Interface FilterChainMatchOrBuilder
- All Superinterfaces:
com.google.protobuf.MessageLiteOrBuilder
,com.google.protobuf.MessageOrBuilder
- All Known Implementing Classes:
FilterChainMatch
,FilterChainMatch.Builder
public interface FilterChainMatchOrBuilder
extends com.google.protobuf.MessageOrBuilder
-
Method Summary
Modifier and TypeMethodDescriptionIf non-empty, an IP address and suffix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.com.google.protobuf.ByteString
If non-empty, an IP address and suffix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.getApplicationProtocols
(int index) If non-empty, a list of application protocols (e.g.com.google.protobuf.ByteString
getApplicationProtocolsBytes
(int index) If non-empty, a list of application protocols (e.g.int
If non-empty, a list of application protocols (e.g.If non-empty, a list of application protocols (e.g.com.google.protobuf.UInt32Value
Optional destination port to consider when use_original_dst is set on the listener in determining a filter chain match.com.google.protobuf.UInt32ValueOrBuilder
Optional destination port to consider when use_original_dst is set on the listener in determining a filter chain match.getDirectSourcePrefixRanges
(int index) The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets.int
The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets.The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets.getDirectSourcePrefixRangesOrBuilder
(int index) The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets.List
<? extends CidrRangeOrBuilder> The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets.getPrefixRanges
(int index) If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.int
If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.getPrefixRangesOrBuilder
(int index) If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.List
<? extends CidrRangeOrBuilder> If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.getServerNames
(int index) If non-empty, a list of server names (e.g.com.google.protobuf.ByteString
getServerNamesBytes
(int index) If non-empty, a list of server names (e.g.int
If non-empty, a list of server names (e.g.If non-empty, a list of server names (e.g.int
getSourcePorts
(int index) The criteria is satisfied if the source port of the downstream connection is contained in at least one of the specified ports.int
The criteria is satisfied if the source port of the downstream connection is contained in at least one of the specified ports.The criteria is satisfied if the source port of the downstream connection is contained in at least one of the specified ports.getSourcePrefixRanges
(int index) The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets.int
The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets.The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets.getSourcePrefixRangesOrBuilder
(int index) The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets.List
<? extends CidrRangeOrBuilder> The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets.Specifies the connection source IP match type.int
Specifies the connection source IP match type.com.google.protobuf.UInt32Value
[#not-implemented-hide:]com.google.protobuf.UInt32ValueOrBuilder
[#not-implemented-hide:]If non-empty, a transport protocol to consider when determining a filter chain match.com.google.protobuf.ByteString
If non-empty, a transport protocol to consider when determining a filter chain match.boolean
Optional destination port to consider when use_original_dst is set on the listener in determining a filter chain match.boolean
[#not-implemented-hide:]Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder
isInitialized
Methods inherited from interface com.google.protobuf.MessageOrBuilder
findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof
-
Method Details
-
hasDestinationPort
boolean hasDestinationPort()Optional destination port to consider when use_original_dst is set on the listener in determining a filter chain match.
.google.protobuf.UInt32Value destination_port = 8 [(.validate.rules) = { ... }
- Returns:
- Whether the destinationPort field is set.
-
getDestinationPort
com.google.protobuf.UInt32Value getDestinationPort()Optional destination port to consider when use_original_dst is set on the listener in determining a filter chain match.
.google.protobuf.UInt32Value destination_port = 8 [(.validate.rules) = { ... }
- Returns:
- The destinationPort.
-
getDestinationPortOrBuilder
com.google.protobuf.UInt32ValueOrBuilder getDestinationPortOrBuilder()Optional destination port to consider when use_original_dst is set on the listener in determining a filter chain match.
.google.protobuf.UInt32Value destination_port = 8 [(.validate.rules) = { ... }
-
getPrefixRangesList
If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
-
getPrefixRanges
If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
-
getPrefixRangesCount
int getPrefixRangesCount()If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
-
getPrefixRangesOrBuilderList
List<? extends CidrRangeOrBuilder> getPrefixRangesOrBuilderList()If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
-
getPrefixRangesOrBuilder
If non-empty, an IP address and prefix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
-
getAddressSuffix
String getAddressSuffix()If non-empty, an IP address and suffix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified. [#not-implemented-hide:]
string address_suffix = 4;
- Returns:
- The addressSuffix.
