en-US/DSInternals.Win32.RpcFilters.PowerShell.dll-Help.xml
|
<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-RpcFilter</command:name> <command:verb>Get</command:verb> <command:noun>RpcFilter</command:noun> <maml:description> <maml:para>Gets a list of RPC filters that match the specified criteria.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet retrieves a list of RPC filters that match the specified criteria. If no criteria are specified, all RPC filters on the local computer are returned.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-RpcFilter</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="Provider, ProviderId, RpcFilterProvider, RpcFilterProviderId"> <maml:name>ProviderKey</maml:name> <maml:description> <maml:para>Specifies the unique identifier of the RPC filter provider.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-RpcFilter</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="RpcFirewall"> <maml:name>ZeroNetworks</maml:name> <maml:description> <maml:para>Specifies that only RPC filters created by the Zero Networks RPC Firewall should be returned. This parameter is equivalent to specifying the provider key 17171717-1717-1717-1717-171717171717, which is the unique identifier of the Zero Networks RPC Filter Provider.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="Provider, ProviderId, RpcFilterProvider, RpcFilterProviderId"> <maml:name>ProviderKey</maml:name> <maml:description> <maml:para>Specifies the unique identifier of the RPC filter provider.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="RpcFirewall"> <maml:name>ZeroNetworks</maml:name> <maml:description> <maml:para>Specifies that only RPC filters created by the Zero Networks RPC Firewall should be returned. This parameter is equivalent to specifying the provider key 17171717-1717-1717-1717-171717171717, which is the unique identifier of the Zero Networks RPC Filter Provider.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>DSInternals.Win32.RpcFilters.RpcFilter</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Get-RpcFilter</dev:code> <dev:remarks> <maml:para>Retrieves all RPC filters on the local computer.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 2 --------------------------</maml:title> <dev:code>PS C:\> Get-RpcFilter | Out-GridView</dev:code> <dev:remarks> <maml:para>Displays all RPC filters in an interactive grid view.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://github.com/MichaelGrafnetter/RPCFilterManager/blob/main/Documentation/PowerShell/Get-RpcFilter.md</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-RpcFilter</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-RpcFilter</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>New-RpcFilter</command:name> <command:verb>New</command:verb> <command:noun>RpcFilter</command:noun> <maml:description> <maml:para>Creates a new RPC filter for managing remote procedure call (RPC) traffic based on specified criteria.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new RPC filter for managing remote procedure call (RPC) traffic based on specified criteria. The filter can be customized using various parameters to define its behavior and conditions.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>New-RpcFilter</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Action</maml:name> <maml:description> <maml:para>Specifies the action to be performed if all the filter conditions are true.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Block</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Permit</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">CalloutUnknown</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">CalloutTerminating</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">CalloutInspection</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">RpcFilterAction</command:parameterValue> <dev:type> <maml:name>RpcFilterAction</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Audit</maml:name> <maml:description> <maml:para>Indicates whether incoming RPC calls are audited as part of C2 and common criteria compliance.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="AuthLevel"> <maml:name>AuthenticationLevel</maml:name> <maml:description> <maml:para>The authentication level controls how much security a client or server wants from its SSP.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Default</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">None</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Connect</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Call</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Packet</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">PacketIntegrity</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">PacketPrivacy</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">RpcAuthenticationLevel</command:parameterValue> <dev:type> <maml:name>RpcAuthenticationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="AuthType"> <maml:name>AuthenticationType</maml:name> <maml:description> <maml:para>Authentication service used for RPC connections.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">None</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Negotiate</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">NTLM</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">SChannel</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Kerberos</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Digest</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Default</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">RpcAuthenticationType</command:parameterValue> <dev:type> <maml:name>RpcAuthenticationType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Boot"> <maml:name>BootTimeEnforced</maml:name> <maml:description> <maml:para>Indicates whether the filter is enforced at boot-time, even before BFE starts.