Class SecurityRule

A security rule is one of the items in a {@link NetworkSecurityGroup}. It is a virtual firewall rule for the VNICs in the network security group. A rule can be for either inbound (direction= INGRESS) or outbound (direction= EGRESS) IP packets.

Inheritance

object

SecurityRule

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Namespace: Oci.CoreService.Models

Assembly: OCI.DotNetSDK.Core.dll

Syntax

public class SecurityRule

Properties

Description

Declaration

[JsonProperty(PropertyName = "description")]
public string Description { get; set; }

Property Value

Type	Description
string	An optional description of your choice for the rule.

Destination

Declaration

[JsonProperty(PropertyName = "destination")]
public string Destination { get; set; }

Property Value

Type	Description
string	Conceptually, this is the range of IP addresses that a packet originating from the instance can go to. Allowed values: An IP address range in CIDR notation. For Example: 192.168.1.0/24 or 2001:0db8:0123:45::/56 IPv6 addressing is supported for all commercial and government regions. See IPv6 Addresses. * The cidrBlock value for a {@link Service}, if you're setting up a security rule for traffic destined for a particular Service through a service gateway. For

Type

Description

string

Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
Allowed values:

An IP address range in CIDR notation. For Example: 192.168.1.0/24 or 2001:0db8:0123:45::/56 IPv6 addressing is supported for all commercial and government regions. See IPv6 Addresses. * The cidrBlock value for a {@link Service}, if you're setting up a security rule for traffic destined for a particular Service through a service gateway. For

DestinationType

Declaration

[JsonProperty(PropertyName = "destinationType")]
[JsonConverter(typeof(ResponseEnumConverter))]
public SecurityRule.DestinationTypeEnum? DestinationType { get; set; }

Property Value

Type Description

Type	Description
SecurityRule.DestinationTypeEnum?	Type of destination for the rule. Required if `direction` = `EGRESS`. Allowed values: `CIDR_BLOCK`: If the rule's `destination` is an IP address range in CIDR notation. `SERVICE_CIDR_BLOCK`: If the rule's `destination` is the `cidrBlock` value for a {@link Service} (the rule is for traffic destined for a particular `Service` through a service gateway). `NETWORK_SECURITY_GROUP`: If the rule's `destination` is the OCID of a {@link NetworkSecurityGroup}.

SecurityRule.DestinationTypeEnum?

Type of destination for the rule. Required if direction = EGRESS.
Allowed values:

CIDR_BLOCK: If the rule's destination is an IP address range in CIDR notation.
SERVICE_CIDR_BLOCK: If the rule's destination is the cidrBlock value for a {@link Service} (the rule is for traffic destined for a particular Service through a service gateway).
NETWORK_SECURITY_GROUP: If the rule's destination is the OCID of a {@link NetworkSecurityGroup}.

Direction

Declaration

[Required(ErrorMessage = "Direction is required.")]
[JsonProperty(PropertyName = "direction")]
[JsonConverter(typeof(ResponseEnumConverter))]
public SecurityRule.DirectionEnum? Direction { get; set; }

Property Value

Type	Description
SecurityRule.DirectionEnum?	Direction of the security rule. Set to `EGRESS` for rules to allow outbound IP packets, or `INGRESS` for rules to allow inbound IP packets.

Remarks

Required

IcmpOptions

Declaration

[JsonProperty(PropertyName = "icmpOptions")]
public IcmpOptions IcmpOptions { get; set; }

Property Value

Type	Description
IcmpOptions

Id

Declaration

[JsonProperty(PropertyName = "id")]
public string Id { get; set; }

Property Value

Type	Description
string	An Oracle-assigned identifier for the security rule. You specify this ID when you want to update or delete the rule. Example: 04ABEC

IsStateless

Declaration

[JsonProperty(PropertyName = "isStateless")]
public bool? IsStateless { get; set; }

Property Value

Type	Description
bool?	A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.

Type

Description

bool?

A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.

IsValid

Declaration

[JsonProperty(PropertyName = "isValid")]
public bool? IsValid { get; set; }

Property Value

Type	Description
bool?	Whether the rule is valid. The value is `True` when the rule is first created. If the rule's `source` or `destination` is a network security group, the value changes to `False` if that network security group is deleted.

Protocol

Declaration

[Required(ErrorMessage = "Protocol is required.")]
[JsonProperty(PropertyName = "protocol")]
public string Protocol { get; set; }

Property Value

Type	Description
string	The transport protocol. Specify either `all` or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").

Remarks

Required

Source

Declaration

[JsonProperty(PropertyName = "source")]
public string Source { get; set; }

Property Value

Type	Description
string	Conceptually, this is the range of IP addresses that a packet coming into the instance can come from. Allowed values: An IP address range in CIDR notation. For Example: 192.168.1.0/24 or 2001:0db8:0123:45::/56 IPv6 addressing is supported for all commercial and government regions. See IPv6 Addresses. * The cidrBlock value for a {@link Service}, if you're setting up a security rule for traffic coming from a particular Service through a service gateway. For

Type

Description

string

Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
Allowed values:

An IP address range in CIDR notation. For Example: 192.168.1.0/24 or 2001:0db8:0123:45::/56 IPv6 addressing is supported for all commercial and government regions. See IPv6 Addresses. * The cidrBlock value for a {@link Service}, if you're setting up a security rule for traffic coming from a particular Service through a service gateway. For

SourceType

Declaration

[JsonProperty(PropertyName = "sourceType")]
[JsonConverter(typeof(ResponseEnumConverter))]
public SecurityRule.SourceTypeEnum? SourceType { get; set; }

Property Value

Type Description

Type	Description
SecurityRule.SourceTypeEnum?	Type of source for the rule. Required if `direction` = `INGRESS`. `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation. `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a {@link Service} (the rule is for traffic coming from a particular `Service` through a service gateway). `NETWORK_SECURITY_GROUP`: If the rule's `source` is the OCID of a {@link NetworkSecurityGroup}.

SecurityRule.SourceTypeEnum?

Type of source for the rule. Required if direction = INGRESS.

CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a {@link Service} (the rule is for traffic coming from a particular Service through a service gateway).
NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a {@link NetworkSecurityGroup}.

TcpOptions

Declaration

[JsonProperty(PropertyName = "tcpOptions")]
public TcpOptions TcpOptions { get; set; }

Property Value

Type	Description
TcpOptions

TimeCreated

Declaration

[JsonProperty(PropertyName = "timeCreated")]
public DateTime? TimeCreated { get; set; }

Property Value

Type	Description
DateTime?	The date and time the security rule was created. Format defined by RFC3339.

UdpOptions

Declaration

[JsonProperty(PropertyName = "udpOptions")]
public UdpOptions UdpOptions { get; set; }

Property Value

Type	Description
UdpOptions