question

RodrigoOrtega-9207 avatar image
0 Votes"
RodrigoOrtega-9207 asked Nandhagopal edited

WFP REMOTE_USER_ID field is always FWP_EMPTY

Hello.

We have developed a Windows Filtering Platform callout driver. We are trying to obtain de Remote User ID for an incoming connection, considering both TCP and UDP connections.

Three layers have been identified that provide the REMOTE_USER_ID fields:

  • ALE_AUTH_RECV_ACCEPT (FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ALE_REMOTE_USER_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ALE_REMOTE_USER_ID)

  • ALE_AUTH_CONNECT (FWPS_FIELD_ALE_AUTH_CONNECT_V4_ALE_REMOTE_USER_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ALE_REMOTE_USER_ID)

  • ALE_FLOW_ESTABLISHED (FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ALE_REMOTE_USER_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ALE_REMOTE_USER_ID)

However, the REMOTE_USER_ID related FWPS_INCOMING_VALUE0_ field is always FWP_EMPTY for the given layers.

  1. Is this an expected behaviour?

  2. How can we obtain the REMOTE_USER_ID?

Thanks a lot in advance!

not-supportedwindows-10-network
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CandyLuo-MSFT avatar image
0 Votes"
CandyLuo-MSFT answered CandyLuo-MSFT edited

Hi ,

Driver Development is currently not supported in the Q&A forums, the supported products are listed over here: https://docs.microsoft.com/en-us/answers/products/ (more to be added later on).

For the related questions about Driver Development you can ask in here:

https://social.msdn.microsoft.com/Forums/windowshardware/en-US/home?forum=wdk


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RodrigoOrtega-9207 avatar image
0 Votes"
RodrigoOrtega-9207 answered CandyLuo-MSFT commented

Hello.

Thanks for the clarification @CandyLuo-MSFT. I will move the request then.

Regards,

Rodrigo

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

You are welcome. :)

0 Votes 0 ·