Add-VMNetworkAdapterAcl
Add-VMNetworkAdapterAcl
Creates an ACL to apply to the traffic through a virtual machine network adapter.
構文
Parameter Set: VMName
Add-VMNetworkAdapterAcl [-VMName] <String[]> -Action <VMNetworkAdapterAclAction> {Allow | Deny | Meter} -Direction <VMNetworkAdapterAclDirection> {Inbound | Outbound | Both} [-CimSession <Microsoft.Management.Infrastructure.CimSession[]> ] [-ComputerName <String[]> ] [-Credential <System.Management.Automation.PSCredential[]> ] [-LocalIPAddress <String[]> ] [-LocalMacAddress <String[]> ] [-Passthru] [-RemoteIPAddress <String[]> ] [-RemoteMacAddress <String[]> ] [-VMNetworkAdapterName <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
Parameter Set: ManagementOS
Add-VMNetworkAdapterAcl -Action <VMNetworkAdapterAclAction> {Allow | Deny | Meter} -Direction <VMNetworkAdapterAclDirection> {Inbound | Outbound | Both} -ManagementOS [-CimSession <Microsoft.Management.Infrastructure.CimSession[]> ] [-ComputerName <String[]> ] [-Credential <System.Management.Automation.PSCredential[]> ] [-LocalIPAddress <String[]> ] [-LocalMacAddress <String[]> ] [-Passthru] [-RemoteIPAddress <String[]> ] [-RemoteMacAddress <String[]> ] [-VMNetworkAdapterName <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
Parameter Set: ResourceObject
Add-VMNetworkAdapterAcl [-VMNetworkAdapter] <VMNetworkAdapterBase[]> -Action <VMNetworkAdapterAclAction> {Allow | Deny | Meter} -Direction <VMNetworkAdapterAclDirection> {Inbound | Outbound | Both} [-LocalIPAddress <String[]> ] [-LocalMacAddress <String[]> ] [-Passthru] [-RemoteIPAddress <String[]> ] [-RemoteMacAddress <String[]> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
Parameter Set: VMObject
Add-VMNetworkAdapterAcl [-VM] <VirtualMachine[]> -Action <VMNetworkAdapterAclAction> {Allow | Deny | Meter} -Direction <VMNetworkAdapterAclDirection> {Inbound | Outbound | Both} [-LocalIPAddress <String[]> ] [-LocalMacAddress <String[]> ] [-Passthru] [-RemoteIPAddress <String[]> ] [-RemoteMacAddress <String[]> ] [-VMNetworkAdapterName <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
詳細説明
The Add-VMNetworkAdapterAcl cmdlet creates an ACL to apply to the traffic through a virtual machine network adapter. When a virtual network adapter is created there is no ACL on it. Given a list of IP-based ACL entries to be applied to traffic in the same direction, the longest match rule decides which one of the entries is most appropriate to apply to a specific packet.
パラメーター
-Action<VMNetworkAdapterAclAction>
Specifies the action for the ACL. Allowed values are Allow, Deny, and Meter. A metering ACL must be IP-based, i.e. either -RemoteIPAddress or -LocalIPAddress must be specified.
Aliases |
none |
必須/オプション |
true |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-CimSession<Microsoft.Management.Infrastructure.CimSession[]>
リモート セッションまたはリモート コンピューターでコマンドレットを実行します。コンピューター名またはセッション オブジェクト (New-CimSession コマンドレットや Get-CimSession コマンドレットの出力など) を入力します。既定値は、ローカル コンピューター上の現在のセッションです。
Aliases |
none |
必須/オプション |
false |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-ComputerName<String[]>
Specifies one or more Hyper-V hosts on which the ACL is to be created. NetBIOS names, IP addresses, and fully qualified domain names are allowable. The default is the local computer. Use localhost or a dot (.) to specify the local computer explicitly.
Aliases |
none |
必須/オプション |
false |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-Credential<System.Management.Automation.PSCredential[]>
Specifies one or more user accounts that have permission to perform this action. The default is the current user.
Aliases |
none |
必須/オプション |
false |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-Direction<VMNetworkAdapterAclDirection>
Specifies the direction of the network traffic to which the ACL is to apply. Allowed values are Inbound, Outbound, or Both. . If Both is specified, the new ACL entry is added to both the inbound direction and the outbound direction. In the output of Get-VMNetworkAdapterAcl, the ACL entry appears in both the inbound ACL list and the outbound ACL list.
Aliases |
none |
必須/オプション |
true |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-LocalIPAddress<String[]>
Specifies the local IP address to which the ACL is to apply. For an inbound packet, this is the destination IP address in the packet header; for an outbound packet, this is the source IP address in the packet header. It can be either IPv4 or IPv6 address. It can be either a host address or a subnet address, e.g. 1.2.3.4, 2001::2008, 192.168.1.0/24, or f001:f002:f003:f004::1/64. The IP address can also be a wildcard, 0.0.0.0/0 for all IPv4 addresses, ::/0 for all IPv6 addresses, or ANY for all IPv4 and IPv6 addresses.
