Skip to content

Commit 8567e70

Browse files
author
yoavmalichi_microsoft
committed
copying yaara's commit
1 parent d2759c2 commit 8567e70

File tree

5 files changed

+270
-2
lines changed

5 files changed

+270
-2
lines changed

src/Network/Network.Test/ScenarioTests/ApplicationGatewayTests.cs

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -388,5 +388,37 @@ public void TestApplicationGatewayFirewallPolicyComputedDisabledRules()
388388
{
389389
TestRunner.RunTestScript("Test-ApplicationGatewayFirewallPolicyComputedDisabledRules");
390390
}
391+
392+
[Fact]
393+
[Trait(Category.AcceptanceType, Category.CheckIn)]
394+
[Trait(Category.Owner, NrpTeamAlias.nvadev_subset1)]
395+
public void TestApplicationGatewayFirewallPolicyWithRateLimitRuleClientAddrXFFHeader()
396+
{
397+
TestRunner.RunTestScript("Test-ApplicationGatewayFirewallPolicyWithRateLimitRuleClientAddrXFFHeader");
398+
}
399+
400+
[Fact]
401+
[Trait(Category.AcceptanceType, Category.CheckIn)]
402+
[Trait(Category.Owner, NrpTeamAlias.nvadev_subset1)]
403+
public void TestApplicationGatewayFirewallPolicyWithRateLimitRuleGeoLocationXFFHeader()
404+
{
405+
TestRunner.RunTestScript("Test-ApplicationGatewayFirewallPolicyWithRateLimitRuleGeoLocationXFFHeader");
406+
}
407+
408+
[Fact]
409+
[Trait(Category.AcceptanceType, Category.CheckIn)]
410+
[Trait(Category.Owner, NrpTeamAlias.nvadev_subset1)]
411+
public void TestApplicationGatewayFirewallPolicyCustomRuleClientAddrXFFHeaderRemoval()
412+
{
413+
TestRunner.RunTestScript("Test-ApplicationGatewayFirewallPolicyCustomRuleClientAddrXFFHeaderRemoval");
414+
}
415+
416+
[Fact]
417+
[Trait(Category.AcceptanceType, Category.CheckIn)]
418+
[Trait(Category.Owner, NrpTeamAlias.nvadev_subset1)]
419+
public void TestApplicationGatewayFirewallPolicyCustomRuleGeoLocationXFFHeaderRemoval()
420+
{
421+
TestRunner.RunTestScript("Test-ApplicationGatewayFirewallPolicyCustomRuleGeoLocationXFFHeaderRemoval");
422+
}
391423
}
392424
}

