Amazon Network Firewall · JSON Structure

Openapi Tcp Flag Field Structure

TCP flags and masks to inspect packets for, used in stateless rules MatchAttributes settings.

Type: object Properties: 2 Required: 1
FirewallIntrusion DetectionNetwork SecurityVPC

TCPFlagField is a JSON Structure definition published by Amazon Network Firewall, describing 2 properties, of which 1 is required. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

Flags Masks

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-network-firewall/refs/heads/main/json-structure/openapi-tcp-flag-field-structure.json",
  "name": "TCPFlagField",
  "description": "TCP flags and masks to inspect packets for, used in stateless rules <a>MatchAttributes</a> settings.",
  "type": "object",
  "properties": {
    "Flags": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Flags"
        },
        {
          "description": "<p>Used in conjunction with the <code>Masks</code> setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the <code>Masks</code> setting.</p> <p>For the flags that are specified in the masks setting, the following must be true for the packet to match: </p> <ul> <li> <p>The ones that are set in this flags setting must be set in the packet. </p> </li> <li> <p>The ones that are not set in this flags setting must also not be set in the packet. </p> </li> </ul>"
        }
      ]
    },
    "Masks": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Flags"
        },
        {
          "description": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting."
        }
      ]
    }
  },
  "required": [
    "Flags"
  ]
}