Aliases |
none |
必須/オプション |
false |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-LocalMacAddress<String[]>
Specifies the local MAC address to which the ACL is to apply. For an inbound packet, this is the destination MAC address in the packet header; for an outbound packet, this is the source MAC address in the packet header. It can be a host MAC address, e.g. 00-ab-00-11-22-33, or a wildcard, ANY, for all MAC addresses.
Aliases |
none |
必須/オプション |
false |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-ManagementOS
Specifies that the ACL is to be applied in the management (i.e. the parent, or host) operating system.
Aliases |
none |
必須/オプション |
true |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-Passthru
Specifies that an object is to be passed through to the pipeline representing the ACL to be added.
Aliases |
none |
必須/オプション |
false |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-RemoteIPAddress<String[]>
Specifies the remote IP address to which this ACL is to apply. For an inbound packet, this is the source IP address in the packet header; for an outbound packet, this is the destination IP address in the packet header. It can be either IPv4 or IPv6 address. It can be either a host address or a subnet address, e.g. 1.2.3.4, 2001::2008, 192.168.1.0/24, or f001:f002:f003:f004::1/64.the IP address can also be a wildcard, 0.0.0.0/0 for all IPv4 addresses, ::/0 for all IPv6 addresses, or ANY for all IPv4 and IPv6 addresses.
Aliases |
none |
必須/オプション |
false |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-RemoteMacAddress<String[]>
Specifies the remote MAC address to which this ACL is to apply. For an inbound packet, this is the source MAC address in the packet header; for an outbound packet, this is the destination MAC address in the packet header. It can be a host MAC address, e.g. 00-ab-00-11-22-33, or a wildcard, ANY, for all MAC addresses.
Aliases |
none |
必須/オプション |
false |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-VM<VirtualMachine[]>
Specifies the virtual machine on which the ACL is to apply.
Aliases |
none |
必須/オプション |
true |
位置 |
1 |
既定値 |
none |
パイプライン入力の受け入れ |
True (ByValue) |
ワイルドカード文字の受け入れ |
false |
-VMName<String[]>
Specifies the name of the virtual machine on which the ACL is to apply.
Aliases |
none |
必須/オプション |
true |
位置 |
1 |
既定値 |
none |
パイプライン入力の受け入れ |
True (ByValue) |
ワイルドカード文字の受け入れ |
false |
-VMNetworkAdapter<VMNetworkAdapterBase[]>
Specifies the virtual machine network adapter to which the ACL is to apply.
Aliases |
none |
必須/オプション |
true |
位置 |
1 |
既定値 |
none |
パイプライン入力の受け入れ |
True (ByValue) |
ワイルドカード文字の受け入れ |
false |
-VMNetworkAdapterName<String>
Specifies the name of the virtual machine network adapter to which the ACL is to apply.
Aliases |
none |
必須/オプション |
false |
位置 |
named |
既定値 |
none |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-Confirm
コマンドレットを実行する前に確認メッセージを表示します。
必須/オプション |
false |
位置 |
named |
既定値 |
false |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
-WhatIf
コマンドレットが実行された場合に何が起きるのかを示します。コマンドレットは実行されません。
必須/オプション |
false |
位置 |
named |
既定値 |
false |
パイプライン入力の受け入れ |
false |
ワイルドカード文字の受け入れ |
false |
<CommonParameters>
このコマンドレットは共通のパラメーターをサポートしています(-Verbose、-Debug、-ErrorAction、-ErrorVariable、-OutBuffer、および -OutVariable)。詳細については、TechNet の「 「about_CommonParameters」 (https://go.microsoft.com/fwlink/p/?LinkID=113216) を参照してください。
入力
入力型は、コマンドレットにパイプできるオブジェクトの型です。
出力
出力型は、コマンドレットが出力するオブジェクトの型です。
- None by default; Microsoft.HyperV.PowerShell.VMNetworkAdapterAclSetting if –PassThru is specified.
使用例
Example 1
This example adds an ACL to allow virtual machine Redmond to send to and receive from traffic on IP subnet 10.0.0.8/8.
PS C:\> Add-VMNetworkAdapterAcl –VMName Redmond –RemoteIPAddress 10.0.0.0/8 –Direction Both –Action Allow
Example 2
This example adds an ACL to deny virtual machine Redmond to send either IPv4 or IPv6 traffic to anywhere and receive such traffic from anywhere.
PS C:\> Add-VMNetworkAdapterAcl –VMName Redmond –RemoteIPAddress ANY –Direction Both –Action Deny
Example 3
This example gets virtual machine Redmond and adds an ACL to deny it to send any traffic to a device with MAC address 03-0f-01-0e-aa-b2 or to receive any traffic from that device.
PS C:\> Get-VM Redmond | Add-VMNetworkAdapterAcl -RemoteMacAddress 03-0f-01-0e-aa-b2 -Direction Both -Action Deny
Example 4
This example gets virtual network adapters from virtual machine Redmond and adds an ACL to meter outgoing traffic sent to IP subnet 192.168.0.0/16.
PS C:\> Get-VMNetworkAdapter -VMName Redmond | Add-VMNetworkAdapterAcl -RemoteIPAddress 192.168.0.0/16 -Direction Outbound -Action Meter