VMware Cloud Community
sjoshi25
Contributor
Contributor

Script to export Firewall Rules for all ESX Hosts

Hello Everyone,

Need a PowerCLI script to export data in CSV of Firewall Rules of all ESX Hosts in multiple vCenter servers with following details:

VMHost : 
Ruleset : 
Enabled : 
Direction :
Protocol : 
PortBegin :
PortEnd : 
PortType : 
AllowedIP : 

 

I have this script to display the results but need help to export the results in a CSV file.

 

#Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false

$credential = Get-Credential

#use this instead of the @() for speed and effeciency in array building below
$list = New-Object System.Collections.ArrayList

#add remaining VCenter Hosts here once ready to run
$vCenterServerListing = "eivc201vapp"

#pulls for each Vcenter host listed
foreach ($server in $vCenterServerListing)
{
Connect-VIServer $server -Credential $credential

Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {

$esxcli = Get-EsxCli -VMHost $esx -V2

$esxcli.network.firewall.ruleset.rule.list.Invoke() |

select @{N = 'VMHost'; E = { $esx.Name } }, RuleSet,

@{N = 'Enabled'; E = { $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid = "$($_.Ruleset)" }).Enabled } },

Direction, Protocol, PortBegin, PortEnd, PortType,

@{N = 'AllowedIP'; E = { ($esxcli.network.firewall.ruleset.allowedip.list.Invoke(@{rulesetid = "$($_.Ruleset)" })).AllowedIPAddresses -join '|' } }

}
}

 

I am getting errors when I add the Export-csv command at the end. 

Reply
0 Kudos
2 Replies
LucD
Leadership
Leadership

A foreach doesn't place anything in the pipeline.
Try like this

$credential = Get-Credential
$list = New-Object System.Collections.ArrayList
$vCenterServerListing = "eivc201vapp"
$report = foreach ($server in $vCenterServerListing) {
    Connect-VIServer $server -Credential $credential
    Get-VMHost -PipelineVariable esx |
        ForEach-Object -Process {
            $esxcli = Get-EsxCli -VMHost $esx -V2
            $esxcli.network.firewall.ruleset.rule.list.Invoke() |
                select @{N = 'VMHost'; E = { $esx.Name } }, RuleSet,
                @{N = 'Enabled'; E = { $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid = "$($_.Ruleset)" }).Enabled } },
                Direction, Protocol, PortBegin, PortEnd, PortType,
                @{N = 'AllowedIP'; E = { ($esxcli.network.firewall.ruleset.allowedip.list.Invoke(@{rulesetid = "$($_.Ruleset)" })).AllowedIPAddresses -join '|' } }
        }
}
$report | Export-Csv -Path .\report.csv -NoTypeInformation -UseCulture


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
sjoshi25
Contributor
Contributor

Thanks for the quick response @LucD 

Its working now, no errors

Reply
0 Kudos