src/Network/Network.Test/ScenarioTests/ApplicationGatewayTests.ps1

Lines changed: 234 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6083,3 +6083,237 @@ function Test-ApplicationGatewayFirewallPolicyComputedDisabledRules
60836083
Clean-ResourceGroup $rgname
60846084
}
60856085
}
6086+
6087+
function Test-ApplicationGatewayFirewallPolicyWithRateLimitRuleClientAddrXFFHeader
6088+
{
6089+
# Setup
6090+
$location = Get-ProviderLocation "Microsoft.Network/applicationGateways" "West US 2"
6091+
$rgname = Get-ResourceGroupName
6092+
$wafPolicyName = "wafPolicy1"
6093+
6094+
try {
6095+
6096+
$resourceGroup = New-AzResourceGroup -Name $rgname -Location $location -Tags @{ testtag = "APPGw tag"}
6097+
6098+
# WAF Policy with rate limiting rule custom Rule
6099+
$variable = New-AzApplicationGatewayFirewallMatchVariable -VariableName RequestHeaders -Selector Malicious-Header
6100+
$condition = New-AzApplicationGatewayFirewallCondition -MatchVariable $variable -Operator Any -NegationCondition $False
6101+
$groupbyVar = New-AzApplicationGatewayFirewallCustomRuleGroupByVariable -VariableName ClientAddrXFFHeader
6102+
$groupbyUserSes = New-AzApplicationGatewayFirewallCustomRuleGroupByUserSession -GroupByVariable $groupbyVar
6103+
$customRule = New-AzApplicationGatewayFirewallCustomRule -Name example -Priority 2 -RateLimitDuration OneMin -RateLimitThreshold 10 -RuleType RateLimitRule -MatchCondition $condition -GroupByUserSession $groupbyUserSes -Action Block
6104+
6105+
$policySettings = New-AzApplicationGatewayFirewallPolicySetting -Mode Prevention -State Enabled -MaxFileUploadInMb 70 -MaxRequestBodySizeInKb 70
6106+
$managedRuleSet = New-AzApplicationGatewayFirewallPolicyManagedRuleSet -RuleSetType "OWASP" -RuleSetVersion "3.2"
6107+
$managedRule = New-AzApplicationGatewayFirewallPolicyManagedRule -ManagedRuleSet $managedRuleSet
6108+
New-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname -Location $location -ManagedRule $managedRule -PolicySetting $policySettings -CustomRule $customRule
6109+
6110+
$policy = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6111+
6112+
# Check WAF policy
6113+
Assert-AreEqual $policy.CustomRules[0].Name $customRule.Name
6114+
Assert-AreEqual $policy.CustomRules[0].RuleType $customRule.RuleType
6115+
Assert-AreEqual $policy.CustomRules[0].Action $customRule.Action
6116+
Assert-AreEqual $policy.CustomRules[0].Priority $customRule.Priority
6117+
Assert-AreEqual $policy.CustomRules[0].RateLimitDuration $customRule.RateLimitDuration
6118+
Assert-AreEqual $policy.CustomRules[0].RateLimitThreshold $customRule.RateLimitThreshold
6119+
Assert-AreEqual $policy.CustomRules[0].State "Enabled"
6120+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].OperatorProperty $customRule.MatchConditions[0].OperatorProperty
6121+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].NegationConditon $customRule.MatchConditions[0].NegationConditon
6122+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].MatchVariables[0].VariableName $customRule.MatchConditions[0].MatchVariables[0].VariableName
6123+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].MatchVariables[0].Selector $customRule.MatchConditions[0].MatchVariables[0].Selector
6124+
Assert-AreEqual $policy.CustomRules[0].GroupByUserSession[0].GroupByVariables[0].VariableName $customRule.GroupByUserSession[0].GroupByVariables[0].VariableName
6125+
Assert-AreEqual $policy.PolicySettings.FileUploadLimitInMb $policySettings.FileUploadLimitInMb
6126+
Assert-AreEqual $policy.PolicySettings.MaxRequestBodySizeInKb $policySettings.MaxRequestBodySizeInKb
6127+
Assert-AreEqual $policy.PolicySettings.RequestBodyCheck $policySettings.RequestBodyCheck
6128+
Assert-AreEqual $policy.PolicySettings.Mode $policySettings.Mode
6129+
Assert-AreEqual $policy.PolicySettings.State $policySettings.State
6130+
6131+
$policy.CustomRules[0].State = "Disabled"
6132+
Set-AzApplicationGatewayFirewallPolicy -InputObject $policy
6133+
$policy1 = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6134+
Assert-AreEqual $policy1.CustomRules[0].State "Disabled"
6135+
}
6136+
finally
6137+
{
