< Back
Remove-NsxFirewallRuleMember
Post
NAME Remove-NsxFirewallRuleMember
SYNOPSIS
Removes the specified source or destination member from the specified NSX
Distributed Firewall Rule.
SYNTAX
Remove-NsxFirewallRuleMember [-FirewallRuleMember] <Object> [-Confirm] [-SayHello2Heaven] [[-Connection]
<PSObject>] [<CommonParameters>]
DESCRIPTION
An NSX Distributed Firewall Rule defines a typical 5 tuple rule and is
enforced on each hypervisor at the point where the VMs NIC connects to the
portgroup or logical switch.
This cmdlet accepts a firewall rule member object returned from
Get-NsxFirewallRuleMember and removes it from its parent rule.
PARAMETERS
-FirewallRuleMember <Object>
DFW rule member as returned by Get-NsxFirewallRuleMember
Required? true
Position? 1
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompt for confirmation. Specify as -confirm:$false to disable confirmation prompt
Required? false
Position? named
Default value True
Accept pipeline input? false
Accept wildcard characters? false
-SayHello2Heaven [<SwitchParameter>]
Override confirmation of removal of last source or destination member - effectively converting rule to match
ANY in the appropriate field (source or destination). Specify as -SayHello2Heaven to disable confirmation
prompt. RIP Chris Cornell, 17 May 2017
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Connection <PSObject>
PowerNSX Connection object.
Required? false
Position? 2
Default value $defaultNSXConnection
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source -Member 1.2.3.4 |
Remove-NsxFirewallRuleMember
Removal of a firewall rule member is permanent and will modify your security posture.
Proceed with removal of member 1.2.3.4 from the Source list of firewallrule 5441 in section 3717?
[Y] Yes [N] No [?] Help (default is "N"): y
Remove the source 1.2.3.4 from firewall rule 5441
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source -Member 1.2.3.4 |
Remove-NsxFirewallRuleMember
Removal of a firewall rule member is permanent and will modify your security posture.
Proceed with removal of member 1.2.3.4 from the Source list of firewallrule 5441 in section 3717?
[Y] Yes [N] No [?] Help (default is "N"): y
Remove the source 1.2.3.4 from firewall rule 5441
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source -Member 1.2.3.4 |
Remove-NsxFirewallRuleMember -confirm:$false
Remove the source 1.2.3.4 from firewall rule 5441 with no confirmation.
-------------------------- EXAMPLE 4 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source |
Remove-NsxFirewallRuleMember
Removal of a firewall rule member is permanent and will modify your security posture.
Proceed with removal of member 1.2.3.4 from the Source list of firewallrule 5441 in section 3717?
[Y] Yes [N] No [?] Help (default is "N"): y
Removal of a firewall rule member is permanent and will modify your security posture.
Proceed with removal of member vm-1270 from the Source list of firewallrule 5441 in section 3717?
[Y] Yes [N] No [?] Help (default is "N"): y
The source member vm-1270 of rule 5441 in section 3717 is the last source member in this rule. Its removal
will cause this rule to match ANY Source
Confirm rule 5441 to match Source ANY?
[Y] Yes [N] No [?] Help (default is "N"): y
WARNING: The source member vm-1270 of rule 5441 in section 3717 was the last member in this rule. Its removal
has caused this rule to now match ANY Source.
Remove ALL sources from the firewall rule 5441. Note the extra prompt AND warning that you are about to make this
rule match on ANY source.
-------------------------- EXAMPLE 5 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source |
Remove-NsxFirewallRuleMember -Confirm:$false
The source member vm-1270 of rule 5441 in section 3717 is the last source member in this rule. Its removal will
cause this rule to match ANY Source
Confirm rule 5441 to match Source ANY?
[Y] Yes [N] No [?] Help (default is "N"): y
Remove ALL sources from the firewall rule 5441 with no confirmation prompt. Note the remaining prompt AND warning
that you are about to make this rule match on ANY source.
