C++ 使用WFP筛选器允许端口和ip对

我希望防火墙能将我的设备与网络隔离，但我希望允许的端口/ip对很少

例如，为了允许某些端口（针对所有ip地址），我使用以下过滤器：

FWPM_过滤器_条件0条件[2]

conditions[0].fieldKey = FWPM_CONDITION_IP_REMOTE_PORT;
conditions[0].conditionValue.type = FWP_UINT16;
conditions[0].conditionValue.uint16 = port;

conditions[1].fieldKey = FWPM_CONDITION_IP_PROTOCOL;
conditions[1].conditionValue.type = FWP_UINT8;
conditions[1].conditionValue.uint32 = 0;
conditions[1].matchType = FWP_MATCH_GREATER_OR_EQUAL;

Filter.subLayerKey = myGUID;
Filter.displayData.name = L"myFirewall";
Filter.action.type = FWP_ACTION_PERMIT;
Filter.weight.type = FWP_UINT64;

uint64 weightvalue = 0x102;

Filter.weight.uint64 = &weightvalue;
Filter.flags = FWPM_FILTER_FLAG_PERSISTENT;
Filter.filterCondition = conditions;
Filter.layerKey = FWPM_LAYER_OUTBOUND_TRANSPORT_V4
Filter.numFilterConditions = 2;

此筛选器允许使用单个dest端口的数据包忽略其ip。 如何将特定ip添加到筛选器条件

---

谢谢

筛选条件以匹配远程IP地址

conditions[1].fieldKey = FWPM_CONDITION_IP_PROTOCOL;
conditions[1].conditionValue.type = FWP_V4_ADDR_MASK;
conditions[1].conditionValue.v4AddrMask = new FWP_V4_ADDR_AND_MASK;
conditions[1].conditionValue.v4AddrMask->addr = ip;
conditions[1].conditionValue.v4AddrMask->mask = VISTA_SUBNET_MASK;
conditions[1].matchType = FWP_MATCH_EQUAL;

---

您是否尝试增加条件计数，并添加

FWPM\u条件\u IP\u远程\u地址

条件？此处的文档：通过搜索您已经使用的条件，

FWPM\u条件\u IP\u远程\u端口