Calling Other Windows Filtering Platform Functions
2017-02-07 18:33
134 查看
Many of the other Windows Filtering Platform functions that are available to user-mode management applications are also available to callout drivers. This enables a callout driver to perform management tasks, such as adding filters to the filter engine.
The only difference between the user-mode and kernel-mode versions of these functions is the data type that is returned. The user-mode functions return Win32 error codes, whereas the kernel-mode functions return the equivalent NTSTATUS codes.
许多用户模式使用的WFP函数对于callout driver也是可以使用的,这使callout driver可以执行向过滤引擎添加过滤器的操作。这些函数在用户模式和内核模式之间的不同仅仅是返回类型不同,用户模式返回win32错误码,而内核返回NTSTATUS值。
Most of the Windows Filtering Platform management functions require a handle to an open session to the filter engine as a parameter. The following topics discuss how a callout driver can open and close a session to the filter engine.
许多WFP管理函数需要一个打开过滤引擎的会话句柄。
A callout driver must open a session to the filter engine to perform management tasks such as adding filters to the filter engine. A callout driver opens a session to the filter engine by calling the
FwpmEngineOpen0 function. For example:
callout驱动可以调用FwpmEngineOpen0函数打开一个会话,然后可以后续执行添加过滤器的操作。
HANDLE engineHandle;
NTSTATUS status;
// Open a session to the filter engine
status =
FwpmEngineOpen0(
NULL, // The filter engine on the local system
RPC_C_AUTHN_WINNT, // Use the Windows authentication service
NULL, // Use the calling thread's credentials
NULL, // There are no session-specific parameters
&engineHandle // Pointer to a variable to receive the handle
);
After a callout driver has successfully opened a session to the filter engine, it can use the returned handle to call the other Windows Filtering Platform management functions.
After a callout driver has performed the desired management tasks, it should close the session to the filter engine. A callout driver does this by calling the
FwpmEngineClose0 function. For example:
执行完必须的操作后,应该关闭会话。调用FwpmEngineClose0关闭会话。
status =
FwpmEngineClose0(
engineHandle // An handle to the open session
);
The only difference between the user-mode and kernel-mode versions of these functions is the data type that is returned. The user-mode functions return Win32 error codes, whereas the kernel-mode functions return the equivalent NTSTATUS codes.
许多用户模式使用的WFP函数对于callout driver也是可以使用的,这使callout driver可以执行向过滤引擎添加过滤器的操作。这些函数在用户模式和内核模式之间的不同仅仅是返回类型不同,用户模式返回win32错误码,而内核返回NTSTATUS值。
Most of the Windows Filtering Platform management functions require a handle to an open session to the filter engine as a parameter. The following topics discuss how a callout driver can open and close a session to the filter engine.
许多WFP管理函数需要一个打开过滤引擎的会话句柄。
A callout driver must open a session to the filter engine to perform management tasks such as adding filters to the filter engine. A callout driver opens a session to the filter engine by calling the
FwpmEngineOpen0 function. For example:
callout驱动可以调用FwpmEngineOpen0函数打开一个会话,然后可以后续执行添加过滤器的操作。
HANDLE engineHandle;
NTSTATUS status;
// Open a session to the filter engine
status =
FwpmEngineOpen0(
NULL, // The filter engine on the local system
RPC_C_AUTHN_WINNT, // Use the Windows authentication service
NULL, // Use the calling thread's credentials
NULL, // There are no session-specific parameters
&engineHandle // Pointer to a variable to receive the handle
);
After a callout driver has successfully opened a session to the filter engine, it can use the returned handle to call the other Windows Filtering Platform management functions.
After a callout driver has performed the desired management tasks, it should close the session to the filter engine. A callout driver does this by calling the
FwpmEngineClose0 function. For example:
执行完必须的操作后,应该关闭会话。调用FwpmEngineClose0关闭会话。
status =
FwpmEngineClose0(
engineHandle // An handle to the open session
);
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- WFP-Windows Filtering Platform Traffic Inspection Sample 启动时候 发生系统错误87
- Introduction to Windows Filtering Platform Callout Drivers
- Windows Filtering Platform 结构和简介
- 转载:Calling JavaScript Functions in Windows Phone 7
- Platform Invoke and Marshaling Data: [2/3] Calling the Windows CE API
- Windows Filtering Platform 结构和简介
- This application failed to start because it could not find or load the Qt platform plugin “windows”错误解决方法
- windows Azure platform扫盲
- Microsoft Platform SDK for Windows Server 2003 R2
- Config PHP and MySQL on Windows XP platform
- Why do Windows functions all begin with a pointless MOV EDI, EDI instruction?
- Using Eclipse with PyDev to build a Python development environment on Windows platform
- Windows Azure Platform Training Kit - September Update
- Qt:Application failed to start because platform plugin “windows” is missing.
- eclipes CDT : Creating a simple Standard C++ Project -- "Hello World on a Windows Platform"
- CP Socket编程 C/C++实现 (Windows Platform SDK)
- Qt程序运行提示“it could not find or load the QT platform plugin “windows””
- Windows Azure Platform Training Kit6月7日更新
- Windows Azure Platform Introduction (14) 申请海外的Windows Azure账户
- Windows Azure Platform (三)云计算的特点