Editar

Partilhar via


Test-AzNetworkWatcherIPFlow

Returns whether the packet is allowed or denied to or from a particular destination.

Syntax

Test-AzNetworkWatcherIPFlow
    -NetworkWatcher <PSNetworkWatcher>
    -TargetVirtualMachineId <String>
    -Direction <String>
    -Protocol <String>
    -RemoteIPAddress <String>
    -LocalIPAddress <String>
    -LocalPort <String>
    [-RemotePort <String>]
    [-TargetNetworkInterfaceId <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]
Test-AzNetworkWatcherIPFlow
    -NetworkWatcherName <String>
    -ResourceGroupName <String>
    -TargetVirtualMachineId <String>
    -Direction <String>
    -Protocol <String>
    -RemoteIPAddress <String>
    -LocalIPAddress <String>
    -LocalPort <String>
    [-RemotePort <String>]
    [-TargetNetworkInterfaceId <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]
Test-AzNetworkWatcherIPFlow
    -Location <String>
    -TargetVirtualMachineId <String>
    -Direction <String>
    -Protocol <String>
    -RemoteIPAddress <String>
    -LocalIPAddress <String>
    -LocalPort <String>
    [-RemotePort <String>]
    [-TargetNetworkInterfaceId <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

Description

The Test-AzNetworkWatcherIPFlow cmdlet, for a specified VM resource and a packet with specified direction using local and remote, IP addresses and ports, returns whether the packet is allowed or denied.

Examples

Example 1: Run Test-AzNetworkWatcherIPFlow

$nw = Get-AzResource | Where-Object {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" } 
$networkWatcher = Get-AzNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName 
$VM = Get-AzVM -ResourceGroupName testResourceGroup -Name VM0 
$Nics = Get-AzNetworkInterface | Where-Object { $vm.NetworkProfile.NetworkInterfaces.Id -contains $_.Id }

Test-AzNetworkWatcherIPFlow -NetworkWatcher $networkWatcher -TargetVirtualMachineId $VM.Id -Direction Outbound -Protocol TCP -LocalIPAddress $nics[0].IpConfigurations[0].PrivateIpAddress -LocalPort 6895 -RemoteIPAddress 204.79.197.200 -RemotePort 80

Gets the Network Watcher in West Central US for this subscription, then gets the VM and it's associated Network Interfaces. Then for the first Network Interface, runs Test-AzNetworkWatcherIPFlow using the first IP from the first Network Interface for an outbound connection to an IP on the internet.

Parameters

-AsJob

Run cmdlet in the background

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Direction

Direction.

Type:String
Accepted values:Inbound, Outbound
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-LocalIPAddress

Local IP Address.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-LocalPort

Local Port.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Location

Location of the network watcher.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-NetworkWatcher

The network watcher resource.

Type:PSNetworkWatcher
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-NetworkWatcherName

The name of network watcher.

Type:String
Aliases:Name
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Protocol

Protocol.

Type:String
Accepted values:TCP, UDP
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-RemoteIPAddress

Remote IP Address.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-RemotePort

Remote port.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ResourceGroupName

The name of the network watcher resource group.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-TargetNetworkInterfaceId

Target network interface Id.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-TargetVirtualMachineId

The target virtual machine ID.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

Inputs

PSNetworkWatcher

String

Outputs

PSIPFlowVerifyResult

Notes

Keywords: azure, azurerm, arm, resource, management, manager, network, networking, network watcher, flow, ip