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>DcomAppId</maml:name> <maml:description> <maml:para>The identification of the COM application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Description</maml:name> <maml:description> <maml:para>Optional filter description.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>FilterKey</maml:name> <maml:description> <maml:para>Unique identifier of the filter.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>ImageName</maml:name> <maml:description> <maml:para>The name of the application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="RpcProtocol, Protocol, ProtocolUUID"> <maml:name>InterfaceUUID</maml:name> <maml:description> <maml:para>The UUID of the RPC interface.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalAddress</maml:name> <maml:description> <maml:para>The local IP address.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">IPAddress</command:parameterValue> <dev:type> <maml:name>IPAddress</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalAddressMask</maml:name> <maml:description> <maml:para>The local IP address mask.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Byte</command:parameterValue> <dev:type> <maml:name>Byte</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalPort</maml:name> <maml:description> <maml:para>The local transport protocol port number.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt16</command:parameterValue> <dev:type> <maml:name>UInt16</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Name</maml:name> <maml:description> <maml:para>Human-readable RPC filter name.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Pipe, PipeName"> <maml:name>NamedPipe</maml:name> <maml:description> <maml:para>The name of the remote named pipe.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="OpNum"> <maml:name>OperationNumber</maml:name> <maml:description> <maml:para>The RPC operation number for an RPC call made to an RPC listener.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt16</command:parameterValue> <dev:type> <maml:name>UInt16</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>PassThrough</maml:name> <maml:description> <maml:para>Indicates whether to return the object that was created by the cmdlet.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Persistent</maml:name> <maml:description> <maml:para>Indicates whether the filter is persistent, that is, it survives across BFE stop/start.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="IPAddress, Address"> <maml:name>RemoteAddress</maml:name> <maml:description> <maml:para>The remote IP address.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">IPAddress</command:parameterValue> <dev:type> <maml:name>IPAddress</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Mask, PrefixLength, Prefix, RemoteAddressPrefix, RemoteAddressPrefixLength"> <maml:name>RemoteAddressMask</maml:name> <maml:description> <maml:para>The remote IP address mask.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Byte</command:parameterValue> <dev:type> <maml:name>Byte</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="SDDL, Permissions, DACL"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>The identification of the remote user in SDDL form.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RawSecurityDescriptor</command:parameterValue> <dev:type> <maml:name>RawSecurityDescriptor</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="ProtSeq, Binding, ProtocolSequence"> <maml:name>Transport</maml:name> <maml:description> <maml:para>Protocol family used by the RPC endpoint.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RpcProtocolSequence</command:parameterValue> <dev:type> <maml:name>RpcProtocolSequence</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="WeightRange"> <maml:name>Weight</maml:name> <maml:description> <maml:para>The weight indicates the priority of the filter, where higher-numbered weights have higher priorities.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt64</command:parameterValue> <dev:type> <maml:name>UInt64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>New-RpcFilter</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Action</maml:name> <maml:description> <maml:para>Specifies the action to be performed if all the filter conditions are true.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Block</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Permit</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">CalloutUnknown</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">CalloutTerminating</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">CalloutInspection</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">RpcFilterAction</command:parameterValue> <dev:type> <maml:name>RpcFilterAction</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Audit</maml:name> <maml:description> <maml:para>Indicates whether incoming RPC calls are audited as part of C2 and common criteria compliance.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="AuthLevel"> <maml:name>AuthenticationLevel</maml:name> <maml:description> <maml:para>The authentication level controls how much security a client or server wants from its SSP.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Default</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">None</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Connect</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Call</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Packet</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">PacketIntegrity</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">PacketPrivacy</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">RpcAuthenticationLevel</command:parameterValue> <dev:type> <maml:name>RpcAuthenticationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="AuthType"> <maml:name>AuthenticationType</maml:name> <maml:description> <maml:para>Authentication service used for RPC connections.