6138+
# Cleanup
6139+
Clean-ResourceGroup $rgname
6140+
}
6141+
}
6142+
6143+
function Test-ApplicationGatewayFirewallPolicyWithRateLimitRuleGeoLocationXFFHeader
6144+
{
6145+
# Setup
6146+
$location = Get-ProviderLocation "Microsoft.Network/applicationGateways" "West US 2"
6147+
$rgname = Get-ResourceGroupName
6148+
$wafPolicyName = "wafPolicy1"
6149+
6150+
try {
6151+
6152+
$resourceGroup = New-AzResourceGroup -Name $rgname -Location $location -Tags @{ testtag = "APPGw tag"}
6153+
6154+
# WAF Policy with rate limiting rule custom Rule
6155+
$variable = New-AzApplicationGatewayFirewallMatchVariable -VariableName RequestHeaders -Selector Malicious-Header
6156+
$condition = New-AzApplicationGatewayFirewallCondition -MatchVariable $variable -Operator Any -NegationCondition $False
6157+
$groupbyVar = New-AzApplicationGatewayFirewallCustomRuleGroupByVariable -VariableName GeoLocationXFFHeader
6158+
$groupbyUserSes = New-AzApplicationGatewayFirewallCustomRuleGroupByUserSession -GroupByVariable $groupbyVar
6159+
$customRule = New-AzApplicationGatewayFirewallCustomRule -Name example -Priority 2 -RateLimitDuration OneMin -RateLimitThreshold 10 -RuleType RateLimitRule -MatchCondition $condition -GroupByUserSession $groupbyUserSes -Action Block
6160+
6161+
$policySettings = New-AzApplicationGatewayFirewallPolicySetting -Mode Prevention -State Enabled -MaxFileUploadInMb 70 -MaxRequestBodySizeInKb 70
6162+
$managedRuleSet = New-AzApplicationGatewayFirewallPolicyManagedRuleSet -RuleSetType "OWASP" -RuleSetVersion "3.2"
6163+
$managedRule = New-AzApplicationGatewayFirewallPolicyManagedRule -ManagedRuleSet $managedRuleSet
6164+
New-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname -Location $location -ManagedRule $managedRule -PolicySetting $policySettings -CustomRule $customRule
6165+
6166+
$policy = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6167+
6168+
# Check WAF policy
6169+
Assert-AreEqual $policy.CustomRules[0].Name $customRule.Name
6170+
Assert-AreEqual $policy.CustomRules[0].RuleType $customRule.RuleType
6171+
Assert-AreEqual $policy.CustomRules[0].Action $customRule.Action
6172+
Assert-AreEqual $policy.CustomRules[0].Priority $customRule.Priority
6173+
Assert-AreEqual $policy.CustomRules[0].RateLimitDuration $customRule.RateLimitDuration
6174+
Assert-AreEqual $policy.CustomRules[0].RateLimitThreshold $customRule.RateLimitThreshold
6175+
Assert-AreEqual $policy.CustomRules[0].State "Enabled"
6176+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].OperatorProperty $customRule.MatchConditions[0].OperatorProperty
6177+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].NegationConditon $customRule.MatchConditions[0].NegationConditon
6178+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].MatchVariables[0].VariableName $customRule.MatchConditions[0].MatchVariables[0].VariableName
6179+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].MatchVariables[0].Selector $customRule.MatchConditions[0].MatchVariables[0].Selector
6180+
Assert-AreEqual $policy.CustomRules[0].GroupByUserSession[0].GroupByVariables[0].VariableName $customRule.GroupByUserSession[0].GroupByVariables[0].VariableName
6181+
Assert-AreEqual $policy.PolicySettings.FileUploadLimitInMb $policySettings.FileUploadLimitInMb
6182+
Assert-AreEqual $policy.PolicySettings.MaxRequestBodySizeInKb $policySettings.MaxRequestBodySizeInKb
6183+
Assert-AreEqual $policy.PolicySettings.RequestBodyCheck $policySettings.RequestBodyCheck
6184+
Assert-AreEqual $policy.PolicySettings.Mode $policySettings.Mode
6185+
Assert-AreEqual $policy.PolicySettings.State $policySettings.State
6186+
6187+
$policy.CustomRules[0].State = "Disabled"
6188+
Set-AzApplicationGatewayFirewallPolicy -InputObject $policy
6189+
$policy1 = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6190+
Assert-AreEqual $policy1.CustomRules[0].State "Disabled"
6191+
}
6192+
finally
6193+
{
6194+
# Cleanup
6195+
Clean-ResourceGroup $rgname
6196+
}
6197+
}
6198+
6199+
function Test-ApplicationGatewayFirewallPolicyCustomRuleClientAddrXFFHeaderRemoval
6200+
{
6201+
# Setup
6202+