-
getAddressSuffixBytes
com.google.protobuf.ByteString getAddressSuffixBytes()If non-empty, an IP address and suffix length to match addresses when the listener is bound to 0.0.0.0/:: or when use_original_dst is specified. [#not-implemented-hide:]
string address_suffix = 4;
- Returns:
- The bytes for addressSuffix.
-
hasSuffixLen
boolean hasSuffixLen()[#not-implemented-hide:]
.google.protobuf.UInt32Value suffix_len = 5;
- Returns:
- Whether the suffixLen field is set.
-
getSuffixLen
com.google.protobuf.UInt32Value getSuffixLen()[#not-implemented-hide:]
.google.protobuf.UInt32Value suffix_len = 5;
- Returns:
- The suffixLen.
-
getSuffixLenOrBuilder
com.google.protobuf.UInt32ValueOrBuilder getSuffixLenOrBuilder()[#not-implemented-hide:]
.google.protobuf.UInt32Value suffix_len = 5;
-
getDirectSourcePrefixRangesList
The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the directly connected source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
-
getDirectSourcePrefixRanges
The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the directly connected source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
-
getDirectSourcePrefixRangesCount
int getDirectSourcePrefixRangesCount()The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the directly connected source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
-
getDirectSourcePrefixRangesOrBuilderList
List<? extends CidrRangeOrBuilder> getDirectSourcePrefixRangesOrBuilderList()The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the directly connected source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
-
getDirectSourcePrefixRangesOrBuilder
The criteria is satisfied if the directly connected source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the directly connected source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
-
getSourceTypeValue
int getSourceTypeValue()Specifies the connection source IP match type. Can be any, local or external network.
.envoy.config.listener.v3.FilterChainMatch.ConnectionSourceType source_type = 12 [(.validate.rules) = { ... }
- Returns:
- The enum numeric value on the wire for sourceType.
-
getSourceType
FilterChainMatch.ConnectionSourceType getSourceType()Specifies the connection source IP match type. Can be any, local or external network.
.envoy.config.listener.v3.FilterChainMatch.ConnectionSourceType source_type = 12 [(.validate.rules) = { ... }
- Returns:
- The sourceType.
-
getSourcePrefixRangesList
The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
-
getSourcePrefixRanges
The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
-
getSourcePrefixRangesCount
int getSourcePrefixRangesCount()The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
-
getSourcePrefixRangesOrBuilderList
List<? extends CidrRangeOrBuilder> getSourcePrefixRangesOrBuilderList()The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
-
getSourcePrefixRangesOrBuilder
The criteria is satisfied if the source IP address of the downstream connection is contained in at least one of the specified subnets. If the parameter is not specified or the list is empty, the source IP address is ignored.
repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
-
getSourcePortsList
The criteria is satisfied if the source port of the downstream connection is contained in at least one of the specified ports. If the parameter is not specified, the source port is ignored.
repeated uint32 source_ports = 7 [(.validate.rules) = { ... }
- Returns:
- A list containing the sourcePorts.
-
getSourcePortsCount
int getSourcePortsCount()The criteria is satisfied if the source port of the downstream connection is contained in at least one of the specified ports. If the parameter is not specified, the source port is ignored.
repeated uint32 source_ports = 7 [(.validate.rules) = { ... }
- Returns:
- The count of sourcePorts.
-
getSourcePorts
int getSourcePorts(int index) The criteria is satisfied if the source port of the downstream connection is contained in at least one of the specified ports. If the parameter is not specified, the source port is ignored.
repeated uint32 source_ports = 7 [(.validate.rules) = { ... }
- Parameters:
index
- The index of the element to return.- Returns:
- The sourcePorts at the given index.
-
getServerNamesList
If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining a filter chain match. Those values will be compared against the server names of a new connection, when detected by one of the listener filters. The server name will be matched against all wildcard domains, i.e. ``www.example.com`` will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. The value ``*`` is also not supported, and ``server_names`` should be omitted instead. .. attention:: See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more information.
repeated string server_names = 11;
- Returns:
- A list containing the serverNames.
