Struct aws_sdk_wafv2::types::IpSetForwardedIpConfig
source · #[non_exhaustive]pub struct IpSetForwardedIpConfig {
pub header_name: String,
pub fallback_behavior: FallbackBehavior,
pub position: ForwardedIpPosition,
}
Expand description
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.
If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.
This configuration is used only for IPSetReferenceStatement
. For GeoMatchStatement
and RateBasedStatement
, use ForwardedIPConfig
instead.
Fields (Non-exhaustive)§
This struct is marked as non-exhaustive
Struct { .. }
syntax; cannot be matched against without a wildcard ..
; and struct update syntax will not work.header_name: String
The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to X-Forwarded-For
.
If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.
fallback_behavior: FallbackBehavior
The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.
If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.
You can specify the following fallback behaviors:
-
MATCH
- Treat the web request as matching the rule statement. WAF applies the rule action to the request. -
NO_MATCH
- Treat the web request as not matching the rule statement.
position: ForwardedIpPosition
The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be 10.1.1.1, 127.0.0.0, 10.10.10.10
where the first IP address identifies the original client and the rest identify proxies that the request went through.
The options for this setting are the following:
-
FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.
-
LAST - Inspect the last IP address in the list of IP addresses in the header.
-
ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, WAF inspects the last 10.
Implementations§
source§impl IpSetForwardedIpConfig
impl IpSetForwardedIpConfig
sourcepub fn header_name(&self) -> &str
pub fn header_name(&self) -> &str
The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to X-Forwarded-For
.
If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.
sourcepub fn fallback_behavior(&self) -> &FallbackBehavior
pub fn fallback_behavior(&self) -> &FallbackBehavior
The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.
If the specified header isn't present in the request, WAF doesn't apply the rule to the web request at all.
You can specify the following fallback behaviors:
-
MATCH
- Treat the web request as matching the rule statement. WAF applies the rule action to the request. -
NO_MATCH
- Treat the web request as not matching the rule statement.
sourcepub fn position(&self) -> &ForwardedIpPosition
pub fn position(&self) -> &ForwardedIpPosition
The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be 10.1.1.1, 127.0.0.0, 10.10.10.10
where the first IP address identifies the original client and the rest identify proxies that the request went through.
The options for this setting are the following:
-
FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.
-
LAST - Inspect the last IP address in the list of IP addresses in the header.
-
ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, WAF inspects the last 10.
source§impl IpSetForwardedIpConfig
impl IpSetForwardedIpConfig
sourcepub fn builder() -> IpSetForwardedIpConfigBuilder
pub fn builder() -> IpSetForwardedIpConfigBuilder
Creates a new builder-style object to manufacture IpSetForwardedIpConfig
.
Trait Implementations§
source§impl Clone for IpSetForwardedIpConfig
impl Clone for IpSetForwardedIpConfig
source§fn clone(&self) -> IpSetForwardedIpConfig
fn clone(&self) -> IpSetForwardedIpConfig
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Debug for IpSetForwardedIpConfig
impl Debug for IpSetForwardedIpConfig
source§impl PartialEq for IpSetForwardedIpConfig
impl PartialEq for IpSetForwardedIpConfig
source§fn eq(&self, other: &IpSetForwardedIpConfig) -> bool
fn eq(&self, other: &IpSetForwardedIpConfig) -> bool
self
and other
values to be equal, and is used
by ==
.impl StructuralPartialEq for IpSetForwardedIpConfig
Auto Trait Implementations§
impl Freeze for IpSetForwardedIpConfig
impl RefUnwindSafe for IpSetForwardedIpConfig
impl Send for IpSetForwardedIpConfig
impl Sync for IpSetForwardedIpConfig
impl Unpin for IpSetForwardedIpConfig
impl UnwindSafe for IpSetForwardedIpConfig
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> Instrument for T
impl<T> Instrument for T
source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoEither for T
impl<T> IntoEither for T
source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more