$location = Get-ProviderLocation "Microsoft.Network/applicationGateways" "West US 2"
6203+
$rgname = Get-ResourceGroupName
6204+
$wafPolicyName = "wafPolicy1"
6205+
6206+
try {
6207+
6208+
$resourceGroup = New-AzResourceGroup -Name $rgname -Location $location -Tags @{ testtag = "APPGw tag"}
6209+
6210+
# WAF Policy with rate limiting rule custom Rule
6211+
$variable = New-AzApplicationGatewayFirewallMatchVariable -VariableName RequestHeaders -Selector Malicious-Header
6212+
$condition = New-AzApplicationGatewayFirewallCondition -MatchVariable $variable -Operator Any -NegationCondition $False
6213+
$groupbyVar = New-AzApplicationGatewayFirewallCustomRuleGroupByVariable -VariableName ClientAddrXFFHeader
6214+
$groupbyUserSes = New-AzApplicationGatewayFirewallCustomRuleGroupByUserSession -GroupByVariable $groupbyVar
6215+
$customRule = New-AzApplicationGatewayFirewallCustomRule -Name example -Priority 2 -RateLimitDuration OneMin -RateLimitThreshold 10 -RuleType RateLimitRule -MatchCondition $condition -GroupByUserSession $groupbyUserSes -Action Block
6216+
6217+
$policySettings = New-AzApplicationGatewayFirewallPolicySetting -Mode Prevention -State Enabled -MaxFileUploadInMb 70 -MaxRequestBodySizeInKb 70
6218+
$managedRuleSet = New-AzApplicationGatewayFirewallPolicyManagedRuleSet -RuleSetType "OWASP" -RuleSetVersion "3.2"
6219+
$managedRule = New-AzApplicationGatewayFirewallPolicyManagedRule -ManagedRuleSet $managedRuleSet
6220+
New-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname -Location $location -ManagedRule $managedRule -PolicySetting $policySettings -CustomRule $customRule
6221+
6222+
$policy = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6223+
6224+
# Check WAF policy
6225+
Assert-AreEqual $policy.CustomRules[0].Name $customRule.Name
6226+
Assert-AreEqual $policy.CustomRules[0].RuleType $customRule.RuleType
6227+
Assert-AreEqual $policy.CustomRules[0].Action $customRule.Action
6228+
Assert-AreEqual $policy.CustomRules[0].Priority $customRule.Priority
6229+
Assert-AreEqual $policy.CustomRules[0].RateLimitDuration $customRule.RateLimitDuration
6230+
Assert-AreEqual $policy.CustomRules[0].RateLimitThreshold $customRule.RateLimitThreshold
6231+
Assert-AreEqual $policy.CustomRules[0].State "Enabled"
6232+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].OperatorProperty $customRule.MatchConditions[0].OperatorProperty
6233+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].NegationConditon $customRule.MatchConditions[0].NegationConditon
6234+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].MatchVariables[0].VariableName $customRule.MatchConditions[0].MatchVariables[0].VariableName
6235+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].MatchVariables[0].Selector $customRule.MatchConditions[0].MatchVariables[0].Selector
6236+
Assert-AreEqual $policy.CustomRules[0].GroupByUserSession[0].GroupByVariables[0].VariableName $customRule.GroupByUserSession[0].GroupByVariables[0].VariableName
6237+
Assert-AreEqual $policy.PolicySettings.FileUploadLimitInMb $policySettings.FileUploadLimitInMb
6238+
Assert-AreEqual $policy.PolicySettings.MaxRequestBodySizeInKb $policySettings.MaxRequestBodySizeInKb
6239+
Assert-AreEqual $policy.PolicySettings.RequestBodyCheck $policySettings.RequestBodyCheck
6240+
Assert-AreEqual $policy.PolicySettings.Mode $policySettings.Mode
6241+
Assert-AreEqual $policy.PolicySettings.State $policySettings.State
6242+
6243+
$policy.CustomRules[0].State = "Disabled"
6244+
Set-AzApplicationGatewayFirewallPolicy -InputObject $policy
6245+
$policy1 = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6246+
Assert-AreEqual $policy1.CustomRules[0].State "Disabled"
6247+
6248+
#Remove Custom Rule
6249+
Remove-AzApplicationGatewayFirewallCustomRule -Name $customRule.Name -ResourceGroupName $rgname -PolicyName $wafPolicyName
6250+
$policynew = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6251+
Assert-Null $policynew.CustomRules[0]
6252+
}
6253+
finally
6254+
{
6255+
# Cleanup
6256+
Clean-ResourceGroup $rgname
6257+
}
6258+
}
6259+
6260+
function Test-ApplicationGatewayFirewallPolicyCustomRuleGeoLocationXFFHeaderRemoval
