Class FilterChainMatch

java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessage
io.envoyproxy.envoy.config.listener.v3.FilterChainMatch
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, FilterChainMatchOrBuilder, Serializable

public final class FilterChainMatch extends com.google.protobuf.GeneratedMessage implements FilterChainMatchOrBuilder
 Specifies the match criteria for selecting a specific filter chain for a
 listener.

 In order for a filter chain to be selected, *ALL* of its criteria must be
 fulfilled by the incoming connection, properties of which are set by the
 networking stack and/or listener filters.

 The following order applies:

 1. Destination port.
 2. Destination IP address.
 3. Server name (e.g. SNI for TLS protocol),
 4. Transport protocol.
 5. Application protocols (e.g. ALPN for TLS protocol).
 6. Directly connected source IP address (this will only be different from the source IP address
 when using a listener filter that overrides the source address, such as the :ref:`Proxy Protocol
 listener filter <config_listener_filters_proxy_protocol>`).
 7. Source type (e.g. any, local or external network).
 8. Source IP address.
 9. Source port.

 For criteria that allow ranges or wildcards, the most specific value in any
 of the configured filter chains that matches the incoming connection is going
 to be used (e.g. for SNI ``www.example.com`` the most specific match would be
 ``www.example.com``, then ``*.example.com``, then ``*.com``, then any filter
 chain without ``server_names`` requirements).

 A different way to reason about the filter chain matches:
 Suppose there exists N filter chains. Prune the filter chain set using the above 8 steps.
 In each step, filter chains which most specifically matches the attributes continue to the next step.
 The listener guarantees at most 1 filter chain is left after all of the steps.

 Example:

 For destination port, filter chains specifying the destination port of incoming traffic are the
 most specific match. If none of the filter chains specifies the exact destination port, the filter
 chains which do not specify ports are the most specific match. Filter chains specifying the
 wrong port can never be the most specific match.

 [#comment: Implemented rules are kept in the preference order, with deprecated fields
 listed at the end, because that's how we want to list them in the docs.

 [#comment:TODO(PiotrSikora): Add support for configurable precedence of the rules]
 [#next-free-field: 14]
 
Protobuf type envoy.config.listener.v3.FilterChainMatch
See Also:
  • Field Details

    • serialVersionUID

      private static final long serialVersionUID
      See Also:
    • bitField0_

      private int bitField0_
    • DESTINATION_PORT_FIELD_NUMBER

      public static final int DESTINATION_PORT_FIELD_NUMBER
      See Also:
    • destinationPort_

      private com.google.protobuf.UInt32Value destinationPort_
    • PREFIX_RANGES_FIELD_NUMBER

      public static final int PREFIX_RANGES_FIELD_NUMBER
      See Also:
    • prefixRanges_

      private List<CidrRange> prefixRanges_
    • ADDRESS_SUFFIX_FIELD_NUMBER

      public static final int ADDRESS_SUFFIX_FIELD_NUMBER
      See Also:
    • addressSuffix_

      private volatile Object addressSuffix_
    • SUFFIX_LEN_FIELD_NUMBER

      public static final int SUFFIX_LEN_FIELD_NUMBER
      See Also:
    • suffixLen_

      private com.google.protobuf.UInt32Value suffixLen_
    • DIRECT_SOURCE_PREFIX_RANGES_FIELD_NUMBER

      public static final int DIRECT_SOURCE_PREFIX_RANGES_FIELD_NUMBER
      See Also:
    • directSourcePrefixRanges_

      private List<CidrRange> directSourcePrefixRanges_
    • SOURCE_TYPE_FIELD_NUMBER

      public static final int SOURCE_TYPE_FIELD_NUMBER
      See Also:
    • sourceType_

      private int sourceType_
    • SOURCE_PREFIX_RANGES_FIELD_NUMBER

      public static final int SOURCE_PREFIX_RANGES_FIELD_NUMBER
      See Also:
    • sourcePrefixRanges_

