Redirect WFP ALE_CONNECT_重定向层块过滤器不';行不通
我正在和WFP做一些工作,我在FWPM\u层\u ALE\u CONNECT\u REDIRECT\u V4层上遇到了阻塞过滤器的问题。它必须阻止来自本地ip的流量,但事实并非如此。如果我将图层更改为FWPM\U layer\U ALE\U AUTH\U CONNECT\U V4过滤器工作正常 所以我有几个问题: 1) 我可以在FWPM\u LAYER\u ALE\u CONNECT\u REDIRECT\u V4层阻止来自指定本地ip的流量吗(下面的代码不起作用) 2) 我们可以在ale\U connect\u redirect(或ale\u bind\u redirect)层上创建本地\u ip(远程\u ip)条件吗Redirect WFP ALE_CONNECT_重定向层块过滤器不';行不通,redirect,filter,block,layer,wfp,Redirect,Filter,Block,Layer,Wfp,我正在和WFP做一些工作,我在FWPM\u层\u ALE\u CONNECT\u REDIRECT\u V4层上遇到了阻塞过滤器的问题。它必须阻止来自本地ip的流量,但事实并非如此。如果我将图层更改为FWPM\U layer\U ALE\U AUTH\U CONNECT\U V4过滤器工作正常 所以我有几个问题: 1) 我可以在FWPM\u LAYER\u ALE\u CONNECT\u REDIRECT\u V4层阻止来自指定本地ip的流量吗(下面的代码不起作用) 2) 我们可以在ale\U
谢谢大家! 你想要实现的目标并非100%显而易见,但:
UINT32 test_wfp_filter(HANDLE engine_handle,
FWP_V4_ADDR_AND_MASK* source_ip,
UINT8 weight)
{
UINT32 status;
FWPM_FILTER filter = { 0 };
FWPM_FILTER_CONDITION filter_conditions[1] = { 0 };
filter_conditions[0].fieldKey = FWPM_CONDITION_IP_LOCAL_ADDRESS;
filter_conditions[0].matchType = FWP_MATCH_EQUAL;
filter_conditions[0].conditionValue.type = FWP_V4_ADDR_MASK;
filter_conditions[0].conditionValue.v4AddrMask = source_ip;
status = UuidCreate(&(filter.filterKey));
if (status != NO_ERROR)
{
return status;
}
filter.layerKey = FWPM_LAYER_ALE_CONNECT_REDIRECT_V4;
//With this layerKey filter doesn't work,
//but with FWPM_LAYER_ALE_AUTH_CONNECT_V4 filter works properly
filter.displayData.name = L"Blocking filter";
filter.displayData.description = L"Blocks all trafic from current comp";
filter.action.type = FWP_ACTION_BLOCK;
filter.subLayerKey = WFP_TEST_SUBLAYER;
filter.weight.type = FWP_UINT8;
filter.weight.uint8 = weight;
filter.filterCondition = filter_conditions;
filter.numFilterConditions = 1;
status = FwpmFilterAdd(engine_handle, &filter, 0, 0);
return 0;
}