Add-VMNetworkAdapterAcl

Add-VMNetworkAdapterAcl

Creates an ACL to apply to the traffic through a virtual machine network adapter.

구문

Parameter Set: VMName
Add-VMNetworkAdapterAcl [-VMName] <String[]> -Action <VMNetworkAdapterAclAction> {Allow | Deny | Meter} -Direction <VMNetworkAdapterAclDirection> {Inbound | Outbound | Both} [-CimSession <Microsoft.Management.Infrastructure.CimSession[]> ] [-ComputerName <String[]> ] [-Credential <System.Management.Automation.PSCredential[]> ] [-LocalIPAddress <String[]> ] [-LocalMacAddress <String[]> ] [-Passthru] [-RemoteIPAddress <String[]> ] [-RemoteMacAddress <String[]> ] [-VMNetworkAdapterName <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: ManagementOS
Add-VMNetworkAdapterAcl -Action <VMNetworkAdapterAclAction> {Allow | Deny | Meter} -Direction <VMNetworkAdapterAclDirection> {Inbound | Outbound | Both} -ManagementOS [-CimSession <Microsoft.Management.Infrastructure.CimSession[]> ] [-ComputerName <String[]> ] [-Credential <System.Management.Automation.PSCredential[]> ] [-LocalIPAddress <String[]> ] [-LocalMacAddress <String[]> ] [-Passthru] [-RemoteIPAddress <String[]> ] [-RemoteMacAddress <String[]> ] [-VMNetworkAdapterName <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: ResourceObject
Add-VMNetworkAdapterAcl [-VMNetworkAdapter] <VMNetworkAdapterBase[]> -Action <VMNetworkAdapterAclAction> {Allow | Deny | Meter} -Direction <VMNetworkAdapterAclDirection> {Inbound | Outbound | Both} [-LocalIPAddress <String[]> ] [-LocalMacAddress <String[]> ] [-Passthru] [-RemoteIPAddress <String[]> ] [-RemoteMacAddress <String[]> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: VMObject
Add-VMNetworkAdapterAcl [-VM] <VirtualMachine[]> -Action <VMNetworkAdapterAclAction> {Allow | Deny | Meter} -Direction <VMNetworkAdapterAclDirection> {Inbound | Outbound | Both} [-LocalIPAddress <String[]> ] [-LocalMacAddress <String[]> ] [-Passthru] [-RemoteIPAddress <String[]> ] [-RemoteMacAddress <String[]> ] [-VMNetworkAdapterName <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]




자세한 설명

The Add-VMNetworkAdapterAcl cmdlet creates an ACL to apply to the traffic through a virtual machine network adapter. When a virtual network adapter is created there is no ACL on it. Given a list of IP-based ACL entries to be applied to traffic in the same direction, the longest match rule decides which one of the entries is most appropriate to apply to a specific packet.

매개 변수

-Action<VMNetworkAdapterAclAction>

Specifies the action for the ACL. Allowed values are Allow, Deny, and Meter. A metering ACL must be IP-based, i.e. either -RemoteIPAddress or -LocalIPAddress must be specified.


별칭

none

필수 여부

true

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-CimSession<Microsoft.Management.Infrastructure.CimSession[]>

원격 세션이나 원격 컴퓨터에서 cmdlet을 실행합니다. 컴퓨터 이름이나 New-CimSession 또는 Get-CimSession cmdlet의 출력과 같은 세션 개체를 입력하세요. 기본값은 로컬 컴퓨터 상의 현재 세션입니다.


별칭

none

필수 여부

false

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-ComputerName<String[]>

Specifies one or more Hyper-V hosts on which the ACL is to be created. NetBIOS names, IP addresses, and fully qualified domain names are allowable. The default is the local computer. Use localhost or a dot (.) to specify the local computer explicitly.


별칭

none

필수 여부

false

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-Credential<System.Management.Automation.PSCredential[]>

Specifies one or more user accounts that have permission to perform this action. The default is the current user.


별칭

none

필수 여부

false

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-Direction<VMNetworkAdapterAclDirection>

Specifies the direction of the network traffic to which the ACL is to apply. Allowed values are Inbound, Outbound, or Both. . If Both is specified, the new ACL entry is added to both the inbound direction and the outbound direction. In the output of Get-VMNetworkAdapterAcl, the ACL entry appears in both the inbound ACL list and the outbound ACL list.


별칭

none

필수 여부

true

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-LocalIPAddress<String[]>

Specifies the local IP address to which the ACL is to apply. For an inbound packet, this is the destination IP address in the packet header; for an outbound packet, this is the source IP address in the packet header. It can be either IPv4 or IPv6 address. It can be either a host address or a subnet address, e.g. 1.2.3.4, 2001::2008, 192.168.1.0/24, or f001:f002:f003:f004::1/64. The IP address can also be a wildcard, 0.0.0.0/0 for all IPv4 addresses, ::/0 for all IPv6 addresses, or ANY for all IPv4 and IPv6 addresses.


