{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.WAFV2.Types.IPSetForwardedIPConfig
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.WAFV2.Types.IPSetForwardedIPConfig where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
import Amazonka.WAFV2.Types.FallbackBehavior
import Amazonka.WAFV2.Types.ForwardedIPPosition

-- | The configuration for inspecting IP addresses in an HTTP header that you
-- specify, instead of using the IP address that\'s reported by the web
-- request origin. Commonly, this is the X-Forwarded-For (XFF) header, but
-- you can specify any header name.
--
-- If the specified header isn\'t present in the request, WAF doesn\'t
-- apply the rule to the web request at all.
--
-- This configuration is used only for IPSetReferenceStatement. For
-- GeoMatchStatement and RateBasedStatement, use ForwardedIPConfig instead.
--
-- /See:/ 'newIPSetForwardedIPConfig' smart constructor.
data IPSetForwardedIPConfig = IPSetForwardedIPConfig'
  { -- | The name of the HTTP header to use for the IP address. For example, to
    -- use the X-Forwarded-For (XFF) header, set this to @X-Forwarded-For@.
    --
    -- If the specified header isn\'t present in the request, WAF doesn\'t
    -- apply the rule to the web request at all.
    IPSetForwardedIPConfig -> Text
headerName :: Prelude.Text,
    -- | The match status to assign to the web request if the request doesn\'t
    -- have a valid IP address in the specified position.
    --
    -- If the specified header isn\'t present in the request, WAF doesn\'t
    -- apply the rule to the web request at all.
    --
    -- You can specify the following fallback behaviors:
    --
    -- -   @MATCH@ - Treat the web request as matching the rule statement. WAF
    --     applies the rule action to the request.
    --
    -- -   @NO_MATCH@ - Treat the web request as not matching the rule
    --     statement.
    IPSetForwardedIPConfig -> FallbackBehavior
fallbackBehavior :: FallbackBehavior,
    -- | The position in the header to search for the IP address. The header can
    -- contain IP addresses of the original client and also of proxies. For
    -- example, the header value could be @10.1.1.1, 127.0.0.0, 10.10.10.10@
    -- where the first IP address identifies the original client and the rest
    -- identify proxies that the request went through.
    --
    -- The options for this setting are the following:
    --
    -- -   FIRST - Inspect the first IP address in the list of IP addresses in
    --     the header. This is usually the client\'s original IP.
    --
    -- -   LAST - Inspect the last IP address in the list of IP addresses in
    --     the header.
    --
    -- -   ANY - Inspect all IP addresses in the header for a match. If the
    --     header contains more than 10 IP addresses, WAF inspects the last 10.
    IPSetForwardedIPConfig -> ForwardedIPPosition
position :: ForwardedIPPosition
  }
  deriving (IPSetForwardedIPConfig -> IPSetForwardedIPConfig -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: IPSetForwardedIPConfig -> IPSetForwardedIPConfig -> Bool
$c/= :: IPSetForwardedIPConfig -> IPSetForwardedIPConfig -> Bool
== :: IPSetForwardedIPConfig -> IPSetForwardedIPConfig -> Bool
$c== :: IPSetForwardedIPConfig -> IPSetForwardedIPConfig -> Bool
Prelude.Eq, ReadPrec [IPSetForwardedIPConfig]
ReadPrec IPSetForwardedIPConfig
Int -> ReadS IPSetForwardedIPConfig
ReadS [IPSetForwardedIPConfig]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [IPSetForwardedIPConfig]
$creadListPrec :: ReadPrec [IPSetForwardedIPConfig]
readPrec :: ReadPrec IPSetForwardedIPConfig
$creadPrec :: ReadPrec IPSetForwardedIPConfig
readList :: ReadS [IPSetForwardedIPConfig]
$creadList :: ReadS [IPSetForwardedIPConfig]
readsPrec :: Int -> ReadS IPSetForwardedIPConfig
$creadsPrec :: Int -> ReadS IPSetForwardedIPConfig
Prelude.Read, Int -> IPSetForwardedIPConfig -> ShowS
[IPSetForwardedIPConfig] -> ShowS
IPSetForwardedIPConfig -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [IPSetForwardedIPConfig] -> ShowS
$cshowList :: [IPSetForwardedIPConfig] -> ShowS
show :: IPSetForwardedIPConfig -> String
$cshow :: IPSetForwardedIPConfig -> String
showsPrec :: Int -> IPSetForwardedIPConfig -> ShowS
$cshowsPrec :: Int -> IPSetForwardedIPConfig -> ShowS
Prelude.Show, forall x. Rep IPSetForwardedIPConfig x -> IPSetForwardedIPConfig
forall x. IPSetForwardedIPConfig -> Rep IPSetForwardedIPConfig x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep IPSetForwardedIPConfig x -> IPSetForwardedIPConfig
$cfrom :: forall x. IPSetForwardedIPConfig -> Rep IPSetForwardedIPConfig x
Prelude.Generic)

