Add-VMNetworkAdapterAcl
Creates an ACL to apply to the traffic through a virtual machine network adapter.
Syntax
Add-VMNetworkAdapterAcl
-Action <VMNetworkAdapterAclAction>
-Direction <VMNetworkAdapterAclDirection>
[-LocalIPAddress <String[]>]
[-LocalMacAddress <String[]>]
[-RemoteIPAddress <String[]>]
[-RemoteMacAddress <String[]>]
[-Passthru]
[-VMNetworkAdapterName <String>]
[-CimSession <CimSession[]>]
[-ComputerName <String[]>]
[-Credential <PSCredential[]>]
[-VMName] <String[]>
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Add-VMNetworkAdapterAcl
-Action <VMNetworkAdapterAclAction>
-Direction <VMNetworkAdapterAclDirection>
[-LocalIPAddress <String[]>]
[-LocalMacAddress <String[]>]
[-RemoteIPAddress <String[]>]
[-RemoteMacAddress <String[]>]
[-Passthru]
[-VMNetworkAdapter] <VMNetworkAdapterBase[]>
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Add-VMNetworkAdapterAcl
-Action <VMNetworkAdapterAclAction>
-Direction <VMNetworkAdapterAclDirection>
[-LocalIPAddress <String[]>]
[-LocalMacAddress <String[]>]
[-RemoteIPAddress <String[]>]
[-RemoteMacAddress <String[]>]
[-Passthru]
[-ManagementOS]
[-VMNetworkAdapterName <String>]
[-CimSession <CimSession[]>]
[-ComputerName <String[]>]
[-Credential <PSCredential[]>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Add-VMNetworkAdapterAcl
-Action <VMNetworkAdapterAclAction>
-Direction <VMNetworkAdapterAclDirection>
[-LocalIPAddress <String[]>]
[-LocalMacAddress <String[]>]
[-RemoteIPAddress <String[]>]
[-RemoteMacAddress <String[]>]
[-Passthru]
[-VMNetworkAdapterName <String>]
[-VM] <VirtualMachine[]>
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Add-VMNetworkAdapterAcl cmdlet creates an ACL to apply to the traffic through a virtual machine network adapter. When a virtual network adapter is created there is no ACL on it. Given a list of IP-based ACL entries to be applied to traffic in the same direction, the longest match rule decides which one of the entries is most appropriate to apply to a specific packet.
Examples
Example 1
PS C:\> Add-VMNetworkAdapterAcl -VMName Redmond -RemoteIPAddress 10.0.0.0/8 -Direction Both -Action Allow
This example adds an ACL to allow virtual machine Redmond to send to and receive from traffic on IP subnet 10.0.0.8/8.
Example 2
PS C:\> Add-VMNetworkAdapterAcl -VMName Redmond -RemoteIPAddress ANY -Direction Both -Action Deny
This example adds an ACL to deny virtual machine Redmond to send either IPv4 or IPv6 traffic to anywhere and receive such traffic from anywhere.
Example 3
PS C:\> Get-VM Redmond | Add-VMNetworkAdapterAcl -RemoteMacAddress 03-0f-01-0e-aa-b2 -Direction Both -Action Deny
This example gets virtual machine Redmond and adds an ACL to deny it to send any traffic to a device with MAC address 03-0f-01-0e-aa-b2 or to receive any traffic from that device.
Example 4
PS C:\> Get-VMNetworkAdapter -VMName Redmond | Add-VMNetworkAdapterAcl -RemoteIPAddress 192.168.0.0/16 -Direction Outbound -Action Meter
This example gets virtual network adapters from virtual machine Redmond and adds an ACL to meter outgoing traffic sent to IP subnet 192.168.0.0/16.
Parameters
-Action
Specifies the action for the ACL. Allowed values are Allow, Deny, and Meter. A metering ACL must be IP-based, i.e. either -RemoteIPAddress or -LocalIPAddress must be specified.