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">None</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Negotiate</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">NTLM</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">SChannel</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Kerberos</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Digest</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Default</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">RpcAuthenticationType</command:parameterValue> <dev:type> <maml:name>RpcAuthenticationType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Boot"> <maml:name>BootTimeEnforced</maml:name> <maml:description> <maml:para>Indicates whether the filter is enforced at boot-time, even before BFE starts.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>DcomAppId</maml:name> <maml:description> <maml:para>The identification of the COM application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Description</maml:name> <maml:description> <maml:para>Optional filter description.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>FilterKey</maml:name> <maml:description> <maml:para>Unique identifier of the filter.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>ImageName</maml:name> <maml:description> <maml:para>The name of the application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalAddress</maml:name> <maml:description> <maml:para>The local IP address.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">IPAddress</command:parameterValue> <dev:type> <maml:name>IPAddress</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalAddressMask</maml:name> <maml:description> <maml:para>The local IP address mask.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Byte</command:parameterValue> <dev:type> <maml:name>Byte</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalPort</maml:name> <maml:description> <maml:para>The local transport protocol port number.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt16</command:parameterValue> <dev:type> <maml:name>UInt16</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Name</maml:name> <maml:description> <maml:para>Human-readable RPC filter name.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Pipe, PipeName"> <maml:name>NamedPipe</maml:name> <maml:description> <maml:para>The name of the remote named pipe.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="OpNum"> <maml:name>OperationNumber</maml:name> <maml:description> <maml:para>The RPC operation number for an RPC call made to an RPC listener.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt16</command:parameterValue> <dev:type> <maml:name>UInt16</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>PassThrough</maml:name> <maml:description> <maml:para>Indicates whether to return the object that was created by the cmdlet.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Persistent</maml:name> <maml:description> <maml:para>Indicates whether the filter is persistent, that is, it survives across BFE stop/start.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="IPAddress, Address"> <maml:name>RemoteAddress</maml:name> <maml:description> <maml:para>The remote IP address.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">IPAddress</command:parameterValue> <dev:type> <maml:name>IPAddress</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Mask, PrefixLength, Prefix, RemoteAddressPrefix, RemoteAddressPrefixLength"> <maml:name>RemoteAddressMask</maml:name> <maml:description> <maml:para>The remote IP address mask.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Byte</command:parameterValue> <dev:type> <maml:name>Byte</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="SDDL, Permissions, DACL"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>The identification of the remote user in SDDL form.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RawSecurityDescriptor</command:parameterValue> <dev:type> <maml:name>RawSecurityDescriptor</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="ProtSeq, Binding, ProtocolSequence"> <maml:name>Transport</maml:name> <maml:description> <maml:para>Protocol family used by the RPC endpoint.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RpcProtocolSequence</command:parameterValue> <dev:type> <maml:name>RpcProtocolSequence</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="WeightRange"> <maml:name>Weight</maml:name> <maml:description> <maml:para>The weight indicates the priority of the filter, where higher-numbered weights have higher priorities.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt64</command:parameterValue> <dev:type> <maml:name>UInt64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="WellKnownInterface"> <maml:name>WellKnownProtocol</maml:name> <maml:description> <maml:para>Specifies a well-known RPC protocol. The protocol UUID is derived from the specified value.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">WellKnownProtocol</command:parameterValue> <dev:type> <maml:name>WellKnownProtocol</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>New-RpcFilter</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Action</maml:name> <maml:description> <maml:para>Specifies the action to be performed if all the filter conditions are true.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Block</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Permit</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">CalloutUnknown</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">CalloutTerminating</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">CalloutInspection</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">RpcFilterAction</command:parameterValue> <dev:type> <maml:name>RpcFilterAction</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Audit</maml:name> <maml:description> <maml:para>Indicates whether incoming RPC calls are audited as part of C2 and common criteria compliance.