StatefulEngineOptions (AWS Java SDK :: Services :: Network Firewall 2.20.98 API)

java.lang.Object
- software.amazon.awssdk.services.networkfirewall.model.StatefulEngineOptions

All Implemented Interfaces:

Serializable, SdkPojo, ToCopyableBuilder<StatefulEngineOptions.Builder,StatefulEngineOptions>
```
@Generated(value="software.amazon.awssdk:codegen")
public final class StatefulEngineOptions
extends Object
implements SdkPojo, Serializable, ToCopyableBuilder<StatefulEngineOptions.Builder,StatefulEngineOptions>
```
Configuration settings for the handling of the stateful rule groups in a firewall policy.

See Also:

Serialized Form

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static interface StatefulEngineOptions.Builder

Nested Classes
Modifier and Type	Class and Description
`static interface`	`StatefulEngineOptions.Builder`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static StatefulEngineOptions.Builder`	`builder()`
`boolean`	`equals(Object obj)`
`boolean`	`equalsBySdkFields(Object obj)`
`<T> Optional<T>`	`getValueForField(String fieldName, Class<T> clazz)`
`int`	`hashCode()`
`RuleOrder`	`ruleOrder()` Indicates how to manage the order of stateful rule evaluation for the policy.
`String`	`ruleOrderAsString()` Indicates how to manage the order of stateful rule evaluation for the policy.
`List<SdkField<?>>`	`sdkFields()`
`static Class<? extends StatefulEngineOptions.Builder>`	`serializableBuilderClass()`
`StreamExceptionPolicy`	`streamExceptionPolicy()` Configures how Network Firewall processes traffic when a network connection breaks midstream.
`String`	`streamExceptionPolicyAsString()` Configures how Network Firewall processes traffic when a network connection breaks midstream.
`StatefulEngineOptions.Builder`	`toBuilder()`
`String`	`toString()` Returns a string representation of this object.

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder
copy

- Method Detail
  - ruleOrder
```
public final RuleOrder ruleOrder()
```
    Indicates how to manage the order of stateful rule evaluation for the policy. DEFAULT_ACTION_ORDER is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see Evaluation order for stateful rules in the Network Firewall Developer Guide.
    
    If the service returns an enum value that is not available in the current SDK version, ruleOrder will return RuleOrder.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from ruleOrderAsString().
    
    Returns:
    
    Indicates how to manage the order of stateful rule evaluation for the policy. DEFAULT_ACTION_ORDER is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see Evaluation order for stateful rules in the Network Firewall Developer Guide.
    
    See Also:
    
    RuleOrder
  - ruleOrderAsString
```
public final String ruleOrderAsString()
```
    Indicates how to manage the order of stateful rule evaluation for the policy. DEFAULT_ACTION_ORDER is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see Evaluation order for stateful rules in the Network Firewall Developer Guide.
    
    If the service returns an enum value that is not available in the current SDK version, ruleOrder will return RuleOrder.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from ruleOrderAsString().
    
    Returns:
    
    Indicates how to manage the order of stateful rule evaluation for the policy. DEFAULT_ACTION_ORDER is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see Evaluation order for stateful rules in the Network Firewall Developer Guide.
    
    See Also:
    
    RuleOrder
  - streamExceptionPolicy
```
public final StreamExceptionPolicy streamExceptionPolicy()
```
    Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.
    - DROP - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.
    - CONTINUE - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to drop http traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent—a TCP-layer rule using a flow:stateless rule would still match, as would the aws:drop_strict default action.
    - REJECT - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.
    If the service returns an enum value that is not available in the current SDK version, streamExceptionPolicy will return StreamExceptionPolicy.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from streamExceptionPolicyAsString().
    Returns:
    Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.
    
    DROP - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.
    
    CONTINUE - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to drop http traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent—a TCP-layer rule using a flow:stateless rule would still match, as would the aws:drop_strict default action.
    
    REJECT - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.
    See Also:
    
    StreamExceptionPolicy
  - streamExceptionPolicyAsString
```
public final String streamExceptionPolicyAsString()
```
    Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.
    - DROP - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.
    - CONTINUE - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to drop http traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent—a TCP-layer rule using a flow:stateless rule would still match, as would the aws:drop_strict default action.
    - REJECT - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.
    If the service returns an enum value that is not available in the current SDK version, streamExceptionPolicy will return StreamExceptionPolicy.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from streamExceptionPolicyAsString().
    Returns:
    Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.
    
    DROP - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.
    
    CONTINUE - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to drop http traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent—a TCP-layer rule using a flow:stateless rule would still match, as would the aws:drop_strict default action.
    
    REJECT - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.
    See Also:
    
    StreamExceptionPolicy
  - toBuilder
```
public StatefulEngineOptions.Builder toBuilder()
```
    Specified by:
    
    toBuilder in interface ToCopyableBuilder<StatefulEngineOptions.Builder,StatefulEngineOptions>
  - builder
```
public static StatefulEngineOptions.Builder builder()
```
  - serializableBuilderClass
```
public static Class<? extends StatefulEngineOptions.Builder> serializableBuilderClass()
```
  - hashCode
```
public final int hashCode()
```
    Overrides:
    
    hashCode in class Object
  - equals
```
public final boolean equals(Object obj)
```
    Overrides:
    
    equals in class Object
  - equalsBySdkFields
```
public final boolean equalsBySdkFields(Object obj)
```
    Specified by:
    
    equalsBySdkFields in interface SdkPojo
  - toString
```
public final String toString()
```
    Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
    
    Overrides:
    
    toString in class Object
  - getValueForField
```
public final <T> Optional<T> getValueForField(String fieldName,
                                              Class<T> clazz)
```
  - sdkFields
```
public final List<SdkField<?>> sdkFields()
```
    Specified by:
    
    sdkFields in interface SdkPojo

Class StatefulEngineOptions

Nested Class Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder

Method Detail

ruleOrder

ruleOrderAsString

streamExceptionPolicy

streamExceptionPolicyAsString

toBuilder

builder

serializableBuilderClass

hashCode

equals

equalsBySdkFields

toString

getValueForField

sdkFields