Test-AzNetworkWatcherIPFlow
Returns whether the packet is allowed or denied to or from a particular destination.
Syntax
Test-AzNetworkWatcherIPFlow
-NetworkWatcher <PSNetworkWatcher>
-TargetVirtualMachineId <String>
-Direction <String>
-Protocol <String>
-RemoteIPAddress <String>
-LocalIPAddress <String>
-LocalPort <String>
[-RemotePort <String>]
[-TargetNetworkInterfaceId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Test-AzNetworkWatcherIPFlow
-NetworkWatcherName <String>
-ResourceGroupName <String>
-TargetVirtualMachineId <String>
-Direction <String>
-Protocol <String>
-RemoteIPAddress <String>
-LocalIPAddress <String>
-LocalPort <String>
[-RemotePort <String>]
[-TargetNetworkInterfaceId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Test-AzNetworkWatcherIPFlow
-Location <String>
-TargetVirtualMachineId <String>
-Direction <String>
-Protocol <String>
-RemoteIPAddress <String>
-LocalIPAddress <String>
-LocalPort <String>
[-RemotePort <String>]
[-TargetNetworkInterfaceId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Description
The Test-AzNetworkWatcherIPFlow cmdlet, for a specified VM resource and a packet with specified direction using local and remote, IP addresses and ports, returns whether the packet is allowed or denied.
Examples
Example 1: Run Test-AzNetworkWatcherIPFlow
$nw = Get-AzResource | Where-Object {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" }
$networkWatcher = Get-AzNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName
$VM = Get-AzVM -ResourceGroupName testResourceGroup -Name VM0
$Nics = Get-AzNetworkInterface | Where-Object { $vm.NetworkProfile.NetworkInterfaces.Id -contains $_.Id }
Test-AzNetworkWatcherIPFlow -NetworkWatcher $networkWatcher -TargetVirtualMachineId $VM.Id -Direction Outbound -Protocol TCP -LocalIPAddress $nics[0].IpConfigurations[0].PrivateIpAddress -LocalPort 6895 -RemoteIPAddress 204.79.197.200 -RemotePort 80
Gets the Network Watcher in West Central US for this subscription, then gets the VM and it's associated Network Interfaces. Then for the first Network Interface, runs Test-AzNetworkWatcherIPFlow using the first IP from the first Network Interface for an outbound connection to an IP on the internet.
Parameters
-AsJob
Run cmdlet in the background
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Direction
Direction.
Type: | String |
Accepted values: | Inbound, Outbound |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-LocalIPAddress
Local IP Address.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-LocalPort
Local Port.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Location
Location of the network watcher.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-NetworkWatcher
The network watcher resource.
Type: | PSNetworkWatcher |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-NetworkWatcherName
The name of network watcher.
Type: | String |
Aliases: | Name |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Protocol
Protocol.
Type: | String |
Accepted values: | TCP, UDP |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RemoteIPAddress
Remote IP Address.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-RemotePort
Remote port.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ResourceGroupName
The name of the network watcher resource group.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-TargetNetworkInterfaceId
Target network interface Id.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-TargetVirtualMachineId
The target virtual machine ID.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
Inputs
Outputs
Notes
Keywords: azure, azurerm, arm, resource, management, manager, network, networking, network watcher, flow, ip
Related Links
- New-AzNetworkWatcher
- Get-AzNetworkWatcher
- Remove-AzNetworkWatcher
- Get-AzNetworkWatcherNextHop
- Get-AzNetworkWatcherSecurityGroupView
- Get-AzNetworkWatcherTopology
- Start-AzNetworkWatcherResourceTroubleshooting
- New-AzNetworkWatcherPacketCapture
- New-AzPacketCaptureFilterConfig
- Get-AzNetworkWatcherPacketCapture
- Remove-AzNetworkWatcherPacketCapture
- Stop-AzNetworkWatcherPacketCapture
- New-AzNetworkWatcherProtocolConfiguration
- Test-AzNetworkWatcherIPFlow
- Test-AzNetworkWatcherConnectivity
- Stop-AzNetworkWatcherConnectionMonitor
- Start-AzNetworkWatcherConnectionMonitor
- Set-AzNetworkWatcherConnectionMonitor
- Set-AzNetworkWatcherConfigFlowLog
- Remove-AzNetworkWatcherConnectionMonitor
- New-AzNetworkWatcherConnectionMonitor
- Get-AzNetworkWatcherTroubleshootingResult
- Get-AzNetworkWatcherReachabilityReport
- Get-AzNetworkWatcherReachabilityProvidersList
- Get-AzNetworkWatcherFlowLogStatus
- Get-AzNetworkWatcherConnectionMonitorReport
- Get-AzNetworkWatcherConnectionMonitor