Class CfnFirewallPolicy.StatefulEngineOptionsProperty
Configuration settings for the handling of the stateful rule groups in a firewall policy.
Inheritance
Namespace: Amazon.CDK.AWS.NetworkFirewall
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class StatefulEngineOptionsProperty : Object, CfnFirewallPolicy.IStatefulEngineOptionsProperty
Syntax (vb)
Public Class StatefulEngineOptionsProperty
Inherits Object
Implements CfnFirewallPolicy.IStatefulEngineOptionsProperty
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.NetworkFirewall;
var statefulEngineOptionsProperty = new StatefulEngineOptionsProperty {
RuleOrder = "ruleOrder",
StreamExceptionPolicy = "streamExceptionPolicy"
};
Synopsis
Constructors
StatefulEngineOptionsProperty() |
Properties
RuleOrder | Indicates how to manage the order of stateful rule evaluation for the policy. |
StreamExceptionPolicy | Configures how Network Firewall processes traffic when a network connection breaks midstream. |
Constructors
StatefulEngineOptionsProperty()
public StatefulEngineOptionsProperty()
Properties
RuleOrder
Indicates how to manage the order of stateful rule evaluation for the policy.
public string RuleOrder { get; set; }
Property Value
System.String
Remarks
DEFAULT_ACTION_ORDER
is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see Evaluation order for stateful rules in the AWS Network Firewall Developer Guide .
StreamExceptionPolicy
Configures how Network Firewall processes traffic when a network connection breaks midstream.
public string StreamExceptionPolicy { get; set; }
Property Value
System.String
Remarks
Network connections can break due to disruptions in external networks or within the firewall itself.