      private List<CidrRange> sourcePrefixRanges_
    • SOURCE_PORTS_FIELD_NUMBER

      public static final int SOURCE_PORTS_FIELD_NUMBER
      See Also:
    • sourcePorts_

      private com.google.protobuf.Internal.IntList sourcePorts_
    • sourcePortsMemoizedSerializedSize

      private int sourcePortsMemoizedSerializedSize
    • SERVER_NAMES_FIELD_NUMBER

      public static final int SERVER_NAMES_FIELD_NUMBER
      See Also:
    • serverNames_

      private com.google.protobuf.LazyStringArrayList serverNames_
    • TRANSPORT_PROTOCOL_FIELD_NUMBER

      public static final int TRANSPORT_PROTOCOL_FIELD_NUMBER
      See Also:
    • transportProtocol_

      private volatile Object transportProtocol_
    • APPLICATION_PROTOCOLS_FIELD_NUMBER

      public static final int APPLICATION_PROTOCOLS_FIELD_NUMBER
      See Also:
    • applicationProtocols_

      private com.google.protobuf.LazyStringArrayList applicationProtocols_
    • memoizedIsInitialized

      private byte memoizedIsInitialized
    • DEFAULT_INSTANCE

      private static final FilterChainMatch DEFAULT_INSTANCE
    • PARSER

      private static final com.google.protobuf.Parser<FilterChainMatch> PARSER
  • Constructor Details

    • FilterChainMatch

      private FilterChainMatch(com.google.protobuf.GeneratedMessage.Builder<?> builder)
    • FilterChainMatch

      private FilterChainMatch()
  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()
    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessage.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessage
    • hasDestinationPort

      public boolean hasDestinationPort()
       Optional destination port to consider when use_original_dst is set on the
       listener in determining a filter chain match.
       
      .google.protobuf.UInt32Value destination_port = 8 [(.validate.rules) = { ... }
      Specified by:
      hasDestinationPort in interface FilterChainMatchOrBuilder
      Returns:
      Whether the destinationPort field is set.
    • getDestinationPort

      public com.google.protobuf.UInt32Value getDestinationPort()
       Optional destination port to consider when use_original_dst is set on the
       listener in determining a filter chain match.
       
      .google.protobuf.UInt32Value destination_port = 8 [(.validate.rules) = { ... }
      Specified by:
      getDestinationPort in interface FilterChainMatchOrBuilder
      Returns:
      The destinationPort.
    • getDestinationPortOrBuilder

      public com.google.protobuf.UInt32ValueOrBuilder getDestinationPortOrBuilder()
       Optional destination port to consider when use_original_dst is set on the
       listener in determining a filter chain match.
       
      .google.protobuf.UInt32Value destination_port = 8 [(.validate.rules) = { ... }
      Specified by:
      getDestinationPortOrBuilder in interface FilterChainMatchOrBuilder
    • getPrefixRangesList

      public List<CidrRange> getPrefixRangesList()
       If non-empty, an IP address and prefix length to match addresses when the
       listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
       
      repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
      Specified by:
      getPrefixRangesList in interface FilterChainMatchOrBuilder
    • getPrefixRangesOrBuilderList

      public List<? extends CidrRangeOrBuilder> getPrefixRangesOrBuilderList()
       If non-empty, an IP address and prefix length to match addresses when the
       listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
       
      repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
      Specified by:
      getPrefixRangesOrBuilderList in interface FilterChainMatchOrBuilder
    • getPrefixRangesCount

      public int getPrefixRangesCount()
       If non-empty, an IP address and prefix length to match addresses when the
       listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
       
      repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
      Specified by:
      getPrefixRangesCount in interface FilterChainMatchOrBuilder
    • getPrefixRanges

      public CidrRange getPrefixRanges(int index)
       If non-empty, an IP address and prefix length to match addresses when the
       listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
       
      repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
      Specified by:
      getPrefixRanges in interface FilterChainMatchOrBuilder
    • getPrefixRangesOrBuilder