-
getServerNamesCount
int getServerNamesCount()If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining a filter chain match. Those values will be compared against the server names of a new connection, when detected by one of the listener filters. The server name will be matched against all wildcard domains, i.e. ``www.example.com`` will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. The value ``*`` is also not supported, and ``server_names`` should be omitted instead. .. attention:: See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more information.
repeated string server_names = 11;
- Returns:
- The count of serverNames.
-
getServerNames
If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining a filter chain match. Those values will be compared against the server names of a new connection, when detected by one of the listener filters. The server name will be matched against all wildcard domains, i.e. ``www.example.com`` will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. The value ``*`` is also not supported, and ``server_names`` should be omitted instead. .. attention:: See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more information.
repeated string server_names = 11;
- Parameters:
index
- The index of the element to return.- Returns:
- The serverNames at the given index.
-
getServerNamesBytes
com.google.protobuf.ByteString getServerNamesBytes(int index) If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining a filter chain match. Those values will be compared against the server names of a new connection, when detected by one of the listener filters. The server name will be matched against all wildcard domains, i.e. ``www.example.com`` will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. The value ``*`` is also not supported, and ``server_names`` should be omitted instead. .. attention:: See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more information.
repeated string server_names = 11;
- Parameters:
index
- The index of the value to return.- Returns:
- The bytes of the serverNames at the given index.
-
getTransportProtocol
String getTransportProtocol()If non-empty, a transport protocol to consider when determining a filter chain match. This value will be compared against the transport protocol of a new connection, when it's detected by one of the listener filters. Suggested values include: * ``raw_buffer`` - default, used when no transport protocol is detected, * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>` when TLS protocol is detected.
string transport_protocol = 9;
- Returns:
- The transportProtocol.
-
getTransportProtocolBytes
com.google.protobuf.ByteString getTransportProtocolBytes()If non-empty, a transport protocol to consider when determining a filter chain match. This value will be compared against the transport protocol of a new connection, when it's detected by one of the listener filters. Suggested values include: * ``raw_buffer`` - default, used when no transport protocol is detected, * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>` when TLS protocol is detected.
string transport_protocol = 9;
- Returns:
- The bytes for transportProtocol.
-
getApplicationProtocolsList
If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when determining a filter chain match. Those values will be compared against the application protocols of a new connection, when detected by one of the listener filters. Suggested values include: * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`, * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>` .. attention:: Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides application protocol detection based on the requested `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values. However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, and matching on values other than ``h2`` is going to lead to a lot of false negatives, unless all connecting clients are known to use ALPN.
repeated string application_protocols = 10;
- Returns:
- A list containing the applicationProtocols.
-
getApplicationProtocolsCount
int getApplicationProtocolsCount()If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when determining a filter chain match. Those values will be compared against the application protocols of a new connection, when detected by one of the listener filters. Suggested values include: * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`, * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>` .. attention:: Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides application protocol detection based on the requested `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values. However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, and matching on values other than ``h2`` is going to lead to a lot of false negatives, unless all connecting clients are known to use ALPN.
repeated string application_protocols = 10;
- Returns:
- The count of applicationProtocols.
-
getApplicationProtocols
If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when determining a filter chain match. Those values will be compared against the application protocols of a new connection, when detected by one of the listener filters. Suggested values include: * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`, * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>` .. attention:: Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides application protocol detection based on the requested `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values. However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, and matching on values other than ``h2`` is going to lead to a lot of false negatives, unless all connecting clients are known to use ALPN.
repeated string application_protocols = 10;
- Parameters:
index
- The index of the element to return.- Returns:
- The applicationProtocols at the given index.
-
getApplicationProtocolsBytes
com.google.protobuf.ByteString getApplicationProtocolsBytes(int index) If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when determining a filter chain match. Those values will be compared against the application protocols of a new connection, when detected by one of the listener filters. Suggested values include: * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`, * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>` .. attention:: Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides application protocol detection based on the requested `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values. However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, and matching on values other than ``h2`` is going to lead to a lot of false negatives, unless all connecting clients are known to use ALPN.
repeated string application_protocols = 10;
- Parameters:
index
- The index of the value to return.- Returns:
- The bytes of the applicationProtocols at the given index.
-