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="AuthLevel"> <maml:name>AuthenticationLevel</maml:name> <maml:description> <maml:para>The authentication level controls how much security a client or server wants from its SSP.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Default</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">None</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Connect</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Call</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Packet</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">PacketIntegrity</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">PacketPrivacy</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">RpcAuthenticationLevel</command:parameterValue> <dev:type> <maml:name>RpcAuthenticationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="AuthType"> <maml:name>AuthenticationType</maml:name> <maml:description> <maml:para>Authentication service used for RPC connections.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">None</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Negotiate</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">NTLM</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">SChannel</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Kerberos</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Digest</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Default</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">RpcAuthenticationType</command:parameterValue> <dev:type> <maml:name>RpcAuthenticationType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Boot"> <maml:name>BootTimeEnforced</maml:name> <maml:description> <maml:para>Indicates whether the filter is enforced at boot-time, even before BFE starts.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>DcomAppId</maml:name> <maml:description> <maml:para>The identification of the COM application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Description</maml:name> <maml:description> <maml:para>Optional filter description.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>FilterKey</maml:name> <maml:description> <maml:para>Unique identifier of the filter.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>ImageName</maml:name> <maml:description> <maml:para>The name of the application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalAddress</maml:name> <maml:description> <maml:para>The local IP address.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">IPAddress</command:parameterValue> <dev:type> <maml:name>IPAddress</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalAddressMask</maml:name> <maml:description> <maml:para>The local IP address mask.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Byte</command:parameterValue> <dev:type> <maml:name>Byte</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalPort</maml:name> <maml:description> <maml:para>The local transport protocol port number.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt16</command:parameterValue> <dev:type> <maml:name>UInt16</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Name</maml:name> <maml:description> <maml:para>Human-readable RPC filter name.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Pipe, PipeName"> <maml:name>NamedPipe</maml:name> <maml:description> <maml:para>The name of the remote named pipe.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>PassThrough</maml:name> <maml:description> <maml:para>Indicates whether to return the object that was created by the cmdlet.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Persistent</maml:name> <maml:description> <maml:para>Indicates whether the filter is persistent, that is, it survives across BFE stop/start.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="IPAddress, Address"> <maml:name>RemoteAddress</maml:name> <maml:description> <maml:para>The remote IP address.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">IPAddress</command:parameterValue> <dev:type> <maml:name>IPAddress</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Mask, PrefixLength, Prefix, RemoteAddressPrefix, RemoteAddressPrefixLength"> <maml:name>RemoteAddressMask</maml:name> <maml:description> <maml:para>The remote IP address mask.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Byte</command:parameterValue> <dev:type> <maml:name>Byte</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="SDDL, Permissions, DACL"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>The identification of the remote user in SDDL form.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RawSecurityDescriptor</command:parameterValue> <dev:type> <maml:name>RawSecurityDescriptor</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="ProtSeq, Binding, ProtocolSequence"> <maml:name>Transport</maml:name> <maml:description> <maml:para>Protocol family used by the RPC endpoint.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RpcProtocolSequence</command:parameterValue> <dev:type> <maml:name>RpcProtocolSequence</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="WeightRange"> <maml:name>Weight</maml:name> <maml:description> <maml:para>The weight indicates the priority of the filter, where higher-numbered weights have higher priorities.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt64</command:parameterValue> <dev:type> <maml:name>UInt64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>WellKnownOperation</maml:name> <maml:description> <maml:para>Specifies a well-known RPC operation. The protocol UUID and operation number is derived from the specified value.