      public CidrRangeOrBuilder getPrefixRangesOrBuilder(int index)
       If non-empty, an IP address and prefix length to match addresses when the
       listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
       
      repeated .envoy.config.core.v3.CidrRange prefix_ranges = 3;
      Specified by:
      getPrefixRangesOrBuilder in interface FilterChainMatchOrBuilder
    • getAddressSuffix

      public String getAddressSuffix()
       If non-empty, an IP address and suffix length to match addresses when the
       listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
       [#not-implemented-hide:]
       
      string address_suffix = 4;
      Specified by:
      getAddressSuffix in interface FilterChainMatchOrBuilder
      Returns:
      The addressSuffix.
    • getAddressSuffixBytes

      public com.google.protobuf.ByteString getAddressSuffixBytes()
       If non-empty, an IP address and suffix length to match addresses when the
       listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
       [#not-implemented-hide:]
       
      string address_suffix = 4;
      Specified by:
      getAddressSuffixBytes in interface FilterChainMatchOrBuilder
      Returns:
      The bytes for addressSuffix.
    • hasSuffixLen

      public boolean hasSuffixLen()
       [#not-implemented-hide:]
       
      .google.protobuf.UInt32Value suffix_len = 5;
      Specified by:
      hasSuffixLen in interface FilterChainMatchOrBuilder
      Returns:
      Whether the suffixLen field is set.
    • getSuffixLen

      public com.google.protobuf.UInt32Value getSuffixLen()
       [#not-implemented-hide:]
       
      .google.protobuf.UInt32Value suffix_len = 5;
      Specified by:
      getSuffixLen in interface FilterChainMatchOrBuilder
      Returns:
      The suffixLen.
    • getSuffixLenOrBuilder

      public com.google.protobuf.UInt32ValueOrBuilder getSuffixLenOrBuilder()
       [#not-implemented-hide:]
       
      .google.protobuf.UInt32Value suffix_len = 5;
      Specified by:
      getSuffixLenOrBuilder in interface FilterChainMatchOrBuilder
    • getDirectSourcePrefixRangesList

      public List<CidrRange> getDirectSourcePrefixRangesList()
       The criteria is satisfied if the directly connected source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the parameter is not
       specified or the list is empty, the directly connected source IP address is ignored.
       
      repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
      Specified by:
      getDirectSourcePrefixRangesList in interface FilterChainMatchOrBuilder
    • getDirectSourcePrefixRangesOrBuilderList

      public List<? extends CidrRangeOrBuilder> getDirectSourcePrefixRangesOrBuilderList()
       The criteria is satisfied if the directly connected source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the parameter is not
       specified or the list is empty, the directly connected source IP address is ignored.
       
      repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
      Specified by:
      getDirectSourcePrefixRangesOrBuilderList in interface FilterChainMatchOrBuilder
    • getDirectSourcePrefixRangesCount

      public int getDirectSourcePrefixRangesCount()
       The criteria is satisfied if the directly connected source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the parameter is not
       specified or the list is empty, the directly connected source IP address is ignored.
       
      repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
      Specified by:
      getDirectSourcePrefixRangesCount in interface FilterChainMatchOrBuilder
    • getDirectSourcePrefixRanges

      public CidrRange getDirectSourcePrefixRanges(int index)
       The criteria is satisfied if the directly connected source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the parameter is not
       specified or the list is empty, the directly connected source IP address is ignored.
       
      repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
      Specified by:
      getDirectSourcePrefixRanges in interface FilterChainMatchOrBuilder
    • getDirectSourcePrefixRangesOrBuilder

      public CidrRangeOrBuilder getDirectSourcePrefixRangesOrBuilder(int index)
       The criteria is satisfied if the directly connected source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the parameter is not
       specified or the list is empty, the directly connected source IP address is ignored.
       
      repeated .envoy.config.core.v3.CidrRange direct_source_prefix_ranges = 13;
      Specified by:
      getDirectSourcePrefixRangesOrBuilder in interface FilterChainMatchOrBuilder
    • getSourceTypeValue

      public int getSourceTypeValue()
       Specifies the connection source IP match type. Can be any, local or external network.
       
