你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
New-AzFirewallApplicationRule
Creates a Firewall Application Rule.
Syntax
New-AzFirewallApplicationRule
-Name <String>
[-Description <String>]
[-SourceAddress <String[]>]
[-SourceIpGroup <String[]>]
-TargetFqdn <String[]>
-Protocol <String[]>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzFirewallApplicationRule
-Name <String>
[-Description <String>]
[-SourceAddress <String[]>]
[-SourceIpGroup <String[]>]
-FqdnTag <String[]>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The New-AzFirewallApplicationRule cmdlet creates an application rule for Azure Firewall.
Examples
Example 1: Create a rule to allow all HTTPS traffic from 10.0.0.0
New-AzFirewallApplicationRule -Name "https-rule" -Protocol "https:443" -TargetFqdn "*" -SourceAddress "10.0.0.0"
This example creates a rule which will allow all HTTPS traffic on port 443 from 10.0.0.0.
Example 2: Create a rule to allow WindowsUpdate for 10.0.0.0/24 subnet
New-AzFirewallApplicationRule -Name "windows-update-rule" -FqdnTag WindowsUpdate -SourceAddress "10.0.0.0/24"
This example creates a rule which will allow traffic for Windows Updates for 10.0.0.0/24 domain.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Description
Specifies an optional description of this rule.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-FqdnTag
Specifies a list of FQDN Tags for this rule. The available tags can be retrieved using Get-AzFirewallFqdnTag cmdlet.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Name
Specifies the name of this application rule. The name must be unique inside a rule collection.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Protocol
Specifies the type of traffic to be filtered by this rule. The format is <protocol type>:<port>
.
For example, "http:80" or "https:443".
Protocol is mandatory when TargetFqdn is used, but it cannot be used with FqdnTag. The supported protocols are HTTP and HTTPS.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SourceAddress
The source addresses of the rule
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SourceIpGroup
The source ipgroup of the rule
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-TargetFqdn
Specifies a list of domain names filtered by this rule. The asterisk character, '*', is accepted only as the first character of an FQDN in the list. When used, the asterisk matches any number of characters. (e.g. '*msn.com' will match msn.com and all its subdomains)
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
None
Outputs
PSAzureFirewallApplicationRule