{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.NetworkFirewall.Types.Header
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.NetworkFirewall.Types.Header where

import qualified Amazonka.Core as Core
import qualified Amazonka.Lens as Lens
import Amazonka.NetworkFirewall.Types.StatefulRuleDirection
import Amazonka.NetworkFirewall.Types.StatefulRuleProtocol
import qualified Amazonka.Prelude as Prelude

-- | The basic rule criteria for AWS Network Firewall to use to inspect
-- packet headers in stateful traffic flow inspection. Traffic flows that
-- match the criteria are a match for the corresponding StatefulRule.
--
-- /See:/ 'newHeader' smart constructor.
data Header = Header'
  { -- | The protocol to inspect for. To specify all, you can use @IP@, because
    -- all traffic on AWS and on the internet is IP.
    Header -> StatefulRuleProtocol
protocol :: StatefulRuleProtocol,
    -- | The source IP address or address range to inspect for, in CIDR notation.
    -- To match with any address, specify @ANY@.
    --
    -- Specify an IP address or a block of IP addresses in Classless
    -- Inter-Domain Routing (CIDR) notation. Network Firewall supports all
    -- address ranges for IPv4.
    --
    -- Examples:
    --
    -- -   To configure Network Firewall to inspect for the IP address
    --     192.0.2.44, specify @192.0.2.44\/32@.
    --
    -- -   To configure Network Firewall to inspect for IP addresses from
    --     192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.
    --
    -- For more information about CIDR notation, see the Wikipedia entry
    -- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.
    Header -> Text
source :: Prelude.Text,
    -- | The source port to inspect for. You can specify an individual port, for
    -- example @1994@ and you can specify a port range, for example
    -- @1990:1994@. To match with any port, specify @ANY@.
    Header -> Text
sourcePort :: Prelude.Text,
    -- | The direction of traffic flow to inspect. If set to @ANY@, the
    -- inspection matches bidirectional traffic, both from the source to the
    -- destination and from the destination to the source. If set to @FORWARD@,
    -- the inspection only matches traffic going from the source to the
    -- destination.
    Header -> StatefulRuleDirection
direction :: StatefulRuleDirection,
    -- | The destination IP address or address range to inspect for, in CIDR
    -- notation. To match with any address, specify @ANY@.
    --
    -- Specify an IP address or a block of IP addresses in Classless
    -- Inter-Domain Routing (CIDR) notation. Network Firewall supports all
    -- address ranges for IPv4.
    --
    -- Examples:
    --
    -- -   To configure Network Firewall to inspect for the IP address
    --     192.0.2.44, specify @192.0.2.44\/32@.
    --
    -- -   To configure Network Firewall to inspect for IP addresses from
    --     192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.
    --
    -- For more information about CIDR notation, see the Wikipedia entry
    -- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.
    Header -> Text
destination :: Prelude.Text,
    -- | The destination port to inspect for. You can specify an individual port,
    -- for example @1994@ and you can specify a port range, for example
    -- @1990:1994@. To match with any port, specify @ANY@.
    Header -> Text
destinationPort :: Prelude.Text
  }
  deriving (Header -> Header -> Bool
(Header -> Header -> Bool)
-> (Header -> Header -> Bool) -> Eq Header
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: Header -> Header -> Bool
$c/= :: Header -> Header -> Bool
== :: Header -> Header -> Bool
$c== :: Header -> Header -> Bool
Prelude.Eq, ReadPrec [Header]
ReadPrec Header
Int -> ReadS Header
ReadS [Header]
(Int -> ReadS Header)
-> ReadS [Header]
-> ReadPrec Header
-> ReadPrec [Header]
-> Read Header
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [Header]
$creadListPrec :: ReadPrec [Header]
readPrec :: ReadPrec Header
$creadPrec :: ReadPrec Header
readList :: ReadS [Header]
$creadList :: ReadS [Header]
readsPrec :: Int -> ReadS Header
$creadsPrec :: Int -> ReadS Header
Prelude.Read, Int -> Header -> ShowS
[Header] -> ShowS
Header -> String
(Int -> Header -> ShowS)
-> (Header -> String) -> ([Header] -> ShowS) -> Show Header
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [Header] -> ShowS
$cshowList :: [Header] -> ShowS
show :: Header -> String
$cshow :: Header -> String
showsPrec :: Int -> Header -> ShowS
$cshowsPrec :: Int -> Header -> ShowS
Prelude.Show, (forall x. Header -> Rep Header x)
-> (forall x. Rep Header x -> Header) -> Generic Header
forall x. Rep Header x -> Header
forall x. Header -> Rep Header x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep Header x -> Header
$cfrom :: forall x. Header -> Rep Header x
Prelude.Generic)

