New-AzApplicationGatewayFirewallCustomRule
建立應用程式閘道防火牆原則的新自訂規則。
Syntax
New-AzApplicationGatewayFirewallCustomRule
-Name <String>
-Priority <Int32>
[-RateLimitDuration <String>]
[-RateLimitThreshold <Int32>]
-RuleType <String>
-MatchCondition <PSApplicationGatewayFirewallCondition[]>
[-GroupByUserSession <PSApplicationGatewayFirewallCustomRuleGroupByUserSession[]>]
-Action <String>
[-State <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Description
New-AzApplicationGatewayFirewallCustomRule 會建立防火牆原則的自定義規則。
範例
範例 1
New-AzApplicationGatewayFirewallCustomRule -Name example-rule -Priority 1 -RuleType MatchRule -MatchCondition $condtion -Action Allow
Name : example-rule
Priority : 1
RuleType : MatchRule
MatchConditions : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCondition}
Action : Allow
State : Enabled
MatchConditionsText : [
{
"MatchVariables": [
{
"VariableName": "RequestHeaders",
"Selector": "Malicious-Header"
}
],
"OperatorProperty": "Any",
"NegationConditon": false
}
]
此命令會建立新的自定義規則,其名稱為 example-rule,priority 1,而規則類型將會是 MatchRule,條件變數中定義的條件,動作會允許。
範例 2
New-AzApplicationGatewayFirewallCustomRule -Name example-rule -Priority 2 -RuleType MatchRule -MatchCondition $condition -Action Allow -State Disabled
Name : example-rule
Priority : 2
RuleType : MatchRule
MatchConditions : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCondition}
Action : Allow
State : Disabled
MatchConditionsText : [
{
"MatchVariables": [
{
"VariableName": "RequestHeaders",
"Selector": "Malicious-Header"
}
],
"OperatorProperty": "Any",
"NegationConditon": false
}
]
此命令會建立新的自定義規則,其名稱為 example-rule、state as Disabled、priority 2,而規則類型將會是 MatchRule,條件變數中定義的條件,動作將會是允許的。
範例 3
New-AzApplicationGatewayFirewallCustomRule -Name RateLimitRule3 -Priority 3 -RateLimitDuration OneMin -RateLimitThreshold 10 -RuleType RateLimitRule -MatchCondition $condition -GroupByUserSession $groupbyUserSes -Action Allow -State Disabled
Name : RateLimitRule3
Priority : 3
RateLimitDuration : OneMin
RateLimitThreshold : 10
RuleType : RateLimitRule
MatchConditions : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCondition}
GroupByUserSession : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCustomRuleGroupByUserSession}
Action : Allow
State : Disabled
MatchConditionsText : [
{
"MatchVariables": [
{
"VariableName": "RequestHeaders",
"Selector": "Malicious-Header"
}
],
"OperatorProperty": "Any",
"NegationConditon": false
}
]
GroupByUserSessionText : [
{
"groupByVariables": [
{
"variableName": "ClientAddr"
}
]
}
]
此命令會建立名為RateLimitRule3的新自定義規則,狀態為 Disabled、priority 3、RateLimitDuration OneMin、RateLimitThreshold 10,而規則類型將會是RateLimitRule,條件變數中定義的條件,動作將會是allow、GroupByUserSession 在 GroupByUserSession 條件變數中定義的 GroupByUserSession 在 GroupByUserSession。
參數
-Action
動作的類型。
Type: | String |
Accepted values: | Allow, Block, Log |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
用於與 Azure 通訊的認證、帳戶、租用戶和訂用帳戶。
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GroupByUserSession
比對條件的清單。
Type: | PSApplicationGatewayFirewallCustomRuleGroupByUserSession[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MatchCondition
比對條件的清單。
Type: | PSApplicationGatewayFirewallCondition[] |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Name
規則的名稱。
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Priority
描述規則的優先順序。 在具有較高值的規則之前,將會先評估具有較低值的規則。
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RateLimitDuration
描述套用速率限制原則的持續時間。 僅適用於 ruleType 為 RateLimitRule 時。
Type: | String |
Accepted values: | OneMin, FiveMins |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RateLimitThreshold
描述速率限制閾值。 只有在 ruleType 是 RateLimitRule.Accepted 範圍時,才適用此值為 1 - 5000。
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RuleType
描述規則的類型。
Type: | String |
Accepted values: | MatchRule, RateLimitRule |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-State
自訂規則的狀態變數。
Type: | String |
Accepted values: | Disabled, Enabled |
Position: | Named |
Default value: | Enabled |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
輸入
None
輸出
意見反應
https://aka.ms/ContentUserFeedback。
即將登場:在 2024 年,我們將逐步淘汰 GitHub 問題作為內容的意見反應機制,並將它取代為新的意見反應系統。 如需詳細資訊,請參閱:提交並檢視相關的意見反應