HostAccessCheck Method of the IFWXSession Interface
The HostAccessCheck method checks the permission of the session user to access a specified host, by using the access rules.
Syntax
HRESULT HostAccessCheck(
[in] REFGUID FilterGuid,
[in] REFGUID ProtocolGuid,
[in] LPHOSTENT Hostent,
[in] USHORT SrcPort,
[in] LPCSTR pszPath,
[in] LPCSTR pszMime,
[in, optional] DWORD dwFlags,
[in] IUnknown** ProcessedRulesData
);
Parameters
FilterGuid
Reference to the GUID identifying the filter that the connection is part of.ProtocolGuid
Reference to the GUID that identifies the protocol.Hostent
Pointer to a hostent structure that specifies the host.SrcPort
The source port number.pszPath
Pointer to a null-terminated string containing the path to be checked. This parameter may be NULL if the path is unknown or irrelevant.pszMime
Pointer to a null-terminated string containing the MIME data type (such as "text/html") to be checked. This parameter can be NULL if the MIME type is unknown or irrelevant.dwFlags
HostAccessCheck flags. This parameter can be a bitwise combination of the following values, or 0 if none of the options apply:Value Meaning FWX_FLAG_USE_MIME
The pszMime parameter is currently NULL, but may be known later. If this flag is specified, and the pszMime parameter is NULL and the MIME type is required for processing of the rules, FWX_E_MIME_NEEDED will be returned.
FWX_FLAG_USE_EXTENTION
Use the extension of the pszPath parameters for content filtering.
FWX_FLAG_CHECK_PUBLISHING
Use this parameter to include publishing rules in the permission decision. If this parameter is not set, publishing rules will not be taken into consideration. This flag is typically used with FWX_FLAG_BYPASS_ALLOW_ACCESS. When these parameters are used together, only deny rules and publishing rules will be checked.
FWX_FLAG_BYPASS_ALLOW_ACCESS
Use this parameter to instruct the Microsoft Firewall service not to check allow rules. This flag is typically used with FWX_FLAG_CHECK_PUBLISHING. When these parameters are used together, only deny rules and publishing rules will be checked.
ProcessedRulesData
Data regarding the per-rule configuration of the filter. This data is processed by the Firewall service when it starts, or when you change the rules.
Return Value
S_OK
The user is allowed to access the host.S_FALSE
The user is denied access to the host.E_INVALIDARG
More than one host name or IP address was specified in the Hostent parameter.FWX_E_MIME_NEEDED
The FWX_FLAG_USE_MIME flag was specified, but the pszMime parameter was NULL. The MIME type is required to complete the processing of the rules.Error code
The method failed.
Remarks
The hostent structure may contain a host name or an IP address, or both a host name and an IP address, but it may not contain more than one host name or IP address. Access is checked based on the information available in the hostent structure.
Requirements
Server | Requires Windows Server 2008 R2 or Windows Server 2008 x64 Edition with SP2. |
Version | Requires Forefront Threat Management Gateway (TMG) 2010. |
Header | Declared in Wspfwext.idl. |
DLL | Requires Wspsrv.exe. |
See Also
IFWXSession
IFWXFirewall::CreatePrivateSession
Send comments about this topic to Microsoft
Build date: 6/30/2010