netfw.h header
This header is used by Windows Firewall Technologies. For more information, see:
netfw.h contains the following programming interfaces:
Interfaces
| INetFwAuthorizedApplication The INetFwAuthorizedApplication interface provides access to the properties of an application that has been authorized have openings in the firewall. |
| INetFwAuthorizedApplications The INetFwAuthorizedApplications interface provides access to a collection of applications authorized open ports in the firewall. |
| INetFwIcmpSettings The INetFwIcmpSettings interface provides access to the settings controlling ICMP packets. |
| INetFwMgr The INetFwMgr interface provides access to the firewall settings for a computer. |
| INetFwOpenPort The INetFwOpenPort interface provides access to the properties of a port that has been opened in the firewall. |
| INetFwOpenPorts The INetFwOpenPorts interface is a standard Automation collection interface. |
| INetFwPolicy The INetFwPolicy interface provides access to a firewall policy. |
| INetFwPolicy2 To access the firewall policy. |
| INetFwProduct To access the properties of a third-party firewall registration. |
| INetFwProducts To access the methods and properties for registering third-party firewall products with Windows Firewall and for enumerating registered products. |
| INetFwProfile The INetFwProfile interface provides access to the firewall settings profile. |
| INetFwRemoteAdminSettings The INetFwRemoteAdminSettings interface provides access to the settings that control remote administration. |
| INetFwRule To the properties of a rule. |
| INetFwRule2 Allows an application or service to access all the properties of INetFwRule as well as the four edge properties of a firewall rule specified by NET_FW_EDGE_TRAVERSAL_TYPE. |
| INetFwRule3 Allows an application or service to access all the properties of INetFwRule2 and to provide access to the requirements of app containers. |
| INetFwRules Collection of firewall rules. |
| INetFwService The INetFwService interface provides access to the properties of a service that may be authorized to listen through the firewall. |
| INetFwServiceRestriction Access to the Windows Service Hardening networking rules. |
| INetFwServices The INetFwServices interface is a standard Automation interface which provides access to a collection of services that may be authorized to listen through the firewall. |
Functions
| NetworkIsolationDiagnoseConnectFailureAndGetInfo The NetworkIsolationDiagnoseConnectFailureAndGetInfo function gets information about a network isolation connection failure due to a missing capability. |
| NetworkIsolationEnumAppContainers The NetworkIsolationEnumAppContainers function enumerates all of the app containers that have been created in the system. |
| NetworkIsolationEnumerateAppContainerRules Enumerates all of the rules related to app containers. |
| NetworkIsolationFreeAppContainers The NetworkIsolationFreeAppContainers function is used to release memory resources allocated to one or more app containers. |
| NetworkIsolationGetAppContainerConfig The NetworkIsolationGetAppContainerConfig function is used to retrieve configuration information about one or more app containers. |
| NetworkIsolationGetEnterpriseIdAsync Gets the Enterprise ID based on Network Isolation endpoints in the context of the Windows Information Protection (WIP) or the Microsoft Defender Application Guard (MDAG) scenarios. |
| NetworkIsolationGetEnterpriseIdClose This API is used for closing the handle returned by NetworkIsolationGetEnterpriseIdAsync as well as for synchronizing the operation. |
| NetworkIsolationRegisterForAppContainerChanges The NetworkIsolationRegisterForAppContainerChanges function is used to register for the delivery of notifications regarding changes to an app container. |
| NetworkIsolationSetAppContainerConfig The NetworkIsolationSetAppContainerConfig function is used to set the configuration of one or more app containers. |
| NetworkIsolationSetupAppContainerBinaries The NetworkIsolationSetupAppContainerBinaries function is used by software installers to provide information about the image paths of applications that are running in an app container. |
| NetworkIsolationUnregisterForAppContainerChanges The NetworkIsolationUnregisterForAppContainerChanges function is used to cancel an app container change registration and stop receiving notifications. |
Callback functions
| PAC_CHANGES_CALLBACK_FN The PAC_CHANGES_CALLBACK_FN callback function is used to add custom behavior to the app container change notification process. |
| PFN_FWADDDYNAMICKEYWORDADDRESS0 Function pointer type of the entry point in the service that you call to add the specified dynamic keyword address. |
| PFN_FWDELETEDYNAMICKEYWORDADDRESS0 Function pointer type of the entry point in the service that you call to delete the dynamic keyword address with the specified ID. |
| PFN_FWENUMDYNAMICKEYWORDADDRESSBYID0 Function pointer type of the entry point in the service that you call to enumerate the specific dynamic keyword addresses by ID. |
| PFN_FWENUMDYNAMICKEYWORDADDRESSESBYTYPE0 Function pointer type of the entry point in the service that you call to enumerate dynamic keyword addresses by type. You can request a particular subset of objects based on the enumeration flags passed in. |
| PFN_FWFREEDYNAMICKEYWORDADDRESSDATA0 Function pointer type of the entry point in the service that you call to free dynamic keyword address data structs allocated by the service. |
| PFN_FWUPDATEDYNAMICKEYWORDADDRESS0 Function pointer type of the entry point in the service that you call to update the dynamic keyword address with the input ID. |
Structures
| FW_DYNAMIC_KEYWORD_ADDRESS_DATA0 Holds the data returned to the client when the Enumeration APIs are called. |
| FW_DYNAMIC_KEYWORD_ADDRESS0 Allows the client to create a dynamic keyword address, which holds a list of IP addresses. |
| INET_FIREWALL_AC_BINARIES The INET_FIREWALL_AC_BINARIES structure contains the binary paths to applications running in an app container. |
| INET_FIREWALL_AC_CAPABILITIES The INET_FIREWALL_AC_CAPABILITIES structure contains information about the capabilities of an app container. |
| INET_FIREWALL_AC_CHANGE The INET_FIREWALL_AC_CHANGE structure contains information about a change made to an app container. (INET_FIREWALL_AC_CHANGE) |
| INET_FIREWALL_APP_CONTAINER The INET_FIREWALL_APP_CONTAINER structure contains information about a specific app container. (INET_FIREWALL_APP_CONTAINER) |
Enumerations
| FW_DYNAMIC_KEYWORD_ADDRESS_ENUM_FLAGS Defines constants that specify the kind(s) of objects to include in an enumeration operation. |
| FW_DYNAMIC_KEYWORD_ADDRESS_FLAGS Defines constants that specify how IP addresses are to be resolved. |
| FW_DYNAMIC_KEYWORD_ORIGIN_TYPE Defines constants that specify the origin of the dynamic keyword address object in an FW_DYNAMIC_KEYWORD_ADDRESS_DATA0. |
| INET_FIREWALL_AC_CHANGE_TYPE The INET_FIREWALL_AC_CHANGE_TYPE enumeration specifies which type of app container change occurred. (INET_FIREWALL_AC_CHANGE_TYPE) |
| INET_FIREWALL_AC_CREATION_TYPE The INET_FIREWALL_AC_CREATION_TYPE enumeration specifies the type of app container creation events for which notifications will be delivered. |
| NETISO_ERROR_TYPE The NETISO_ERROR_TYPE enumeration specifies the type of error related to a network isolation operation. |
| NETISO_FLAG The NETISO_FLAG enumeration specifies whether binaries should be returned for app containers. (NETISO_FLAG) |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for