-- |
-- Create a value of 'IPSetForwardedIPConfig' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'headerName', 'iPSetForwardedIPConfig_headerName' - The name of the HTTP header to use for the IP address. For example, to
-- use the X-Forwarded-For (XFF) header, set this to @X-Forwarded-For@.
--
-- If the specified header isn\'t present in the request, WAF doesn\'t
-- apply the rule to the web request at all.
--
-- 'fallbackBehavior', 'iPSetForwardedIPConfig_fallbackBehavior' - The match status to assign to the web request if the request doesn\'t
-- have a valid IP address in the specified position.
--
-- If the specified header isn\'t present in the request, WAF doesn\'t
-- apply the rule to the web request at all.
--
-- You can specify the following fallback behaviors:
--
-- -   @MATCH@ - Treat the web request as matching the rule statement. WAF
--     applies the rule action to the request.
--
-- -   @NO_MATCH@ - Treat the web request as not matching the rule
--     statement.
--
-- 'position', 'iPSetForwardedIPConfig_position' - The position in the header to search for the IP address. The header can
-- contain IP addresses of the original client and also of proxies. For
-- example, the header value could be @10.1.1.1, 127.0.0.0, 10.10.10.10@
-- where the first IP address identifies the original client and the rest
-- identify proxies that the request went through.
--
-- The options for this setting are the following:
--
-- -   FIRST - Inspect the first IP address in the list of IP addresses in
--     the header. This is usually the client\'s original IP.
--
-- -   LAST - Inspect the last IP address in the list of IP addresses in
--     the header.
--
-- -   ANY - Inspect all IP addresses in the header for a match. If the
--     header contains more than 10 IP addresses, WAF inspects the last 10.
newIPSetForwardedIPConfig ::
  -- | 'headerName'
  Prelude.Text ->
  -- | 'fallbackBehavior'
  FallbackBehavior ->
  -- | 'position'
  ForwardedIPPosition ->
  IPSetForwardedIPConfig
newIPSetForwardedIPConfig :: Text
-> FallbackBehavior
-> ForwardedIPPosition
-> IPSetForwardedIPConfig
newIPSetForwardedIPConfig
  Text
pHeaderName_
  FallbackBehavior
pFallbackBehavior_
  ForwardedIPPosition
pPosition_ =
    IPSetForwardedIPConfig'
      { $sel:headerName:IPSetForwardedIPConfig' :: Text
headerName = Text
pHeaderName_,
        $sel:fallbackBehavior:IPSetForwardedIPConfig' :: FallbackBehavior
fallbackBehavior = FallbackBehavior
pFallbackBehavior_,
        $sel:position:IPSetForwardedIPConfig' :: ForwardedIPPosition
position = ForwardedIPPosition
pPosition_
      }

-- | The name of the HTTP header to use for the IP address. For example, to
-- use the X-Forwarded-For (XFF) header, set this to @X-Forwarded-For@.
--
-- If the specified header isn\'t present in the request, WAF doesn\'t
-- apply the rule to the web request at all.
iPSetForwardedIPConfig_headerName :: Lens.Lens' IPSetForwardedIPConfig Prelude.Text
iPSetForwardedIPConfig_headerName :: Lens' IPSetForwardedIPConfig Text
iPSetForwardedIPConfig_headerName = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\IPSetForwardedIPConfig' {Text
headerName :: Text
$sel:headerName:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> Text
headerName} -> Text
headerName) (\s :: IPSetForwardedIPConfig
s@IPSetForwardedIPConfig' {} Text
a -> IPSetForwardedIPConfig
s {$sel:headerName:IPSetForwardedIPConfig' :: Text
headerName = Text
a} :: IPSetForwardedIPConfig)

-- | The match status to assign to the web request if the request doesn\'t
-- have a valid IP address in the specified position.
--
-- If the specified header isn\'t present in the request, WAF doesn\'t
-- apply the rule to the web request at all.
--
-- You can specify the following fallback behaviors:
--
-- -   @MATCH@ - Treat the web request as matching the rule statement. WAF
--     applies the rule action to the request.
--
-- -   @NO_MATCH@ - Treat the web request as not matching the rule
--     statement.
iPSetForwardedIPConfig_fallbackBehavior :: Lens.Lens' IPSetForwardedIPConfig FallbackBehavior
iPSetForwardedIPConfig_fallbackBehavior :: Lens' IPSetForwardedIPConfig FallbackBehavior
iPSetForwardedIPConfig_fallbackBehavior = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\IPSetForwardedIPConfig' {FallbackBehavior
fallbackBehavior :: FallbackBehavior
$sel:fallbackBehavior:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> FallbackBehavior
fallbackBehavior} -> FallbackBehavior
fallbackBehavior) (\s :: IPSetForwardedIPConfig
s@IPSetForwardedIPConfig' {} FallbackBehavior
a -> IPSetForwardedIPConfig
s {$sel:fallbackBehavior:IPSetForwardedIPConfig' :: FallbackBehavior
fallbackBehavior = FallbackBehavior
a} :: IPSetForwardedIPConfig)