-- |
-- Create a value of 'Header' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'protocol', 'header_protocol' - The protocol to inspect for. To specify all, you can use @IP@, because
-- all traffic on AWS and on the internet is IP.
--
-- 'source', 'header_source' - The source IP address or address range to inspect for, in CIDR notation.
-- To match with any address, specify @ANY@.
--
-- Specify an IP address or a block of IP addresses in Classless
-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all
-- address ranges for IPv4.
--
-- Examples:
--
-- -   To configure Network Firewall to inspect for the IP address
--     192.0.2.44, specify @192.0.2.44\/32@.
--
-- -   To configure Network Firewall to inspect for IP addresses from
--     192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.
--
-- For more information about CIDR notation, see the Wikipedia entry
-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.
--
-- 'sourcePort', 'header_sourcePort' - The source port to inspect for. You can specify an individual port, for
-- example @1994@ and you can specify a port range, for example
-- @1990:1994@. To match with any port, specify @ANY@.
--
-- 'direction', 'header_direction' - The direction of traffic flow to inspect. If set to @ANY@, the
-- inspection matches bidirectional traffic, both from the source to the
-- destination and from the destination to the source. If set to @FORWARD@,
-- the inspection only matches traffic going from the source to the
-- destination.
--
-- 'destination', 'header_destination' - The destination IP address or address range to inspect for, in CIDR
-- notation. To match with any address, specify @ANY@.
--
-- Specify an IP address or a block of IP addresses in Classless
-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all
-- address ranges for IPv4.
--
-- Examples:
--
-- -   To configure Network Firewall to inspect for the IP address
--     192.0.2.44, specify @192.0.2.44\/32@.
--
-- -   To configure Network Firewall to inspect for IP addresses from
--     192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.
--
-- For more information about CIDR notation, see the Wikipedia entry
-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.
--
-- 'destinationPort', 'header_destinationPort' - The destination port to inspect for. You can specify an individual port,
-- for example @1994@ and you can specify a port range, for example
-- @1990:1994@. To match with any port, specify @ANY@.
newHeader ::
  -- | 'protocol'
  StatefulRuleProtocol ->
  -- | 'source'
  Prelude.Text ->
  -- | 'sourcePort'
  Prelude.Text ->
  -- | 'direction'
  StatefulRuleDirection ->
  -- | 'destination'
  Prelude.Text ->
  -- | 'destinationPort'
  Prelude.Text ->
  Header
newHeader :: StatefulRuleProtocol
-> Text -> Text -> StatefulRuleDirection -> Text -> Text -> Header
newHeader
  StatefulRuleProtocol
pProtocol_
  Text
pSource_
  Text
pSourcePort_
  StatefulRuleDirection
pDirection_
  Text
pDestination_
  Text
pDestinationPort_ =
    Header' :: StatefulRuleProtocol
-> Text -> Text -> StatefulRuleDirection -> Text -> Text -> Header
Header'
      { $sel:protocol:Header' :: StatefulRuleProtocol
protocol = StatefulRuleProtocol
pProtocol_,
        $sel:source:Header' :: Text
source = Text
pSource_,
        $sel:sourcePort:Header' :: Text
sourcePort = Text
pSourcePort_,
        $sel:direction:Header' :: StatefulRuleDirection
direction = StatefulRuleDirection
pDirection_,
        $sel:destination:Header' :: Text
destination = Text
pDestination_,
        $sel:destinationPort:Header' :: Text
destinationPort = Text
pDestinationPort_
      }