RELATED LINKS
SYNOPSIS
Removes the specified source or destination member from the specified NSX
Distributed Firewall Rule.
SYNTAX
Remove-NsxFirewallRuleMember [-FirewallRuleMember] <Object> [-Confirm] [-SayHello2Heaven] [[-Connection]
<PSObject>] [<CommonParameters>]
DESCRIPTION
An NSX Distributed Firewall Rule defines a typical 5 tuple rule and is
enforced on each hypervisor at the point where the VMs NIC connects to the
portgroup or logical switch.
This cmdlet accepts a firewall rule member object returned from
Get-NsxFirewallRuleMember and removes it from its parent rule.
PARAMETERS
-FirewallRuleMember <Object>
DFW rule member as returned by Get-NsxFirewallRuleMember
Required? true
Position? 1
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompt for confirmation. Specify as -confirm:$false to disable confirmation prompt
Required? false
Position? named
Default value True
Accept pipeline input? false
Accept wildcard characters? false
-SayHello2Heaven [<SwitchParameter>]
Override confirmation of removal of last source or destination member - effectively converting rule to match
ANY in the appropriate field (source or destination). Specify as -SayHello2Heaven to disable confirmation
prompt. RIP Chris Cornell, 17 May 2017
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Connection <PSObject>
PowerNSX Connection object.
Required? false
Position? 2
Default value $defaultNSXConnection
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source -Member 1.2.3.4 |
Remove-NsxFirewallRuleMember
Removal of a firewall rule member is permanent and will modify your security posture.
Proceed with removal of member 1.2.3.4 from the Source list of firewallrule 5441 in section 3717?
[Y] Yes [N] No [?] Help (default is "N"): y
Remove the source 1.2.3.4 from firewall rule 5441
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source -Member 1.2.3.4 |
Remove-NsxFirewallRuleMember
Removal of a firewall rule member is permanent and will modify your security posture.
Proceed with removal of member 1.2.3.4 from the Source list of firewallrule 5441 in section 3717?
[Y] Yes [N] No [?] Help (default is "N"): y
Remove the source 1.2.3.4 from firewall rule 5441
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source -Member 1.2.3.4 |
Remove-NsxFirewallRuleMember -confirm:$false
Remove the source 1.2.3.4 from firewall rule 5441 with no confirmation.
-------------------------- EXAMPLE 4 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source |
Remove-NsxFirewallRuleMember
Removal of a firewall rule member is permanent and will modify your security posture.
Proceed with removal of member 1.2.3.4 from the Source list of firewallrule 5441 in section 3717?
[Y] Yes [N] No [?] Help (default is "N"): y
Removal of a firewall rule member is permanent and will modify your security posture.
Proceed with removal of member vm-1270 from the Source list of firewallrule 5441 in section 3717?
[Y] Yes [N] No [?] Help (default is "N"): y
The source member vm-1270 of rule 5441 in section 3717 is the last source member in this rule. Its removal
will cause this rule to match ANY Source
Confirm rule 5441 to match Source ANY?
[Y] Yes [N] No [?] Help (default is "N"): y
WARNING: The source member vm-1270 of rule 5441 in section 3717 was the last member in this rule. Its removal
has caused this rule to now match ANY Source.
Remove ALL sources from the firewall rule 5441. Note the extra prompt AND warning that you are about to make this
rule match on ANY source.
-------------------------- EXAMPLE 5 --------------------------
PS C:\\>get-nsxfirewallrule -RuleId 5441 | Get-NsxFirewallRuleMember -MemberType Source |
Remove-NsxFirewallRuleMember -Confirm:$false
The source member vm-1270 of rule 5441 in section 3717 is the last source member in this rule. Its removal will
cause this rule to match ANY Source
Confirm rule 5441 to match Source ANY?
[Y] Yes [N] No [?] Help (default is "N"): y
Remove ALL sources from the firewall rule 5441 with no confirmation prompt. Note the remaining prompt AND warning
that you are about to make this rule match on ANY source.
RELATED LINKS