6261+
{
6262+
# Setup
6263+
$location = Get-ProviderLocation "Microsoft.Network/applicationGateways" "West US 2"
6264+
$rgname = Get-ResourceGroupName
6265+
$wafPolicyName = "wafPolicy1"
6266+
6267+
try {
6268+
6269+
$resourceGroup = New-AzResourceGroup -Name $rgname -Location $location -Tags @{ testtag = "APPGw tag"}
6270+
6271+
# WAF Policy with rate limiting rule custom Rule
6272+
$variable = New-AzApplicationGatewayFirewallMatchVariable -VariableName RequestHeaders -Selector Malicious-Header
6273+
$condition = New-AzApplicationGatewayFirewallCondition -MatchVariable $variable -Operator Any -NegationCondition $False
6274+
$groupbyVar = New-AzApplicationGatewayFirewallCustomRuleGroupByVariable -VariableName GeoLocationXFFHeader
6275+
$groupbyUserSes = New-AzApplicationGatewayFirewallCustomRuleGroupByUserSession -GroupByVariable $groupbyVar
6276+
$customRule = New-AzApplicationGatewayFirewallCustomRule -Name example -Priority 2 -RateLimitDuration OneMin -RateLimitThreshold 10 -RuleType RateLimitRule -MatchCondition $condition -GroupByUserSession $groupbyUserSes -Action Block
6277+
6278+
$policySettings = New-AzApplicationGatewayFirewallPolicySetting -Mode Prevention -State Enabled -MaxFileUploadInMb 70 -MaxRequestBodySizeInKb 70
6279+
$managedRuleSet = New-AzApplicationGatewayFirewallPolicyManagedRuleSet -RuleSetType "OWASP" -RuleSetVersion "3.2"
6280+
$managedRule = New-AzApplicationGatewayFirewallPolicyManagedRule -ManagedRuleSet $managedRuleSet
6281+
New-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname -Location $location -ManagedRule $managedRule -PolicySetting $policySettings -CustomRule $customRule
6282+
6283+
$policy = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6284+
6285+
# Check WAF policy
6286+
Assert-AreEqual $policy.CustomRules[0].Name $customRule.Name
6287+
Assert-AreEqual $policy.CustomRules[0].RuleType $customRule.RuleType
6288+
Assert-AreEqual $policy.CustomRules[0].Action $customRule.Action
6289+
Assert-AreEqual $policy.CustomRules[0].Priority $customRule.Priority
6290+
Assert-AreEqual $policy.CustomRules[0].RateLimitDuration $customRule.RateLimitDuration
6291+
Assert-AreEqual $policy.CustomRules[0].RateLimitThreshold $customRule.RateLimitThreshold
6292+
Assert-AreEqual $policy.CustomRules[0].State "Enabled"
6293+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].OperatorProperty $customRule.MatchConditions[0].OperatorProperty
6294+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].NegationConditon $customRule.MatchConditions[0].NegationConditon
6295+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].MatchVariables[0].VariableName $customRule.MatchConditions[0].MatchVariables[0].VariableName
6296+
Assert-AreEqual $policy.CustomRules[0].MatchConditions[0].MatchVariables[0].Selector $customRule.MatchConditions[0].MatchVariables[0].Selector
6297+
Assert-AreEqual $policy.CustomRules[0].GroupByUserSession[0].GroupByVariables[0].VariableName $customRule.GroupByUserSession[0].GroupByVariables[0].VariableName
6298+
Assert-AreEqual $policy.PolicySettings.FileUploadLimitInMb $policySettings.FileUploadLimitInMb
6299+
Assert-AreEqual $policy.PolicySettings.MaxRequestBodySizeInKb $policySettings.MaxRequestBodySizeInKb
6300+
Assert-AreEqual $policy.PolicySettings.RequestBodyCheck $policySettings.RequestBodyCheck
6301+
Assert-AreEqual $policy.PolicySettings.Mode $policySettings.Mode
6302+
Assert-AreEqual $policy.PolicySettings.State $policySettings.State
6303+
6304+
$policy.CustomRules[0].State = "Disabled"
6305+
Set-AzApplicationGatewayFirewallPolicy -InputObject $policy
6306+
$policy1 = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6307+
Assert-AreEqual $policy1.CustomRules[0].State "Disabled"
6308+
6309+
#Remove Custom Rule
6310+
Remove-AzApplicationGatewayFirewallCustomRule -Name $customRule.Name -ResourceGroupName $rgname -PolicyName $wafPolicyName
6311+
$policynew = Get-AzApplicationGatewayFirewallPolicy -Name $wafPolicyName -ResourceGroupName $rgname
6312+
Assert-Null $policynew.CustomRules[0]
6313+
}
6314+
finally
6315+
{
6316+
# Cleanup
6317+
Clean-ResourceGroup $rgname
6318+
}
6319+
}

