7 Replies Latest reply on Mar 28, 2019 11:10 AM by Busted_Flush

    Get-ESXCLI: How to validate firewall DNS allowed IP?

    Busted_Flush Novice

      I've used some borrowed code to only permit port 52 to use allowed IPs of our DNS servers.

       

      I'd like to write something to validate those IPs are set. I just want to list the allowed IPs.

       

      I'm getting close, but not quite there......

       

      $esx = Get-VMHost -Name $vmhost

      $esxcli = Get-Esxcli -VMHost $esx -v2

      $esxcli.network.firewall.ruleset.list.invoke()

      Enabled Name
      ------- ----
      <snip>
      true    dns
      <snip>

       

      $esxcli.network.firewall.ruleset.list.invoke() | where {$_.name -eq 'dns'}

      Enabled Name
      ------- ----
      true    dns

       

      $esxcli.network.firewall.ruleset.list('dns')

      Method invocation failed because [VMware.VimAutomation.ViCore.Impl.V1.EsxCli.EsxCliElementImpl] does not contain a

      method named 'list'.

      At line:1 char:1

      + $esxcli.network.firewall.ruleset.list('dns')

      + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

          + CategoryInfo          : InvalidOperation: (list:String) [], RuntimeException

          + FullyQualifiedErrorId : MethodNotFound