port
The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990-1994`. To match with any port, specify `ANY`. @return [String]
@see docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/Header AWS API Documentation
Constants
- SENSITIVE