-- | The position in the header to search for the IP address. The header can
-- contain IP addresses of the original client and also of proxies. For
-- example, the header value could be @10.1.1.1, 127.0.0.0, 10.10.10.10@
-- where the first IP address identifies the original client and the rest
-- identify proxies that the request went through.
--
-- The options for this setting are the following:
--
-- -   FIRST - Inspect the first IP address in the list of IP addresses in
--     the header. This is usually the client\'s original IP.
--
-- -   LAST - Inspect the last IP address in the list of IP addresses in
--     the header.
--
-- -   ANY - Inspect all IP addresses in the header for a match. If the
--     header contains more than 10 IP addresses, WAF inspects the last 10.
iPSetForwardedIPConfig_position :: Lens.Lens' IPSetForwardedIPConfig ForwardedIPPosition
iPSetForwardedIPConfig_position :: Lens' IPSetForwardedIPConfig ForwardedIPPosition
iPSetForwardedIPConfig_position = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\IPSetForwardedIPConfig' {ForwardedIPPosition
position :: ForwardedIPPosition
$sel:position:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> ForwardedIPPosition
position} -> ForwardedIPPosition
position) (\s :: IPSetForwardedIPConfig
s@IPSetForwardedIPConfig' {} ForwardedIPPosition
a -> IPSetForwardedIPConfig
s {$sel:position:IPSetForwardedIPConfig' :: ForwardedIPPosition
position = ForwardedIPPosition
a} :: IPSetForwardedIPConfig)

instance Data.FromJSON IPSetForwardedIPConfig where
  parseJSON :: Value -> Parser IPSetForwardedIPConfig
parseJSON =
    forall a. String -> (Object -> Parser a) -> Value -> Parser a
Data.withObject
      String
"IPSetForwardedIPConfig"
      ( \Object
x ->
          Text
-> FallbackBehavior
-> ForwardedIPPosition
-> IPSetForwardedIPConfig
IPSetForwardedIPConfig'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"HeaderName")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"FallbackBehavior")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"Position")
      )

instance Prelude.Hashable IPSetForwardedIPConfig where
  hashWithSalt :: Int -> IPSetForwardedIPConfig -> Int
hashWithSalt Int
_salt IPSetForwardedIPConfig' {Text
FallbackBehavior
ForwardedIPPosition
position :: ForwardedIPPosition
fallbackBehavior :: FallbackBehavior
headerName :: Text
$sel:position:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> ForwardedIPPosition
$sel:fallbackBehavior:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> FallbackBehavior
$sel:headerName:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> Text
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
headerName
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` FallbackBehavior
fallbackBehavior
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` ForwardedIPPosition
position

instance Prelude.NFData IPSetForwardedIPConfig where
  rnf :: IPSetForwardedIPConfig -> ()
rnf IPSetForwardedIPConfig' {Text
FallbackBehavior
ForwardedIPPosition
position :: ForwardedIPPosition
fallbackBehavior :: FallbackBehavior
headerName :: Text
$sel:position:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> ForwardedIPPosition
$sel:fallbackBehavior:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> FallbackBehavior
$sel:headerName:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> Text
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Text
headerName
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf FallbackBehavior
fallbackBehavior
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf ForwardedIPPosition
position

instance Data.ToJSON IPSetForwardedIPConfig where
  toJSON :: IPSetForwardedIPConfig -> Value
toJSON IPSetForwardedIPConfig' {Text
FallbackBehavior
ForwardedIPPosition
position :: ForwardedIPPosition
fallbackBehavior :: FallbackBehavior
headerName :: Text
$sel:position:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> ForwardedIPPosition
$sel:fallbackBehavior:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> FallbackBehavior
$sel:headerName:IPSetForwardedIPConfig' :: IPSetForwardedIPConfig -> Text
..} =
    [Pair] -> Value
Data.object
      ( forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ forall a. a -> Maybe a
Prelude.Just (Key
"HeaderName" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= Text
headerName),
            forall a. a -> Maybe a
Prelude.Just
              (Key
"FallbackBehavior" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= FallbackBehavior
fallbackBehavior),
            forall a. a -> Maybe a
Prelude.Just (Key
"Position" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= ForwardedIPPosition
position)
          ]
      )