src/Network/Network/ChangeLog.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,8 @@
3535
- `Set-AzApplicationGatewayProbeConfig`
3636
- `Add-AzApplicationGatewayProbeConfig`
3737
- `New-AzApplicationGatewayProbeConfig`
38+
* Added property 'GeoLocationXFFHeader' and 'ClientAddrXFFHeader' as VariableName in `NewAzureApplicationGatewayFirewallCustomRuleGroupByVariable`.
39+
* Fixed bug in `NewAzureApplicationGatewayFirewallCustomRuleGroupByVariable` to add "GeoLocation" as a valid input for VariableName
3840

3941
## Version 7.21.0
4042
* Added deprecation warning for cmdlet `Invoke-AzFirewallPacketCapture`

src/Network/Network/FirewallPolicy/FirewallCustomRule/GroupByUserSession/GroupByVariable/NewAzureApplicationGatewayFirewallCustomRuleGroupByVariableCommand.cs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ public class NewAzureApplicationGatewayFirewallCustomRuleGroupByVariableCommand
2525
Mandatory = true,
2626
HelpMessage = "User Session clause variable.")]
2727
[ValidateNotNullOrEmpty]
28-
[ValidateSet("ClientAddr", "GeoLocation", "None", IgnoreCase = true)]
28+
[ValidateSet("ClientAddr", "GeoLocation", "None", "ClientAddrXFFHeader", "GeoLocationXFFHeader", IgnoreCase = true)]
2929
public string VariableName { get; set; }
3030

3131
public override void ExecuteCmdlet()

src/Network/Network/help/New-AzApplicationGatewayFirewallCustomRuleGroupByVariable.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ User Session clause variable.
5353
Type: System.String
5454
Parameter Sets: (All)
5555
Aliases:
56-
Accepted values: ClientAddr, GeoLocation, None
56+
Accepted values: ClientAddr, GeoLocation, None, ClientAddrXFFHeader, GeoLocationXFFHeader
5757

5858
Required: True
5959
Position: Named

0 commit comments

Comments
 (0)