-- | The protocol to inspect for. To specify all, you can use @IP@, because
-- all traffic on AWS and on the internet is IP.
header_protocol :: Lens.Lens' Header StatefulRuleProtocol
header_protocol :: (StatefulRuleProtocol -> f StatefulRuleProtocol)
-> Header -> f Header
header_protocol = (Header -> StatefulRuleProtocol)
-> (Header -> StatefulRuleProtocol -> Header)
-> Lens Header Header StatefulRuleProtocol StatefulRuleProtocol
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Header' {StatefulRuleProtocol
protocol :: StatefulRuleProtocol
$sel:protocol:Header' :: Header -> StatefulRuleProtocol
protocol} -> StatefulRuleProtocol
protocol) (\s :: Header
s@Header' {} StatefulRuleProtocol
a -> Header
s {$sel:protocol:Header' :: StatefulRuleProtocol
protocol = StatefulRuleProtocol
a} :: Header)

-- | The source IP address or address range to inspect for, in CIDR notation.
-- To match with any address, specify @ANY@.
--
-- Specify an IP address or a block of IP addresses in Classless
-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all
-- address ranges for IPv4.
--
-- Examples:
--
-- -   To configure Network Firewall to inspect for the IP address
--     192.0.2.44, specify @192.0.2.44\/32@.
--
-- -   To configure Network Firewall to inspect for IP addresses from
--     192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.
--
-- For more information about CIDR notation, see the Wikipedia entry
-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.
header_source :: Lens.Lens' Header Prelude.Text
header_source :: (Text -> f Text) -> Header -> f Header
header_source = (Header -> Text)
-> (Header -> Text -> Header) -> Lens Header Header Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Header' {Text
source :: Text
$sel:source:Header' :: Header -> Text
source} -> Text
source) (\s :: Header
s@Header' {} Text
a -> Header
s {$sel:source:Header' :: Text
source = Text
a} :: Header)

-- | The source port to inspect for. You can specify an individual port, for
-- example @1994@ and you can specify a port range, for example
-- @1990:1994@. To match with any port, specify @ANY@.
header_sourcePort :: Lens.Lens' Header Prelude.Text
header_sourcePort :: (Text -> f Text) -> Header -> f Header
header_sourcePort = (Header -> Text)
-> (Header -> Text -> Header) -> Lens Header Header Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Header' {Text
sourcePort :: Text
$sel:sourcePort:Header' :: Header -> Text
sourcePort} -> Text
sourcePort) (\s :: Header
s@Header' {} Text
a -> Header
s {$sel:sourcePort:Header' :: Text
sourcePort = Text
a} :: Header)

-- | The direction of traffic flow to inspect. If set to @ANY@, the
-- inspection matches bidirectional traffic, both from the source to the
-- destination and from the destination to the source. If set to @FORWARD@,
-- the inspection only matches traffic going from the source to the
-- destination.
header_direction :: Lens.Lens' Header StatefulRuleDirection
header_direction :: (StatefulRuleDirection -> f StatefulRuleDirection)
-> Header -> f Header
header_direction = (Header -> StatefulRuleDirection)
-> (Header -> StatefulRuleDirection -> Header)
-> Lens Header Header StatefulRuleDirection StatefulRuleDirection
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Header' {StatefulRuleDirection
direction :: StatefulRuleDirection
$sel:direction:Header' :: Header -> StatefulRuleDirection
direction} -> StatefulRuleDirection
direction) (\s :: Header
s@Header' {} StatefulRuleDirection
a -> Header
s {$sel:direction:Header' :: StatefulRuleDirection
direction = StatefulRuleDirection
a} :: Header)

