Class NfwRuleSourceStatefulRuleConfig

NetworkConfig / CentralNetworkServicesConfig / NfwConfig / NfwRuleGroupConfig / NfwRuleGroupRuleConfig / NfwRuleSourceConfig / NfwRuleSourceStatefulRuleConfig

Network Firewall stateful rule configuration. Use this configuration to define stateful rules for Network Firewall in an IP packet header format. This header format can be used instead of Suricata-compatible rules to define your stateful firewall filtering behavior.

See

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statefulrule.html

Example

- action: PASS
  header:
    source: 10.1.0.0/16
    sourcePort: ANY
    destination: 10.0.0.0/16
    destinationPort: ANY
    direction: FORWARD
    protocol: IP
  ruleOptions:
    - keyword: sid
      settings: ['100']

Hierarchy

  • NfwRuleSourceStatefulRuleConfig

Implements

Constructors

constructor

Properties

action header ruleOptions

Constructors

constructor

Properties

Readonly action

action: "PASS" | "DROP" | "ALERT" = 'DROP'

The action type for the stateful rule.

See

nfwStatefulRuleActionType

Readonly header

header: NfwRuleSourceStatefulRuleHeaderConfig = ...

A Network Firewall stateful rule header configuration.

See

NfwRuleSourceStatefulRuleHeaderConfig

Readonly ruleOptions

ruleOptions: NfwRuleSourceStatefulRuleOptionsConfig[] = ...

An array of Network Firewall stateful rule options configurations.

See

NfwRuleSourceStatefulRuleOptionsConfig

Settings

Member Visibility

Theme

Generated using TypeDoc