별칭

none

필수 여부

false

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-LocalMacAddress<String[]>

Specifies the local MAC address to which the ACL is to apply. For an inbound packet, this is the destination MAC address in the packet header; for an outbound packet, this is the source MAC address in the packet header. It can be a host MAC address, e.g. 00-ab-00-11-22-33, or a wildcard, ANY, for all MAC addresses.


별칭

none

필수 여부

false

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-ManagementOS

Specifies that the ACL is to be applied in the management (i.e. the parent, or host) operating system.


별칭

none

필수 여부

true

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-Passthru

Specifies that an object is to be passed through to the pipeline representing the ACL to be added.


별칭

none

필수 여부

false

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-RemoteIPAddress<String[]>

Specifies the remote IP address to which this ACL is to apply. For an inbound packet, this is the source IP address in the packet header; for an outbound packet, this is the destination IP address in the packet header. It can be either IPv4 or IPv6 address. It can be either a host address or a subnet address, e.g. 1.2.3.4, 2001::2008, 192.168.1.0/24, or f001:f002:f003:f004::1/64.the IP address can also be a wildcard, 0.0.0.0/0 for all IPv4 addresses, ::/0 for all IPv6 addresses, or ANY for all IPv4 and IPv6 addresses.


별칭

none

필수 여부

false

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-RemoteMacAddress<String[]>

Specifies the remote MAC address to which this ACL is to apply. For an inbound packet, this is the source MAC address in the packet header; for an outbound packet, this is the destination MAC address in the packet header. It can be a host MAC address, e.g. 00-ab-00-11-22-33, or a wildcard, ANY, for all MAC addresses.


별칭

none

필수 여부

false

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-VM<VirtualMachine[]>

Specifies the virtual machine on which the ACL is to apply.


별칭

none

필수 여부

true

위치

1

기본값

none

파이프라인 입력 허용 여부

True (ByValue)

와일드카드 문자 허용 여부

false

-VMName<String[]>

Specifies the name of the virtual machine on which the ACL is to apply.


별칭

none

필수 여부

true

위치

1

기본값

none

파이프라인 입력 허용 여부

True (ByValue)

와일드카드 문자 허용 여부

false

-VMNetworkAdapter<VMNetworkAdapterBase[]>

Specifies the virtual machine network adapter to which the ACL is to apply.


별칭

none

필수 여부

true

위치

1

기본값

none

파이프라인 입력 허용 여부

True (ByValue)

와일드카드 문자 허용 여부

false

-VMNetworkAdapterName<String>

Specifies the name of the virtual machine network adapter to which the ACL is to apply.


별칭

none

필수 여부

false

위치

named

기본값

none

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-Confirm

cmdlet을 실행하기 전에 확인 메시지를 표시합니다.


필수 여부

false

위치

named

기본값

false

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

-WhatIf

cmdlet이 실행되는 경우 발생할 결과를 보여 줍니다. cmdlet은 실행되지 않습니다.


필수 여부

false

위치

named

기본값

false

파이프라인 입력 허용 여부

false

와일드카드 문자 허용 여부

false

<CommonParameters>

이 cmdlet은 -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, -OutVariable 등의 일반 매개 변수를 지원합니다. 자세한 내용은 TechNet의 about_CommonParameters(http://go.microsoft.com/fwlink/p/?LinkID=113216)

입력

입력 형식은 cmdlet으로 파이프할 수 있는 개체의 형식입니다.

출력

출력 형식은 cmdlet 실행 시 출력되는 개체의 형식입니다.

  • None by default; Microsoft.HyperV.PowerShell.VMNetworkAdapterAclSetting if –PassThru is specified.


Example 1

This example adds an ACL to allow virtual machine Redmond to send to and receive from traffic on IP subnet 10.0.0.8/8.


PS C:\> Add-VMNetworkAdapterAcl –VMName Redmond –RemoteIPAddress 10.0.0.0/8 –Direction Both –Action Allow

Example 2

This example adds an ACL to deny virtual machine Redmond to send either IPv4 or IPv6 traffic to anywhere and receive such traffic from anywhere.


PS C:\> Add-VMNetworkAdapterAcl –VMName Redmond –RemoteIPAddress ANY –Direction Both –Action Deny

Example 3

This example gets virtual machine Redmond and adds an ACL to deny it to send any traffic to a device with MAC address 03-0f-01-0e-aa-b2 or to receive any traffic from that device.


PS C:\> Get-VM Redmond | Add-VMNetworkAdapterAcl -RemoteMacAddress 03-0f-01-0e-aa-b2 -Direction Both -Action Deny

Example 4

This example gets virtual network adapters from virtual machine Redmond and adds an ACL to meter outgoing traffic sent to IP subnet 192.168.0.0/16.


PS C:\> Get-VMNetworkAdapter -VMName Redmond | Add-VMNetworkAdapterAcl -RemoteIPAddress 192.168.0.0/16 -Direction Outbound -Action Meter

커뮤니티 추가 항목

추가
표시: