Cleanup orphan rules.

Author: princepereira

…igation-scripts/cleanup-orphan-rules.ps1 …le-lb-dsr-rules/cleanup-orphan-rules.ps1scripts/mitigation-scripts/cleanup-orphan-rules.ps1 renamed to scripts/mitigation-scripts/stale-lb-dsr-rules/cleanup-orphan-rules.ps1 scripts/mitigation-scripts/cleanup-orphan-rules.ps1 renamed to scripts/mitigation-scripts/stale-lb-dsr-rules/cleanup-orphan-rules.ps1

@@ -183,7 +183,8 @@ while ($true) {
             if (-not (Test-VfpRuleHasMatchingPolicy -port $entry.Port -layer $entry.Layer -group $entry.Group -ruleId $entry.RuleId -hnsPolicies $hnsPolicies)) {
                 Write-KustoLog -Level 'Warning' -Event 'OrphanRuleNoPolicy' -Message "Rule has no matching HNS policy and is a candidate for removal." -Properties $ruleProps
                 # Remove the orphan rule
-                # vfpctrl.exe /port $entry.Port /layer $entry.Layer /group $entry.Group /delete-rule /rule $entry.RuleId
+                vfpctrl /remove-rule /port $entry.Port /layer $entry.Layer /group $entry.Group /rule $entry.RuleId
+                Write-KustoLog -Level 'Info' -Event 'OrphanRuleRemoved' -Message "Orphan VFP rule removed." -Properties $ruleProps
             } else {
                 Write-KustoLog -Level 'Info' -Event 'OrphanRuleHasPolicy' -Message "Rule has a matching HNS policy and should not be removed." -Properties $ruleProps
             }

…gation-scripts/cleanup-orphan-rules.yaml …e-lb-dsr-rules/cleanup-orphan-rules.yamlscripts/mitigation-scripts/cleanup-orphan-rules.yaml renamed to scripts/mitigation-scripts/stale-lb-dsr-rules/cleanup-orphan-rules.yaml scripts/mitigation-scripts/cleanup-orphan-rules.yaml renamed to scripts/mitigation-scripts/stale-lb-dsr-rules/cleanup-orphan-rules.yaml

@@ -195,7 +195,8 @@ data:
                 if (-not (Test-VfpRuleHasMatchingPolicy -port $entry.Port -layer $entry.Layer -group $entry.Group -ruleId $entry.RuleId -hnsPolicies $hnsPolicies)) {
                     Write-KustoLog -Level 'Warning' -Event 'OrphanRuleNoPolicy' -Message "Rule has no matching HNS policy and is a candidate for removal." -Properties $ruleProps
                     # Remove the orphan rule
-                    vfpctrl.exe /port $entry.Port /layer $entry.Layer /group $entry.Group /delete-rule /rule $entry.RuleId
+                    vfpctrl /remove-rule /port $entry.Port /layer $entry.Layer /group $entry.Group /rule $entry.RuleId
+                    Write-KustoLog -Level 'Info' -Event 'OrphanRuleRemoved' -Message "Orphan VFP rule removed." -Properties $ruleProps
                 } else {
                     Write-KustoLog -Level 'Info' -Event 'OrphanRuleHasPolicy' -Message "Rule has a matching HNS policy and should not be removed." -Properties $ruleProps
                 }