aws-sdk-networkfirewall 1.21.0 → 1.22.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-networkfirewall/client.rb +4 -4
- data/lib/aws-sdk-networkfirewall/types.rb +10 -0
- data/lib/aws-sdk-networkfirewall.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 33bff6d59d08b1ff2709ea6ed6c84b9cb741396124c4ec779f7a05206b1865e0
|
|
4
|
+
data.tar.gz: 64feff96312cecb749cfe6c05de7f34cd2a8aee98af3b9db697df69e401c77ef
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bd934630272b32a572bf1ba211c8172e422a3bfe5b1351b6d2467a34502db2faa9d46d8e7958a0f7586d7b39f01aef23a5f125d47cbfedf669146e42f336c584
|
|
7
|
+
data.tar.gz: d37afe8ee582b7bdb17924f9f814d5fe5fa3e0bfd0bf5931cea9bf457982711559d3a8908f6cc5cc6b7d6350fd95c413d04c9450d18a3a8121669ce99b5218c6
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.22.0 (2023-01-09)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Network Firewall now supports the Suricata rule action reject, in addition to the actions pass, drop, and alert.
|
|
8
|
+
|
|
4
9
|
1.21.0 (2022-12-28)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.22.0
|
|
@@ -961,7 +961,7 @@ module Aws::NetworkFirewall
|
|
|
961
961
|
# },
|
|
962
962
|
# stateful_rules: [
|
|
963
963
|
# {
|
|
964
|
-
# action: "PASS", # required, accepts PASS, DROP, ALERT
|
|
964
|
+
# action: "PASS", # required, accepts PASS, DROP, ALERT, REJECT
|
|
965
965
|
# header: { # required
|
|
966
966
|
# protocol: "IP", # required, accepts IP, TCP, UDP, ICMP, HTTP, FTP, TLS, SMB, DNS, DCERPC, SSH, SMTP, IMAP, MSN, KRB5, IKEV2, TFTP, NTP, DHCP
|
|
967
967
|
# source: "Source", # required
|
|
@@ -1579,7 +1579,7 @@ module Aws::NetworkFirewall
|
|
|
1579
1579
|
# resp.rule_group.rules_source.rules_source_list.target_types[0] #=> String, one of "TLS_SNI", "HTTP_HOST"
|
|
1580
1580
|
# resp.rule_group.rules_source.rules_source_list.generated_rules_type #=> String, one of "ALLOWLIST", "DENYLIST"
|
|
1581
1581
|
# resp.rule_group.rules_source.stateful_rules #=> Array
|
|
1582
|
-
# resp.rule_group.rules_source.stateful_rules[0].action #=> String, one of "PASS", "DROP", "ALERT"
|
|
1582
|
+
# resp.rule_group.rules_source.stateful_rules[0].action #=> String, one of "PASS", "DROP", "ALERT", "REJECT"
|
|
1583
1583
|
# resp.rule_group.rules_source.stateful_rules[0].header.protocol #=> String, one of "IP", "TCP", "UDP", "ICMP", "HTTP", "FTP", "TLS", "SMB", "DNS", "DCERPC", "SSH", "SMTP", "IMAP", "MSN", "KRB5", "IKEV2", "TFTP", "NTP", "DHCP"
|
|
1584
1584
|
# resp.rule_group.rules_source.stateful_rules[0].header.source #=> String
|
|
1585
1585
|
# resp.rule_group.rules_source.stateful_rules[0].header.source_port #=> String
|
|
@@ -2803,7 +2803,7 @@ module Aws::NetworkFirewall
|
|
|
2803
2803
|
# },
|
|
2804
2804
|
# stateful_rules: [
|
|
2805
2805
|
# {
|
|
2806
|
-
# action: "PASS", # required, accepts PASS, DROP, ALERT
|
|
2806
|
+
# action: "PASS", # required, accepts PASS, DROP, ALERT, REJECT
|
|
2807
2807
|
# header: { # required
|
|
2808
2808
|
# protocol: "IP", # required, accepts IP, TCP, UDP, ICMP, HTTP, FTP, TLS, SMB, DNS, DCERPC, SSH, SMTP, IMAP, MSN, KRB5, IKEV2, TFTP, NTP, DHCP
|
|
2809
2809
|
# source: "Source", # required
|
|
@@ -3007,7 +3007,7 @@ module Aws::NetworkFirewall
|
|
|
3007
3007
|
params: params,
|
|
3008
3008
|
config: config)
|
|
3009
3009
|
context[:gem_name] = 'aws-sdk-networkfirewall'
|
|
3010
|
-
context[:gem_version] = '1.
|
|
3010
|
+
context[:gem_version] = '1.22.0'
|
|
3011
3011
|
Seahorse::Client::Request.new(handlers, context)
|
|
3012
3012
|
end
|
|
3013
3013
|
|
|
@@ -3054,6 +3054,16 @@ module Aws::NetworkFirewall
|
|
|
3054
3054
|
# drop traffic. You can enable the rule with `ALERT` action, verify
|
|
3055
3055
|
# in the logs that the rule is filtering as you want, then change
|
|
3056
3056
|
# the action to `DROP`.
|
|
3057
|
+
#
|
|
3058
|
+
# * **REJECT** - Drops TCP traffic that matches the conditions of the
|
|
3059
|
+
# stateful rule, and sends a TCP reset packet back to sender of the
|
|
3060
|
+
# packet. A TCP reset packet is a packet with no payload and a `RST`
|
|
3061
|
+
# bit contained in the TCP header flags. Also sends an alert log
|
|
3062
|
+
# mesage if alert logging is configured in the Firewall
|
|
3063
|
+
# LoggingConfiguration.
|
|
3064
|
+
#
|
|
3065
|
+
# `REJECT` isn't currently available for use with IMAP and FTP
|
|
3066
|
+
# protocols.
|
|
3057
3067
|
# @return [String]
|
|
3058
3068
|
#
|
|
3059
3069
|
# @!attribute [rw] header
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-networkfirewall
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.22.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-01-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|