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">WellKnownOperation</command:parameterValue> <dev:type> <maml:name>WellKnownOperation</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Action</maml:name> <maml:description> <maml:para>Specifies the action to be performed if all the filter conditions are true.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RpcFilterAction</command:parameterValue> <dev:type> <maml:name>RpcFilterAction</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Audit</maml:name> <maml:description> <maml:para>Indicates whether incoming RPC calls are audited as part of C2 and common criteria compliance.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="AuthLevel"> <maml:name>AuthenticationLevel</maml:name> <maml:description> <maml:para>The authentication level controls how much security a client or server wants from its SSP.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RpcAuthenticationLevel</command:parameterValue> <dev:type> <maml:name>RpcAuthenticationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="AuthType"> <maml:name>AuthenticationType</maml:name> <maml:description> <maml:para>Authentication service used for RPC connections.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RpcAuthenticationType</command:parameterValue> <dev:type> <maml:name>RpcAuthenticationType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Boot"> <maml:name>BootTimeEnforced</maml:name> <maml:description> <maml:para>Indicates whether the filter is enforced at boot-time, even before BFE starts.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>DcomAppId</maml:name> <maml:description> <maml:para>The identification of the COM application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Description</maml:name> <maml:description> <maml:para>Optional filter description.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>FilterKey</maml:name> <maml:description> <maml:para>Unique identifier of the filter.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>ImageName</maml:name> <maml:description> <maml:para>The name of the application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="RpcProtocol, Protocol, ProtocolUUID"> <maml:name>InterfaceUUID</maml:name> <maml:description> <maml:para>The UUID of the RPC interface.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue> <dev:type> <maml:name>Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalAddress</maml:name> <maml:description> <maml:para>The local IP address.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">IPAddress</command:parameterValue> <dev:type> <maml:name>IPAddress</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalAddressMask</maml:name> <maml:description> <maml:para>The local IP address mask.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Byte</command:parameterValue> <dev:type> <maml:name>Byte</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>LocalPort</maml:name> <maml:description> <maml:para>The local transport protocol port number.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt16</command:parameterValue> <dev:type> <maml:name>UInt16</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>Name</maml:name> <maml:description> <maml:para>Human-readable RPC filter name.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Pipe, PipeName"> <maml:name>NamedPipe</maml:name> <maml:description> <maml:para>The name of the remote named pipe.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="OpNum"> <maml:name>OperationNumber</maml:name> <maml:description> <maml:para>The RPC operation number for an RPC call made to an RPC listener.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt16</command:parameterValue> <dev:type> <maml:name>UInt16</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>PassThrough</maml:name> <maml:description> <maml:para>Indicates whether to return the object that was created by the cmdlet.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Persistent</maml:name> <maml:description> <maml:para>Indicates whether the filter is persistent, that is, it survives across BFE stop/start.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="IPAddress, Address"> <maml:name>RemoteAddress</maml:name> <maml:description> <maml:para>The remote IP address.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">IPAddress</command:parameterValue> <dev:type> <maml:name>IPAddress</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Mask, PrefixLength, Prefix, RemoteAddressPrefix, RemoteAddressPrefixLength"> <maml:name>RemoteAddressMask</maml:name> <maml:description> <maml:para>The remote IP address mask.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Byte</command:parameterValue> <dev:type> <maml:name>Byte</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="SDDL, Permissions, DACL"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>The identification of the remote user in SDDL form.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RawSecurityDescriptor</command:parameterValue> <dev:type> <maml:name>RawSecurityDescriptor</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="ProtSeq, Binding, ProtocolSequence"> <maml:name>Transport</maml:name> <maml:description> <maml:para>Protocol family used by the RPC endpoint.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RpcProtocolSequence</command:parameterValue> <dev:type> <maml:name>RpcProtocolSequence</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="WeightRange"> <maml:name>Weight</maml:name> <maml:description> <maml:para>The weight indicates the priority of the filter, where higher-numbered weights have higher priorities.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt64</command:parameterValue> <dev:type> <maml:name>UInt64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"> <maml:name>WellKnownOperation</maml:name> <maml:description> <maml:para>Specifies a well-known RPC operation. The protocol UUID and operation number is derived from the specified value.