      .envoy.config.listener.v3.FilterChainMatch.ConnectionSourceType source_type = 12 [(.validate.rules) = { ... }
      Specified by:
      getSourceTypeValue in interface FilterChainMatchOrBuilder
      Returns:
      The enum numeric value on the wire for sourceType.
    • getSourceType

      public FilterChainMatch.ConnectionSourceType getSourceType()
       Specifies the connection source IP match type. Can be any, local or external network.
       
      .envoy.config.listener.v3.FilterChainMatch.ConnectionSourceType source_type = 12 [(.validate.rules) = { ... }
      Specified by:
      getSourceType in interface FilterChainMatchOrBuilder
      Returns:
      The sourceType.
    • getSourcePrefixRangesList

      public List<CidrRange> getSourcePrefixRangesList()
       The criteria is satisfied if the source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the
       parameter is not specified or the list is empty, the source IP address is
       ignored.
       
      repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
      Specified by:
      getSourcePrefixRangesList in interface FilterChainMatchOrBuilder
    • getSourcePrefixRangesOrBuilderList

      public List<? extends CidrRangeOrBuilder> getSourcePrefixRangesOrBuilderList()
       The criteria is satisfied if the source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the
       parameter is not specified or the list is empty, the source IP address is
       ignored.
       
      repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
      Specified by:
      getSourcePrefixRangesOrBuilderList in interface FilterChainMatchOrBuilder
    • getSourcePrefixRangesCount

      public int getSourcePrefixRangesCount()
       The criteria is satisfied if the source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the
       parameter is not specified or the list is empty, the source IP address is
       ignored.
       
      repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
      Specified by:
      getSourcePrefixRangesCount in interface FilterChainMatchOrBuilder
    • getSourcePrefixRanges

      public CidrRange getSourcePrefixRanges(int index)
       The criteria is satisfied if the source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the
       parameter is not specified or the list is empty, the source IP address is
       ignored.
       
      repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
      Specified by:
      getSourcePrefixRanges in interface FilterChainMatchOrBuilder
    • getSourcePrefixRangesOrBuilder

      public CidrRangeOrBuilder getSourcePrefixRangesOrBuilder(int index)
       The criteria is satisfied if the source IP address of the downstream
       connection is contained in at least one of the specified subnets. If the
       parameter is not specified or the list is empty, the source IP address is
       ignored.
       
      repeated .envoy.config.core.v3.CidrRange source_prefix_ranges = 6;
      Specified by:
      getSourcePrefixRangesOrBuilder in interface FilterChainMatchOrBuilder
    • getSourcePortsList

      public List<Integer> getSourcePortsList()
       The criteria is satisfied if the source port of the downstream connection
       is contained in at least one of the specified ports. If the parameter is
       not specified, the source port is ignored.
       
      repeated uint32 source_ports = 7 [(.validate.rules) = { ... }
      Specified by:
      getSourcePortsList in interface FilterChainMatchOrBuilder
      Returns:
      A list containing the sourcePorts.
    • getSourcePortsCount

      public int getSourcePortsCount()
       The criteria is satisfied if the source port of the downstream connection
       is contained in at least one of the specified ports. If the parameter is
       not specified, the source port is ignored.
       
      repeated uint32 source_ports = 7 [(.validate.rules) = { ... }
      Specified by:
      getSourcePortsCount in interface FilterChainMatchOrBuilder
      Returns:
      The count of sourcePorts.
    • getSourcePorts

      public int getSourcePorts(int index)
       The criteria is satisfied if the source port of the downstream connection
       is contained in at least one of the specified ports. If the parameter is
       not specified, the source port is ignored.
       
      repeated uint32 source_ports = 7 [(.validate.rules) = { ... }
      Specified by:
      getSourcePorts in interface FilterChainMatchOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The sourcePorts at the given index.
    • getServerNamesList

      public com.google.protobuf.ProtocolStringList getServerNamesList()
       If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining
       a filter chain match. Those values will be compared against the server names of a new
       connection, when detected by one of the listener filters.
      