Type: | VMNetworkAdapterAclAction |
Accepted values: | Allow, Deny, Meter |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CimSession
Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.
Type: | CimSession[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ComputerName
Specifies one or more Hyper-V hosts on which the ACL is to be created. NetBIOS names, IP addresses, and fully qualified domain names are allowable. The default is the local computer. Use localhost or a dot (.) to specify the local computer explicitly.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Credential
Specifies one or more user accounts that have permission to perform this action. The default is the current user.
Type: | PSCredential[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Direction
Specifies the direction of the network traffic to which the ACL is to apply. Allowed values are Inbound, Outbound, or Both. . If Both is specified, the new ACL entry is added to both the inbound direction and the outbound direction. In the output of Get-VMNetworkAdapterAcl, the ACL entry appears in both the inbound ACL list and the outbound ACL list.
Type: | VMNetworkAdapterAclDirection |
Accepted values: | Inbound, Outbound, Both |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-LocalIPAddress
Specifies the local IP address to which the ACL is to apply. For an inbound packet, this is the destination IP address in the packet header; for an outbound packet, this is the source IP address in the packet header. It can be either IPv4 or IPv6 address. It can be either a host address or a subnet address, e.g. 1.2.3.4, 2001::2008, 192.168.1.0/24, or f001:f002:f003:f004::1/64. The IP address can also be a wildcard, 0.0.0.0/0 for all IPv4 addresses, ::/0 for all IPv6 addresses, or ANY for all IPv4 and IPv6 addresses.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-LocalMacAddress
Specifies the local MAC address to which the ACL is to apply. For an inbound packet, this is the destination MAC address in the packet header; for an outbound packet, this is the source MAC address in the packet header. It can be a host MAC address, e.g. 00-ab-00-11-22-33, or a wildcard, ANY, for all MAC addresses.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ManagementOS
Specifies that the ACL is to be applied in the management (i.e. the parent, or host) operating system.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Passthru
Specifies that an object is to be passed through to the pipeline representing the ACL to be added.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RemoteIPAddress
Specifies the remote IP address to which this ACL is to apply. For an inbound packet, this is the source IP address in the packet header; for an outbound packet, this is the destination IP address in the packet header. It can be either IPv4 or IPv6 address. It can be either a host address or a subnet address, e.g. 1.2.3.4, 2001::2008, 192.168.1.0/24, or f001:f002:f003:f004::1/64.the IP address can also be a wildcard, 0.0.0.0/0 for all IPv4 addresses, ::/0 for all IPv6 addresses, or ANY for all IPv4 and IPv6 addresses.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RemoteMacAddress
Specifies the remote MAC address to which this ACL is to apply. For an inbound packet, this is the source MAC address in the packet header; for an outbound packet, this is the destination MAC address in the packet header. It can be a host MAC address, e.g. 00-ab-00-11-22-33, or a wildcard, ANY, for all MAC addresses.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-VM
Specifies the virtual machine on which the ACL is to apply.
Type: | VirtualMachine[] |
Position: | 0 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VMName
Specifies the name of the virtual machine on which the ACL is to apply.
Type: | String[] |
Position: | 0 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VMNetworkAdapter
Specifies the virtual machine network adapter to which the ACL is to apply.
Type: | VMNetworkAdapterBase[] |
Position: | 0 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VMNetworkAdapterName
Specifies the name of the virtual machine network adapter to which the ACL is to apply.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Outputs
None
Default
Microsoft.HyperV.PowerShell.VMNetworkAdapterAclSetting
If -PassThru is specified.
Commentaires
https://aka.ms/ContentUserFeedback.
Bientôt disponible : Tout au long de 2024, nous allons supprimer progressivement GitHub Issues comme mécanisme de commentaires pour le contenu et le remplacer par un nouveau système de commentaires. Pour plus d’informations, consultezEnvoyer et afficher des commentaires pour