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">WellKnownOperation</command:parameterValue> <dev:type> <maml:name>WellKnownOperation</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="WellKnownInterface"> <maml:name>WellKnownProtocol</maml:name> <maml:description> <maml:para>Specifies a well-known RPC protocol. The protocol UUID is derived from the specified value.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">WellKnownProtocol</command:parameterValue> <dev:type> <maml:name>WellKnownProtocol</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Nullable`1[[System.Guid, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>DSInternals.Win32.RpcFilters.RpcFilterAction</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Nullable`1[[DSInternals.Win32.RpcFilters.RpcAuthenticationLevel, DSInternals.Win32.RpcFilters, Version=1.0.0.0, Culture=neutral, PublicKeyToken=af7e77ba04a3c166]]</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Nullable`1[[DSInternals.Win32.RpcFilters.RpcAuthenticationType, DSInternals.Win32.RpcFilters, Version=1.0.0.0, Culture=neutral, PublicKeyToken=af7e77ba04a3c166]]</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Nullable`1[[DSInternals.Win32.RpcFilters.RpcProtocolSequence, DSInternals.Win32.RpcFilters, Version=1.0.0.0, Culture=neutral, PublicKeyToken=af7e77ba04a3c166]]</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Security.AccessControl.RawSecurityDescriptor</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Net.IPAddress</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Nullable`1[[System.Byte, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Nullable`1[[System.UInt16, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.Nullable`1[[System.UInt64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>DSInternals.Win32.RpcFilters.RpcFilter</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> New-RpcFilter -Name 'Block-SCMR-NP' -Description 'Block MS-SCMR over Named Pipes' -WellKnownProtocol ServiceControlManager -Transport ncacn_np -Action Block -Audit</dev:code> <dev:remarks> <maml:para>Creates a new RPC filter to block and audit service management (MS-SCMR) traffic over Named Pipes.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://github.com/MichaelGrafnetter/RPCFilterManager/blob/main/Documentation/PowerShell/New-RpcFilter.md</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-RpcFilter</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-RpcFilter</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-RpcFilterEvent</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Remove-RpcFilter</command:name> <command:verb>Remove</command:verb> <command:noun>RpcFilter</command:noun> <maml:description> <maml:para>Removes an existing remote procedure call (RPC) filter.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet removes an existing RPC filter from the system. The filter can be specified by its unique identifier or by passing the filter object directly.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Remove-RpcFilter</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="FilterId, RpcFilter"> <maml:name>Id</maml:name> <maml:description> <maml:para>Specifies the identifier of the RPC filter to delete.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt64</command:parameterValue> <dev:type> <maml:name>UInt64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Remove-RpcFilter</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="0" aliases="Filter"> <maml:name>InputObject</maml:name> <maml:description> <maml:para>Specifies the RPC filter object to delete.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RpcFilter</command:parameterValue> <dev:type> <maml:name>RpcFilter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>PassThrough</maml:name> <maml:description> <maml:para>If this switch is specified, the cmdlet returns the deleted RPC filter object. By default, this cmdlet does not generate any output.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="FilterId, RpcFilter"> <maml:name>Id</maml:name> <maml:description> <maml:para>Specifies the identifier of the RPC filter to delete.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt64</command:parameterValue> <dev:type> <maml:name>UInt64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="0" aliases="Filter"> <maml:name>InputObject</maml:name> <maml:description> <maml:para>Specifies the RPC filter object to delete.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">RpcFilter</command:parameterValue> <dev:type> <maml:name>RpcFilter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>PassThrough</maml:name> <maml:description> <maml:para>If this switch is specified, the cmdlet returns the deleted RPC filter object. By default, this cmdlet does not generate any output.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.UInt64</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>DSInternals.Win32.RpcFilters.RpcFilter</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Remove-RpcFilter -Id 123</dev:code> <dev:remarks> <maml:para>Removes the RPC filter with the specified identifier.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 2 --------------------------</maml:title> <dev:code>PS C:\> Get-RpcFilter | where Name -eq 'Block-EFSRPC' | Remove-RpcFilter -PassThrough</dev:code> <dev:remarks> <maml:para>Removes RPC filters called 'Block-EFSRPC' and returns the deleted filter objects.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 3 --------------------------</maml:title> <dev:code>PS C:\> Get-RpcFilter | Remove-RpcFilter</dev:code> <dev:remarks> <maml:para>Removes all existing RPC filters from the system.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://github.com/MichaelGrafnetter/RPCFilterManager/blob/main/Documentation/PowerShell/Remove-RpcFilter.md</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> </helpItems> |