/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the network-firewall-2020-11-12.normal.json service model.
*/
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.Text;
using System.IO;
using System.Net;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
namespace Amazon.NetworkFirewall.Model
{
///
/// The inspection criteria and action for a single stateless rule. Network Firewall inspects
/// each packet for the specified matching criteria. When a packet matches the criteria,
/// Network Firewall performs the rule's actions on the packet.
///
public partial class RuleDefinition
{
private List _actions = new List();
private MatchAttributes _matchAttributes;
///
/// Gets and sets the property Actions.
///
/// The actions to take on a packet that matches one of the stateless rule definition's
/// match attributes. You must specify a standard action and you can add custom actions.
///
///
///
///
/// Network Firewall only forwards a packet for stateful rule inspection if you specify
/// aws:forward_to_sfe for a rule that the packet matches, or if the packet
/// doesn't match any stateless rule and you specify aws:forward_to_sfe for
/// the StatelessDefaultActions setting for the FirewallPolicy.
///
///
///
/// For every rule, you must specify exactly one of the following standard actions.
///
/// -
///
/// aws:pass - Discontinues all inspection of the packet and permits it to go
/// to its intended destination.
///
///
-
///
/// aws:drop - Discontinues all inspection of the packet and blocks it from going
/// to its intended destination.
///
///
-
///
/// aws:forward_to_sfe - Discontinues stateless inspection of the packet and forwards
/// it to the stateful rule engine for inspection.
///
///
///
/// Additionally, you can specify a custom action. To do this, you define a custom action
/// by name and type, then provide the name you've assigned to the action in this Actions
/// setting. For information about the options, see CustomAction.
///
///
///
/// To provide more than one action in this setting, separate the settings with a comma.
/// For example, if you have a custom PublishMetrics action that you've named
/// MyMetricsAction, then you could specify the standard action aws:pass
/// and the custom action with [“aws:pass”, “MyMetricsAction”].
///
///
[AWSProperty(Required=true)]
public List Actions
{
get { return this._actions; }
set { this._actions = value; }
}
// Check to see if Actions property is set
internal bool IsSetActions()
{
return this._actions != null && this._actions.Count > 0;
}
///
/// Gets and sets the property MatchAttributes.
///
/// Criteria for Network Firewall to use to inspect an individual packet in stateless
/// rule inspection. Each match attributes set can include one or more items such as IP
/// address, CIDR range, port number, protocol, and TCP flags.
///
///
[AWSProperty(Required=true)]
public MatchAttributes MatchAttributes
{
get { return this._matchAttributes; }
set { this._matchAttributes = value; }
}
// Check to see if MatchAttributes property is set
internal bool IsSetMatchAttributes()
{
return this._matchAttributes != null;
}
}
}