       The server name will be matched against all wildcard domains, i.e. ``www.example.com``
       will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``.
      
       Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid.
       The value ``*`` is also not supported, and ``server_names`` should be omitted instead.
      
       .. attention::
      
       See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more
       information.
       
      repeated string server_names = 11;
      Specified by:
      getServerNamesList in interface FilterChainMatchOrBuilder
      Returns:
      A list containing the serverNames.
    • getServerNamesCount

      public int getServerNamesCount()
       If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining
       a filter chain match. Those values will be compared against the server names of a new
       connection, when detected by one of the listener filters.
      
       The server name will be matched against all wildcard domains, i.e. ``www.example.com``
       will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``.
      
       Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid.
       The value ``*`` is also not supported, and ``server_names`` should be omitted instead.
      
       .. attention::
      
       See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more
       information.
       
      repeated string server_names = 11;
      Specified by:
      getServerNamesCount in interface FilterChainMatchOrBuilder
      Returns:
      The count of serverNames.
    • getServerNames

      public String getServerNames(int index)
       If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining
       a filter chain match. Those values will be compared against the server names of a new
       connection, when detected by one of the listener filters.
      
       The server name will be matched against all wildcard domains, i.e. ``www.example.com``
       will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``.
      
       Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid.
       The value ``*`` is also not supported, and ``server_names`` should be omitted instead.
      
       .. attention::
      
       See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more
       information.
       
      repeated string server_names = 11;
      Specified by:
      getServerNames in interface FilterChainMatchOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The serverNames at the given index.
    • getServerNamesBytes

      public com.google.protobuf.ByteString getServerNamesBytes(int index)
       If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining
       a filter chain match. Those values will be compared against the server names of a new
       connection, when detected by one of the listener filters.
      
       The server name will be matched against all wildcard domains, i.e. ``www.example.com``
       will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``.
      
       Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid.
       The value ``*`` is also not supported, and ``server_names`` should be omitted instead.
      
       .. attention::
      
       See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more
       information.
       
      repeated string server_names = 11;
      Specified by:
      getServerNamesBytes in interface FilterChainMatchOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the serverNames at the given index.
    • getTransportProtocol

      public String getTransportProtocol()
       If non-empty, a transport protocol to consider when determining a filter chain match.
       This value will be compared against the transport protocol of a new connection, when
       it's detected by one of the listener filters.
      
       Suggested values include:
      
       * ``raw_buffer`` - default, used when no transport protocol is detected,
       * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
       when TLS protocol is detected.
       
      string transport_protocol = 9;
      Specified by:
      getTransportProtocol in interface FilterChainMatchOrBuilder
      Returns:
      The transportProtocol.
    • getTransportProtocolBytes

      public com.google.protobuf.ByteString getTransportProtocolBytes()
       If non-empty, a transport protocol to consider when determining a filter chain match.
       This value will be compared against the transport protocol of a new connection, when
       it's detected by one of the listener filters.
      
       Suggested values include:
      
       * ``raw_buffer`` - default, used when no transport protocol is detected,
       * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
       when TLS protocol is detected.
       
      string transport_protocol = 9;
      Specified by:
      getTransportProtocolBytes in interface FilterChainMatchOrBuilder
      Returns:
      The bytes for transportProtocol.
    • getApplicationProtocolsList

      public com.google.protobuf.ProtocolStringList getApplicationProtocolsList()
       If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when
       determining a filter chain match. Those values will be compared against the application
       protocols of a new connection, when detected by one of the listener filters.
      
       Suggested values include:
      
       * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector
       <config_listener_filters_tls_inspector>`,
       * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
      
       .. attention::
      
       Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides
       application protocol detection based on the requested
       `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values.
      
