您可以在 vRealize Network Insight 中搜尋 NSX 防火牆規則。
| 搜尋查詢 | 說明 |
|---|---|
VM where incoming rules.Source Any |
檢視具有任何來源 (可與特定的連接埠結合) 的規則。 |
Firewall rule where action = allow and service any = true |
檢視允許任何連接埠的防火牆規則。 |
Firewall Rule Masked Alert |
檢視未使用的防火牆規則的清單。 |
New firewall rules in last 24 hours |
檢視在過去 24 小時內建立的防火牆規則。 |
New firewall rules in last 7 days |
檢視在過去 7 天內建立的防火牆規則。 |
New firewall rules in last 30 days |
檢視在過去 30 天內建立的防火牆規則。 |
Firewall rule where flow is not set |
檢視所有非作用中防火牆規則的清單。 |
Flow group by firewall rule |
檢視叫用每個防火牆規則的流量的計數。 |
Security group where Indirect Incoming Rules is not set and Indirect Outgoing Rules is not set and Direct Incoming Rules is not set and Direct Outgoing Rules is not set |
檢視未使用的安全群組。 |
Ipset where Indirect Incoming Rules is not set and Indirect Outgoing Rules is not set and Direct Incoming Rules is not set and Direct Outgoing Rules is not set |
檢視未使用的 IPSet。 |
Flow where rule id in (1011, 1012, 1013) |
叫用特定規則識別碼的流量。 |
Flow where application = app1 |
叫用應用程式的流量。 |
-
未使用的防火牆規則
-
防火牆規則遮罩規則警示
