Readonly
destinationThe destination CIDR range to inspect for.
Use CIDR notation, i.e. 10.0.0.0/16
Readonly
destinationThe destination port or port range to inspect.
To specify a port range, separate the values with a colon :
.
For example: 80:443
. To specify all ports, use ANY
.
Readonly
directionThe direction of the traffic flow to inspect.
Use ANY
to match bidirectional traffic.
Use FORWARD
to match only traffic going from the source to destination.
Readonly
protocolThe protocol to inspect.
To specify all traffic, use IP
.
Readonly
sourceThe source CIDR range to inspect for.
Use CIDR notation, i.e. 10.0.0.0/16
Readonly
sourceThe source port or port range to inspect.
To specify a port range, separate the values with a colon :
.
For example: 80:443
. To specify all ports, use ANY
.
Generated using TypeDoc
NetworkConfig / CentralNetworkServicesConfig / NfwConfig / NfwRuleGroupConfig / NfwRuleGroupRuleConfig / NfwRuleSourceConfig / NfwRuleSourceStatefulRuleConfig / NfwRuleSourceStatefulRuleHeaderConfig
Network Firewall stateful rule header configuration. Use this configuration to define stateful rules for Network Firewall in an IP packet header format. This header format can be used instead of Suricata-compatible rules to define your stateful firewall filtering behavior.
See
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-header.html for more details.
The following example creates a stateful rule that inspects all traffic from source 10.1.0.0/16 to destination 10.0.0.0/16:
Example