Reference documentation and code samples for the Compute V1 Client class FirewallPolicyRuleMatcher.
Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.
Generated from protobuf messagegoogle.cloud.compute.v1.FirewallPolicyRuleMatcher
Namespace
Google \ Cloud \ Compute \ V1
Methods
__construct
Constructor.
Parameters
Name
Description
data
array
Optional. Data for populating the Message object.
↳ dest_address_groups
array
Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10.
↳ dest_fqdns
array
Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100.
↳ dest_ip_ranges
array
CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000.
↳ dest_network_type
string
Network type of the traffic destination. Allowed values are: - UNSPECIFIED - INTERNET - NON_INTERNET Check the DestNetworkType enum for the list of possible values.
↳ dest_region_codes
array
Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000.
↳ dest_threat_intelligences
array
Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination.
Pairs of IP protocols and ports that the rule should match.
↳ src_address_groups
array
Address groups which should be matched against the traffic source. Maximum number of source address groups is 10.
↳ src_fqdns
array
Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100.
↳ src_ip_ranges
array
CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000.
↳ src_network_type
string
Network type of the traffic source. Allowed values are: - UNSPECIFIED - INTERNET - INTRA_VPC - NON_INTERNET - VPC_NETWORKS Check the SrcNetworkType enum for the list of possible values.
↳ src_networks
array
Networks of the traffic source. It can be either a full or partial url.
↳ src_region_codes
array
Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000.
List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256.
↳ src_threat_intelligences
array
Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source.
getDestAddressGroups
Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10.
CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000.
Parameter
Name
Description
var
string[]
Returns
Type
Description
$this
getDestNetworkType
Network type of the traffic destination. Allowed values are: - UNSPECIFIED - INTERNET - NON_INTERNET
Check the DestNetworkType enum for the list of possible values.
Returns
Type
Description
string
hasDestNetworkType
clearDestNetworkType
setDestNetworkType
Network type of the traffic destination. Allowed values are: - UNSPECIFIED - INTERNET - NON_INTERNET
Check the DestNetworkType enum for the list of possible values.
Parameter
Name
Description
var
string
Returns
Type
Description
$this
getDestRegionCodes
Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000.
Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000.
Parameter
Name
Description
var
string[]
Returns
Type
Description
$this
getDestThreatIntelligences
Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination.
CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000.
Parameter
Name
Description
var
string[]
Returns
Type
Description
$this
getSrcNetworkType
Network type of the traffic source. Allowed values are: - UNSPECIFIED - INTERNET - INTRA_VPC - NON_INTERNET - VPC_NETWORKS
Check the SrcNetworkType enum for the list of possible values.
Returns
Type
Description
string
hasSrcNetworkType
clearSrcNetworkType
setSrcNetworkType
Network type of the traffic source. Allowed values are: - UNSPECIFIED - INTERNET - INTRA_VPC - NON_INTERNET - VPC_NETWORKS
Check the SrcNetworkType enum for the list of possible values.
Parameter
Name
Description
var
string
Returns
Type
Description
$this
getSrcNetworks
Networks of the traffic source. It can be either a full or partial url.
Networks of the traffic source. It can be either a full or partial url.
Parameter
Name
Description
var
string[]
Returns
Type
Description
$this
getSrcRegionCodes
Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000.
Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000.
Parameter
Name
Description
var
string[]
Returns
Type
Description
$this
getSrcSecureTags
List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256.
List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Compute V1 Client - Class FirewallPolicyRuleMatcher (1.35.0)\n\nVersion latestkeyboard_arrow_down\n\n- [1.35.0 (latest)](/php/docs/reference/cloud-compute/latest/V1.FirewallPolicyRuleMatcher)\n- [1.34.0](/php/docs/reference/cloud-compute/1.34.0/V1.FirewallPolicyRuleMatcher)\n- [1.33.0](/php/docs/reference/cloud-compute/1.33.0/V1.FirewallPolicyRuleMatcher)\n- [1.32.0](/php/docs/reference/cloud-compute/1.32.0/V1.FirewallPolicyRuleMatcher)\n- [1.31.0](/php/docs/reference/cloud-compute/1.31.0/V1.FirewallPolicyRuleMatcher)\n- [1.30.0](/php/docs/reference/cloud-compute/1.30.0/V1.FirewallPolicyRuleMatcher)\n- [1.29.0](/php/docs/reference/cloud-compute/1.29.0/V1.FirewallPolicyRuleMatcher)\n- [1.28.0](/php/docs/reference/cloud-compute/1.28.0/V1.FirewallPolicyRuleMatcher)\n- [1.27.0](/php/docs/reference/cloud-compute/1.27.0/V1.FirewallPolicyRuleMatcher)\n- [1.26.0](/php/docs/reference/cloud-compute/1.26.0/V1.FirewallPolicyRuleMatcher)\n- [1.25.0](/php/docs/reference/cloud-compute/1.25.0/V1.FirewallPolicyRuleMatcher)\n- [1.24.0](/php/docs/reference/cloud-compute/1.24.0/V1.FirewallPolicyRuleMatcher)\n- [1.23.0](/php/docs/reference/cloud-compute/1.23.0/V1.FirewallPolicyRuleMatcher)\n- [1.22.1](/php/docs/reference/cloud-compute/1.22.1/V1.FirewallPolicyRuleMatcher)\n- [1.21.0](/php/docs/reference/cloud-compute/1.21.0/V1.FirewallPolicyRuleMatcher)\n- [1.20.0](/php/docs/reference/cloud-compute/1.20.0/V1.FirewallPolicyRuleMatcher)\n- [1.19.0](/php/docs/reference/cloud-compute/1.19.0/V1.FirewallPolicyRuleMatcher)\n- [1.18.1](/php/docs/reference/cloud-compute/1.18.1/V1.FirewallPolicyRuleMatcher)\n- [1.17.0](/php/docs/reference/cloud-compute/1.17.0/V1.FirewallPolicyRuleMatcher)\n- [1.16.2](/php/docs/reference/cloud-compute/1.16.2/V1.FirewallPolicyRuleMatcher)\n- [1.14.0](/php/docs/reference/cloud-compute/1.14.0/V1.FirewallPolicyRuleMatcher)\n- [1.13.0](/php/docs/reference/cloud-compute/1.13.0/V1.FirewallPolicyRuleMatcher)\n- [1.12.1](/php/docs/reference/cloud-compute/1.12.1/V1.FirewallPolicyRuleMatcher)\n- [1.11.1](/php/docs/reference/cloud-compute/1.11.1/V1.FirewallPolicyRuleMatcher)\n- [1.10.1](/php/docs/reference/cloud-compute/1.10.1/V1.FirewallPolicyRuleMatcher)\n- [1.9.1](/php/docs/reference/cloud-compute/1.9.1/V1.FirewallPolicyRuleMatcher)\n- [1.8.3](/php/docs/reference/cloud-compute/1.8.3/V1.FirewallPolicyRuleMatcher)\n- [1.7.1](/php/docs/reference/cloud-compute/1.7.1/V1.FirewallPolicyRuleMatcher)\n- [1.6.1](/php/docs/reference/cloud-compute/1.6.1/V1.FirewallPolicyRuleMatcher)\n- [1.5.0](/php/docs/reference/cloud-compute/1.5.0/V1.FirewallPolicyRuleMatcher) \nReference documentation and code samples for the Compute V1 Client class FirewallPolicyRuleMatcher.\n\nRepresents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.\n\nGenerated from protobuf message `google.cloud.compute.v1.FirewallPolicyRuleMatcher`\n\nNamespace\n---------\n\nGoogle \\\\ Cloud \\\\ Compute \\\\ V1\n\nMethods\n-------\n\n### __construct\n\nConstructor.\n\n### getDestAddressGroups\n\nAddress groups which should be matched against the traffic destination. Maximum number of destination address groups is 10.\n\n### setDestAddressGroups\n\nAddress groups which should be matched against the traffic destination. Maximum number of destination address groups is 10.\n\n### getDestFqdns\n\nFully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100.\n\n### setDestFqdns\n\nFully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100.\n\n### getDestIpRanges\n\nCIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000.\n\n### setDestIpRanges\n\nCIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000.\n\n### getDestNetworkType\n\nNetwork type of the traffic destination. Allowed values are: - UNSPECIFIED - INTERNET - NON_INTERNET\nCheck the DestNetworkType enum for the list of possible values.\n\n### hasDestNetworkType\n\n### clearDestNetworkType\n\n### setDestNetworkType\n\nNetwork type of the traffic destination. Allowed values are: - UNSPECIFIED - INTERNET - NON_INTERNET\nCheck the DestNetworkType enum for the list of possible values.\n\n### getDestRegionCodes\n\nRegion codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of dest region codes allowed is 5000.\n\n### setDestRegionCodes\n\nRegion codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of dest region codes allowed is 5000.\n\n### getDestThreatIntelligences\n\nNames of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination.\n\n### setDestThreatIntelligences\n\nNames of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination.\n\n### getLayer4Configs\n\nPairs of IP protocols and ports that the rule should match.\n\n### setLayer4Configs\n\nPairs of IP protocols and ports that the rule should match.\n\n### getSrcAddressGroups\n\nAddress groups which should be matched against the traffic source. Maximum number of source address groups is 10.\n\n### setSrcAddressGroups\n\nAddress groups which should be matched against the traffic source. Maximum number of source address groups is 10.\n\n### getSrcFqdns\n\nFully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100.\n\n### setSrcFqdns\n\nFully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100.\n\n### getSrcIpRanges\n\nCIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000.\n\n### setSrcIpRanges\n\nCIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000.\n\n### getSrcNetworkType\n\nNetwork type of the traffic source. Allowed values are: - UNSPECIFIED - INTERNET - INTRA_VPC - NON_INTERNET - VPC_NETWORKS\nCheck the SrcNetworkType enum for the list of possible values.\n\n### hasSrcNetworkType\n\n### clearSrcNetworkType\n\n### setSrcNetworkType\n\nNetwork type of the traffic source. Allowed values are: - UNSPECIFIED - INTERNET - INTRA_VPC - NON_INTERNET - VPC_NETWORKS\nCheck the SrcNetworkType enum for the list of possible values.\n\n### getSrcNetworks\n\nNetworks of the traffic source. It can be either a full or partial url.\n\n### setSrcNetworks\n\nNetworks of the traffic source. It can be either a full or partial url.\n\n### getSrcRegionCodes\n\nRegion codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of source region codes allowed is 5000.\n\n### setSrcRegionCodes\n\nRegion codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of source region codes allowed is 5000.\n\n### getSrcSecureTags\n\nList of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256.\n\n### setSrcSecureTags\n\nList of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256.\n\n### getSrcThreatIntelligences\n\nNames of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source.\n\n### setSrcThreatIntelligences\n\nNames of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source."]]
