Struct aws_sdk_wafv2::types::IpSetForwardedIpConfig

source · 
#[non_exhaustive]
pub struct IpSetForwardedIpConfig {
    pub header_name: Option<String>,
    pub fallback_behavior: Option<FallbackBehavior>,
    pub position: Option<ForwardedIpPosition>,
}
Expand description

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.

If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.

This configuration is used only for IPSetReferenceStatement. For GeoMatchStatement and RateBasedStatement, use ForwardedIPConfig instead.

Fields (Non-exhaustive)§

This struct is marked as non-exhaustive
Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.
§header_name: Option<String>

The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to X-Forwarded-For.

If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.

§fallback_behavior: Option<FallbackBehavior>

The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.

If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.

You can specify the following fallback behaviors:

  • MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.

  • NO_MATCH - Treat the web request as not matching the rule statement.

§position: Option<ForwardedIpPosition>

The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be 10.1.1.1, 127.0.0.0, 10.10.10.10 where the first IP address identifies the original client and the rest identify proxies that the request went through.

The options for this setting are the following:

  • FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.

  • LAST - Inspect the last IP address in the list of IP addresses in the header.

  • ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, WAF inspects the last 10.

Implementations§

source§

impl IpSetForwardedIpConfig

source

pub fn header_name(&self) -> Option<&str>

The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to X-Forwarded-For.

If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.

source

pub fn fallback_behavior(&self) -> Option<&FallbackBehavior>

The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.

If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.

You can specify the following fallback behaviors:

  • MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.

  • NO_MATCH - Treat the web request as not matching the rule statement.

source

pub fn position(&self) -> Option<&ForwardedIpPosition>

The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be 10.1.1.1, 127.0.0.0, 10.10.10.10 where the first IP address identifies the original client and the rest identify proxies that the request went through.

The options for this setting are the following:

  • FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.

  • LAST - Inspect the last IP address in the list of IP addresses in the header.

  • ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, WAF inspects the last 10.

source§

impl IpSetForwardedIpConfig

source

pub fn builder() -> IpSetForwardedIpConfigBuilder

Creates a new builder-style object to manufacture IpSetForwardedIpConfig.

Trait Implementations§

source§

impl Clone for IpSetForwardedIpConfig

source§

fn clone(&self) -> IpSetForwardedIpConfig

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for IpSetForwardedIpConfig

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl PartialEq<IpSetForwardedIpConfig> for IpSetForwardedIpConfig

source§

fn eq(&self, other: &IpSetForwardedIpConfig) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl StructuralPartialEq for IpSetForwardedIpConfig

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more