Copyright	(c) 2013-2021 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None

Amazonka.NetworkFirewall.Types.MatchAttributes

Description

Synopsis

Documentation

data MatchAttributes Source #

Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.

See: newMatchAttributes smart constructor.

Constructors

MatchAttributes'

Fields

protocols :: Maybe [Natural]
The protocols to inspect for, specified using each protocol's assigned internet protocol number (IANA). If not specified, this matches with any protocol.
tCPFlags :: Maybe [TCPFlagField]
The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).
destinationPorts :: Maybe [PortRange]
The destination ports to inspect for. If not specified, this matches with any destination port. This setting is only used for protocols 6 (TCP) and 17 (UDP).
You can specify individual ports, for example 1994 and you can specify port ranges, for example 1990:1994.
sources :: Maybe [Address]
The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.
sourcePorts :: Maybe [PortRange]
The source ports to inspect for. If not specified, this matches with any source port. This setting is only used for protocols 6 (TCP) and 17 (UDP).
You can specify individual ports, for example 1994 and you can specify port ranges, for example 1990:1994.
destinations :: Maybe [Address]
The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.

Instances

Instances details

Eq MatchAttributes Source #
Instance details Defined in Amazonka.NetworkFirewall.Types.MatchAttributes Methods (==) :: MatchAttributes -> MatchAttributes -> Bool # (/=) :: MatchAttributes -> MatchAttributes -> Bool #
Read MatchAttributes Source #
Instance details Defined in Amazonka.NetworkFirewall.Types.MatchAttributes Methods readsPrec :: Int -> ReadS MatchAttributes # readList :: ReadS [MatchAttributes] # readPrec :: ReadPrec MatchAttributes # readListPrec :: ReadPrec [MatchAttributes] #
Show MatchAttributes Source #
Instance details Defined in Amazonka.NetworkFirewall.Types.MatchAttributes Methods showsPrec :: Int -> MatchAttributes -> ShowS # show :: MatchAttributes -> String # showList :: [MatchAttributes] -> ShowS #
Generic MatchAttributes Source #
Instance details Defined in Amazonka.NetworkFirewall.Types.MatchAttributes Associated Types type Rep MatchAttributes :: Type -> Type # Methods from :: MatchAttributes -> Rep MatchAttributes x # to :: Rep MatchAttributes x -> MatchAttributes #
NFData MatchAttributes Source #
Instance details Defined in Amazonka.NetworkFirewall.Types.MatchAttributes Methods rnf :: MatchAttributes -> () #
Hashable MatchAttributes Source #
Instance details Defined in Amazonka.NetworkFirewall.Types.MatchAttributes Methods hashWithSalt :: Int -> MatchAttributes -> Int # hash :: MatchAttributes -> Int #
ToJSON MatchAttributes Source #
Instance details Defined in Amazonka.NetworkFirewall.Types.MatchAttributes Methods toJSON :: MatchAttributes -> Value # toEncoding :: MatchAttributes -> Encoding # toJSONList :: [MatchAttributes] -> Value # toEncodingList :: [MatchAttributes] -> Encoding #
FromJSON MatchAttributes Source #
Instance details Defined in Amazonka.NetworkFirewall.Types.MatchAttributes Methods parseJSON :: Value -> Parser MatchAttributes # parseJSONList :: Value -> Parser [MatchAttributes] #
type Rep MatchAttributes Source #
Instance details Defined in Amazonka.NetworkFirewall.Types.MatchAttributes type Rep MatchAttributes = D1 ('MetaData "MatchAttributes" "Amazonka.NetworkFirewall.Types.MatchAttributes" "libZSservicesZSamazonka-network-firewallZSamazonka-network-firewall" 'False) (C1 ('MetaCons "MatchAttributes'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "protocols") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [Natural])) :: (S1 ('MetaSel ('Just "tCPFlags") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [TCPFlagField])) :: S1 ('MetaSel ('Just "destinationPorts") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [PortRange])))) :: (S1 ('MetaSel ('Just "sources") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [Address])) :: (S1 ('MetaSel ('Just "sourcePorts") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [PortRange])) :*: S1 ('MetaSel ('Just "destinations") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [Address]))))))

newMatchAttributes :: MatchAttributes Source #

Create a value of MatchAttributes with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:protocols:MatchAttributes', matchAttributes_protocols - The protocols to inspect for, specified using each protocol's assigned internet protocol number (IANA). If not specified, this matches with any protocol.

$sel:tCPFlags:MatchAttributes', matchAttributes_tCPFlags - The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).

$sel:destinationPorts:MatchAttributes', matchAttributes_destinationPorts - The destination ports to inspect for. If not specified, this matches with any destination port. This setting is only used for protocols 6 (TCP) and 17 (UDP).

You can specify individual ports, for example 1994 and you can specify port ranges, for example 1990:1994.

$sel:sources:MatchAttributes', matchAttributes_sources - The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.

$sel:sourcePorts:MatchAttributes', matchAttributes_sourcePorts - The source ports to inspect for. If not specified, this matches with any source port. This setting is only used for protocols 6 (TCP) and 17 (UDP).

You can specify individual ports, for example 1994 and you can specify port ranges, for example 1990:1994.

$sel:destinations:MatchAttributes', matchAttributes_destinations - The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.

matchAttributes_protocols :: Lens' MatchAttributes (Maybe [Natural]) Source #

The protocols to inspect for, specified using each protocol's assigned internet protocol number (IANA). If not specified, this matches with any protocol.

matchAttributes_tCPFlags :: Lens' MatchAttributes (Maybe [TCPFlagField]) Source #

The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).

matchAttributes_destinationPorts :: Lens' MatchAttributes (Maybe [PortRange]) Source #

The destination ports to inspect for. If not specified, this matches with any destination port. This setting is only used for protocols 6 (TCP) and 17 (UDP).

You can specify individual ports, for example 1994 and you can specify port ranges, for example 1990:1994.

matchAttributes_sources :: Lens' MatchAttributes (Maybe [Address]) Source #

The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.

matchAttributes_sourcePorts :: Lens' MatchAttributes (Maybe [PortRange]) Source #

The source ports to inspect for. If not specified, this matches with any source port. This setting is only used for protocols 6 (TCP) and 17 (UDP).

You can specify individual ports, for example 1994 and you can specify port ranges, for example 1990:1994.

matchAttributes_destinations :: Lens' MatchAttributes (Maybe [Address]) Source #

The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.