       However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet,
       and matching on values other than ``h2`` is going to lead to a lot of false negatives,
       unless all connecting clients are known to use ALPN.
       
      repeated string application_protocols = 10;
      Specified by:
      getApplicationProtocolsList in interface FilterChainMatchOrBuilder
      Returns:
      A list containing the applicationProtocols.
    • getApplicationProtocolsCount

      public int getApplicationProtocolsCount()
       If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when
       determining a filter chain match. Those values will be compared against the application
       protocols of a new connection, when detected by one of the listener filters.
      
       Suggested values include:
      
       * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector
       <config_listener_filters_tls_inspector>`,
       * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
      
       .. attention::
      
       Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides
       application protocol detection based on the requested
       `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values.
      
       However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet,
       and matching on values other than ``h2`` is going to lead to a lot of false negatives,
       unless all connecting clients are known to use ALPN.
       
      repeated string application_protocols = 10;
      Specified by:
      getApplicationProtocolsCount in interface FilterChainMatchOrBuilder
      Returns:
      The count of applicationProtocols.
    • getApplicationProtocols

      public String getApplicationProtocols(int index)
       If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when
       determining a filter chain match. Those values will be compared against the application
       protocols of a new connection, when detected by one of the listener filters.
      
       Suggested values include:
      
       * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector
       <config_listener_filters_tls_inspector>`,
       * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
      
       .. attention::
      
       Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides
       application protocol detection based on the requested
       `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values.
      
       However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet,
       and matching on values other than ``h2`` is going to lead to a lot of false negatives,
       unless all connecting clients are known to use ALPN.
       
      repeated string application_protocols = 10;
      Specified by:
      getApplicationProtocols in interface FilterChainMatchOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The applicationProtocols at the given index.
    • getApplicationProtocolsBytes

      public com.google.protobuf.ByteString getApplicationProtocolsBytes(int index)
       If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when
       determining a filter chain match. Those values will be compared against the application
       protocols of a new connection, when detected by one of the listener filters.
      
       Suggested values include:
      
       * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector
       <config_listener_filters_tls_inspector>`,
       * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
      
       .. attention::
      
       Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides
       application protocol detection based on the requested
       `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values.
      
       However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet,
       and matching on values other than ``h2`` is going to lead to a lot of false negatives,
       unless all connecting clients are known to use ALPN.
       
      repeated string application_protocols = 10;
      Specified by:
      getApplicationProtocolsBytes in interface FilterChainMatchOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the applicationProtocols at the given index.
    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessage
    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessage
      Throws:
      IOException
    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessage
    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage
    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage
    • parseFrom

      public static FilterChainMatch parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static FilterChainMatch parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static FilterChainMatch parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static FilterChainMatch parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static FilterChainMatch parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static FilterChainMatch parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static FilterChainMatch parseFrom(InputStream input) throws IOException
      Throws:
      IOException
    • parseFrom

      public static FilterChainMatch parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException
    • parseDelimitedFrom

      public static FilterChainMatch parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException
    • parseDelimitedFrom

      public static FilterChainMatch parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException
    • parseFrom

      public static FilterChainMatch parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException
    • parseFrom

      public static FilterChainMatch parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException
    • newBuilderForType

      public FilterChainMatch.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite
    • newBuilder

      public static FilterChainMatch.Builder newBuilder()
    • newBuilder

      public static FilterChainMatch.Builder newBuilder(FilterChainMatch prototype)
    • toBuilder

      public FilterChainMatch.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite
    • newBuilderForType

      protected FilterChainMatch.Builder newBuilderForType(com.google.protobuf.AbstractMessage.BuilderParent parent)
      Overrides:
      newBuilderForType in class com.google.protobuf.AbstractMessage
    • getDefaultInstance

      public static FilterChainMatch getDefaultInstance()
    • parser

      public static com.google.protobuf.Parser<FilterChainMatch> parser()
    • getParserForType

      public com.google.protobuf.Parser<FilterChainMatch> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessage
    • getDefaultInstanceForType

      public FilterChainMatch getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder