Follow the steps below and commands on how to verify DFW rules to the ESXi from the ESXi console:
- Locate the VM that you want to validate and SSH into the ESXi host; in this example, we will validate the DFW rule for the VM web-01a.
- Type summarize-dvfilter, look at the VM name, and look for name under vNIC slot 2. If there are too many lines of information, you can filter using grep. For example, filter by web-01a or sfw.2 with the command summarize-dvfilter | grep 'web-01a|sfw.2'. The other method to obtain the filter name is using vsipioctl getfwfilters. However, this command will show the VM UUID instead of VM name
- To show the applied rules, use the command vsipioctl getfwrules -f nic-76730-eth0-vmware-sfw.2