aws-sdk-networkfirewall 1.21.0 → 1.22.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-networkfirewall/client.rb +4 -4
- data/lib/aws-sdk-networkfirewall/types.rb +10 -0
- data/lib/aws-sdk-networkfirewall.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 33bff6d59d08b1ff2709ea6ed6c84b9cb741396124c4ec779f7a05206b1865e0
|
|
4
|
+
data.tar.gz: 64feff96312cecb749cfe6c05de7f34cd2a8aee98af3b9db697df69e401c77ef
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bd934630272b32a572bf1ba211c8172e422a3bfe5b1351b6d2467a34502db2faa9d46d8e7958a0f7586d7b39f01aef23a5f125d47cbfedf669146e42f336c584
|
|
7
|
+
data.tar.gz: d37afe8ee582b7bdb17924f9f814d5fe5fa3e0bfd0bf5931cea9bf457982711559d3a8908f6cc5cc6b7d6350fd95c413d04c9450d18a3a8121669ce99b5218c6
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.22.0 (2023-01-09)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Network Firewall now supports the Suricata rule action reject, in addition to the actions pass, drop, and alert.
|
|
8
|
+
|
|
4
9
|
1.21.0 (2022-12-28)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.22.0
|
|
@@ -961,7 +961,7 @@ module Aws::NetworkFirewall
|
|
|
961
961
|
# },
|
|
962
962
|
# stateful_rules: [
|
|
963
963
|
# {
|
|
964
|
-
# action: "PASS", # required, accepts PASS, DROP, ALERT
|
|
964
|
+
# action: "PASS", # required, accepts PASS, DROP, ALERT, REJECT
|
|
965
965
|
# header: { # required
|
|
966
966
|
# protocol: "IP", # required, accepts IP, TCP, UDP, ICMP, HTTP, FTP, TLS, SMB, DNS, DCERPC, SSH, SMTP, IMAP, MSN, KRB5, IKEV2, TFTP, NTP, DHCP
|
|
967
967
|
# source: "Source", # required
|
|
@@ -1579,7 +1579,7 @@ module Aws::NetworkFirewall
|
|
|
1579
1579
|
# resp.rule_group.rules_source.rules_source_list.target_types[0] #=> String, one of "TLS_SNI", "HTTP_HOST"
|
|
1580
1580
|
# resp.rule_group.rules_source.rules_source_list.generated_rules_type #=> String, one of "ALLOWLIST", "DENYLIST"
|
|
1581
1581
|
# resp.rule_group.rules_source.stateful_rules #=> Array
|
|
1582
|
-
# resp.rule_group.rules_source.stateful_rules[0].action #=> String, one of "PASS", "DROP", "ALERT"
|
|
1582
|
+
# resp.rule_group.rules_source.stateful_rules[0].action #=> String, one of "PASS", "DROP", "ALERT", "REJECT"
|
|
1583
1583
|
# resp.rule_group.rules_source.stateful_rules[0].header.protocol #=> String, one of "IP", "TCP", "UDP", "ICMP", "HTTP", "FTP", "TLS", "SMB", "DNS", "DCERPC", "SSH", "SMTP", "IMAP", "MSN", "KRB5", "IKEV2", "TFTP", "NTP", "DHCP"
|
|
1584
1584
|
# resp.rule_group.rules_source.stateful_rules[0].header.source #=> String
|
|
1585
1585
|
# resp.rule_group.rules_source.stateful_rules[0].header.source_port #=> String
|
|
@@ -2803,7 +2803,7 @@ module Aws::NetworkFirewall
|
|
|
2803
2803
|
# },
|
|
2804
2804
|
# stateful_rules: [
|
|
2805
2805
|
# {
|
|
2806
|
-
# action: "PASS", # required, accepts PASS, DROP, ALERT
|
|
2806
|
+
# action: "PASS", # required, accepts PASS, DROP, ALERT, REJECT
|
|
2807
2807
|
# header: { # required
|
|
2808
2808
|
# protocol: "IP", # required, accepts IP, TCP, UDP, ICMP, HTTP, FTP, TLS, SMB, DNS, DCERPC, SSH, SMTP, IMAP, MSN, KRB5, IKEV2, TFTP, NTP, DHCP
|
|
2809
2809
|
# source: "Source", # required
|
|
@@ -3007,7 +3007,7 @@ module Aws::NetworkFirewall
|
|
|
3007
3007
|
params: params,
|
|
3008
3008
|
config: config)
|
|
3009
3009
|
context[:gem_name] = 'aws-sdk-networkfirewall'
|
|
3010
|
-
context[:gem_version] = '1.
|
|
3010
|
+
context[:gem_version] = '1.22.0'
|
|
3011
3011
|
Seahorse::Client::Request.new(handlers, context)
|
|
3012
3012
|
end
|
|
3013
3013
|
|
|
@@ -3054,6 +3054,16 @@ module Aws::NetworkFirewall
|
|
|
3054
3054
|
# drop traffic. You can enable the rule with `ALERT` action, verify
|
|
3055
3055
|
# in the logs that the rule is filtering as you want, then change
|
|
3056
3056
|
# the action to `DROP`.
|
|
3057
|
+
#
|
|
3058
|
+
# * **REJECT** - Drops TCP traffic that matches the conditions of the
|
|
3059
|
+
# stateful rule, and sends a TCP reset packet back to sender of the
|
|
3060
|
+
# packet. A TCP reset packet is a packet with no payload and a `RST`
|
|
3061
|
+
# bit contained in the TCP header flags. Also sends an alert log
|
|
3062
|
+
# mesage if alert logging is configured in the Firewall
|
|
3063
|
+
# LoggingConfiguration.
|
|
3064
|
+
#
|
|
3065
|
+
# `REJECT` isn't currently available for use with IMAP and FTP
|
|
3066
|
+
# protocols.
|
|
3057
3067
|
# @return [String]
|
|
3058
3068
|
#
|
|
3059
3069
|
# @!attribute [rw] header
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-networkfirewall
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.22.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-01-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|