Test-AzNetworkWatcherIPFlow
Returns whether the packet is allowed or denied to or from a particular destination.
Syntax
SetByResource (Default)
Test-AzNetworkWatcherIPFlow
-NetworkWatcher <PSNetworkWatcher>
-TargetVirtualMachineId <String>
-Direction <String>
-Protocol <String>
-RemoteIPAddress <String>
-LocalIPAddress <String>
-LocalPort <String>
[-RemotePort <String>]
[-TargetNetworkInterfaceId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
SetByName
Test-AzNetworkWatcherIPFlow
-NetworkWatcherName <String>
-ResourceGroupName <String>
-TargetVirtualMachineId <String>
-Direction <String>
-Protocol <String>
-RemoteIPAddress <String>
-LocalIPAddress <String>
-LocalPort <String>
[-RemotePort <String>]
[-TargetNetworkInterfaceId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
SetByLocation
Test-AzNetworkWatcherIPFlow
-Location <String>
-TargetVirtualMachineId <String>
-Direction <String>
-Protocol <String>
-RemoteIPAddress <String>
-LocalIPAddress <String>
-LocalPort <String>
[-RemotePort <String>]
[-TargetNetworkInterfaceId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Description
The Test-AzNetworkWatcherIPFlow cmdlet, for a specified VM resource and a packet with specified direction using local and remote, IP addresses and ports, returns whether the packet is allowed or denied.
Examples
Example 1: Run Test-AzNetworkWatcherIPFlow
$nw = Get-AzResource | Where-Object {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" }
$networkWatcher = Get-AzNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName
$VM = Get-AzVM -ResourceGroupName testResourceGroup -Name VM0
$Nics = Get-AzNetworkInterface | Where-Object { $vm.NetworkProfile.NetworkInterfaces.Id -contains $_.Id }
Test-AzNetworkWatcherIPFlow -NetworkWatcher $networkWatcher -TargetVirtualMachineId $VM.Id -Direction Outbound -Protocol TCP -LocalIPAddress $nics[0].IpConfigurations[0].PrivateIpAddress -LocalPort 6895 -RemoteIPAddress 204.79.197.200 -RemotePort 80
Gets the Network Watcher in West Central US for this subscription, then gets the VM and it's associated Network Interfaces.
Then for the first Network Interface, runs Test-AzNetworkWatcherIPFlow using the first IP from the first Network Interface for an outbound connection to an IP on the internet.
Parameters
-AsJob
Run cmdlet in the background
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
Parameter properties
Type: IAzureContextContainer
Default value: None Supports wildcards: False DontShow: False Aliases: AzContext, AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Direction
Direction.
Parameter properties
Type: String
Default value: None Accepted values: Inbound, Outbound Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-LocalIPAddress
Local IP Address.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
-LocalPort
Local Port.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
-Location
Location of the network watcher.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
SetByLocation
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-NetworkWatcher
The network watcher resource.
Parameter properties
Type: PSNetworkWatcher
Default value: None Supports wildcards: False DontShow: False
Parameter sets
SetByResource
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-NetworkWatcherName
The name of network watcher.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False Aliases: Name
Parameter sets
SetByName
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-Protocol
Protocol.
Parameter properties
Type: String
Default value: None Accepted values: TCP, UDP Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-RemoteIPAddress
Remote IP Address.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
-RemotePort
Remote port.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
-ResourceGroupName
The name of the network watcher resource group.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
SetByName
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
-TargetNetworkInterfaceId
Target network interface Id.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-TargetVirtualMachineId
The target virtual machine ID.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs
Notes
Keywords: azure, azurerm, arm, resource, management, manager, network, networking, network watcher, flow, ip