-- | The destination IP address or address range to inspect for, in CIDR
-- notation. To match with any address, specify @ANY@.
--
-- Specify an IP address or a block of IP addresses in Classless
-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all
-- address ranges for IPv4.
--
-- Examples:
--
-- -   To configure Network Firewall to inspect for the IP address
--     192.0.2.44, specify @192.0.2.44\/32@.
--
-- -   To configure Network Firewall to inspect for IP addresses from
--     192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.
--
-- For more information about CIDR notation, see the Wikipedia entry
-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.
header_destination :: Lens.Lens' Header Prelude.Text
header_destination :: (Text -> f Text) -> Header -> f Header
header_destination = (Header -> Text)
-> (Header -> Text -> Header) -> Lens Header Header Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Header' {Text
destination :: Text
$sel:destination:Header' :: Header -> Text
destination} -> Text
destination) (\s :: Header
s@Header' {} Text
a -> Header
s {$sel:destination:Header' :: Text
destination = Text
a} :: Header)

-- | The destination port to inspect for. You can specify an individual port,
-- for example @1994@ and you can specify a port range, for example
-- @1990:1994@. To match with any port, specify @ANY@.
header_destinationPort :: Lens.Lens' Header Prelude.Text
header_destinationPort :: (Text -> f Text) -> Header -> f Header
header_destinationPort = (Header -> Text)
-> (Header -> Text -> Header) -> Lens Header Header Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Header' {Text
destinationPort :: Text
$sel:destinationPort:Header' :: Header -> Text
destinationPort} -> Text
destinationPort) (\s :: Header
s@Header' {} Text
a -> Header
s {$sel:destinationPort:Header' :: Text
destinationPort = Text
a} :: Header)

instance Core.FromJSON Header where
  parseJSON :: Value -> Parser Header
parseJSON =
    String -> (Object -> Parser Header) -> Value -> Parser Header
forall a. String -> (Object -> Parser a) -> Value -> Parser a
Core.withObject
      String
"Header"
      ( \Object
x ->
          StatefulRuleProtocol
-> Text -> Text -> StatefulRuleDirection -> Text -> Text -> Header
Header'
            (StatefulRuleProtocol
 -> Text -> Text -> StatefulRuleDirection -> Text -> Text -> Header)
-> Parser StatefulRuleProtocol
-> Parser
     (Text -> Text -> StatefulRuleDirection -> Text -> Text -> Header)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x Object -> Text -> Parser StatefulRuleProtocol
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"Protocol")
            Parser
  (Text -> Text -> StatefulRuleDirection -> Text -> Text -> Header)
-> Parser Text
-> Parser (Text -> StatefulRuleDirection -> Text -> Text -> Header)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser Text
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"Source")
            Parser (Text -> StatefulRuleDirection -> Text -> Text -> Header)
-> Parser Text
-> Parser (StatefulRuleDirection -> Text -> Text -> Header)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser Text
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"SourcePort")
            Parser (StatefulRuleDirection -> Text -> Text -> Header)
-> Parser StatefulRuleDirection -> Parser (Text -> Text -> Header)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser StatefulRuleDirection
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"Direction")
            Parser (Text -> Text -> Header)
-> Parser Text -> Parser (Text -> Header)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser Text
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"Destination")
            Parser (Text -> Header) -> Parser Text -> Parser Header
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser Text
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"DestinationPort")
      )

instance Prelude.Hashable Header

instance Prelude.NFData Header

instance Core.ToJSON Header where
  toJSON :: Header -> Value
toJSON Header' {Text
StatefulRuleDirection
StatefulRuleProtocol
destinationPort :: Text
destination :: Text
direction :: StatefulRuleDirection
sourcePort :: Text
source :: Text
protocol :: StatefulRuleProtocol
$sel:destinationPort:Header' :: Header -> Text
$sel:destination:Header' :: Header -> Text
$sel:direction:Header' :: Header -> StatefulRuleDirection
$sel:sourcePort:Header' :: Header -> Text
$sel:source:Header' :: Header -> Text
$sel:protocol:Header' :: Header -> StatefulRuleProtocol
..} =
    [Pair] -> Value
Core.object
      ( [Maybe Pair] -> [Pair]
forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"Protocol" Text -> StatefulRuleProtocol -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= StatefulRuleProtocol
protocol),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"Source" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
source),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"SourcePort" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
sourcePort),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"Direction" Text -> StatefulRuleDirection -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= StatefulRuleDirection
direction),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"Destination" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
destination),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just
              (Text
"DestinationPort" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
destinationPort)
          ]
      )