EmulateClientBind Method of the IFWXSession Interface
The EmulateClientBound method allows a client that did not create a remote bind to receive a primary inbound connection.
Syntax
HRESULT EmulateClientBind(
[in] LPSOCKADDR ClientAddress,
[in] DWORD ClientAddressLength,
[in] LPSOCKADDR ProxyAddress,
[in] DWORD ProxyAddressLength,
[in] INT Protocol,
[in] REFGUID ProtocolGuid,
[out] IFWXConnection** piConnection,
[in] BOOL fInternalAddressTranslation
);
Parameters
ClientAddress
Pointer to a sockaddr structure that contains the address that the client used.ClientAddressLength
Length, in bytes, of the ClientAddress parameter.ProxyAddress
Pointer to a sockaddr structure that contains the address to which the filter is to emulate a bind. This is usually an external IP address of the Forefront TMG computer and a specific port number. The EmulateClientBind method does not actually bind to that address. The address is used for the bind event generated.ProxyAddressLength
Length, in bytes, of the ProxyAddress parameter.Protocol
Protocol flag. This parameter can have the following flag values:Value Meaning FWX_PROTOCOL_TCP
The request is for a TCP socket.
FWX_PROTOCOL_UDP
The request is for a UDP socket.
ProtocolGuid
GUID identifying the protocol that the connection is part of.piConnection
Address of an interface pointer that on return points to the resulting IFWXConnection interface.fInternalAddressTranslation
Boolean value that indicates whether the translation of external addresses to internal addresses is to be enabled for the inbound connection.
Return Value
This method returns S_OK if the call is successful; otherwise, it returns an error code.
Remarks
This method should be called by a filter whose purpose is to enable a specific protocol. The filter uses this method when it needs to forward a primary connection made from an external source to a local computer that did not make a remote bind through the Microsoft Firewall service. For example, this could be a local computer that does not have Forefront TMG Client or Firewall Client installed and enabled.
This method will usually be called by a filter that is listening on some well-known port when it receives a connection. The filter decides (based on the source address, data exchange with the caller, a hard-coded address, and so on) that this call should be forwarded to some internal client.
The filter cannot use the BindForClient method because the well-known port is already in use and the connection was already made.
This method creates a connection object on which the caller can call the IFWXConnection::EmulateConnection method and forward the connection to the client.
Like other bind requests, any filter registered for the fwx_Bind_* events is notified about this bind and has an opportunity to deny it. It may also install a data filter. Other filters cannot emulate this bind because the caller is already emulating it.
Requirements
Server | Requires Windows Server 2008 R2 or Windows Server 2008 x64 Edition with SP2. |
Version | Requires Forefront Threat Management Gateway (TMG) 2010. |
Header | Declared in Wspfwext.idl. |
DLL | Requires Wspsrv.exe. |
See Also
IFWXSession
IFWXConnection::EmulateConnection
IFWXSession::BindForClient
Send comments about this topic to Microsoft
Build date: 6/30/2010