FWPM_FILTER_CONDITION0 structure (fwpmtypes.h)
The FWPM_FILTER_CONDITION0 structure expresses a filter condition that must be true for the action to be taken.
Syntax
typedef struct FWPM_FILTER_CONDITION0_ {
GUID fieldKey;
FWP_MATCH_TYPE matchType;
FWP_CONDITION_VALUE0 conditionValue;
} FWPM_FILTER_CONDITION0;
Members
fieldKey
GUID of the field to be tested. The available keys are listed under Filtering Condition Identifiers.
matchType
A FWP_MATCH_TYPE value that specifies the type of match to be performed.
conditionValue
A FWP_CONDITION_VALUE0 structure that contains the value to match the field against.
Remarks
Field GUIDs are only unique within a layer, so both the field GUID and the layer GUID are required to uniquely identify a field.
The data type of
FWP_MATCH_TYPE for detailed compatibility rules.
FWPM_FILTER_CONDITION0 is a specific implementation of FWPM_FILTER_CONDITION. See WFP Version-Independent Names and Targeting Specific Versions of Windows for more information.
Examples
The following C++ example shows how to initialize and add conditions to a filter.
#include <windows.h>
#include <fwpmu.h>
#include <stdio.h>
#pragma comment(lib, "Fwpuclnt.lib")
// Some application to use for filter testing.
#define FILE0_PATH L"C:\\Program Files\\AppDirectory\\SomeApplication.exe"
void main()
{
FWP_BYTE_BLOB *fwpApplicationByteBlob;
FWPM_FILTER0 fwpFilter;
FWPM_FILTER_CONDITION0 fwpConditions[4];
int conCount = 0;
DWORD result = ERROR_SUCCESS;
fwpApplicationByteBlob = (FWP_BYTE_BLOB*) malloc(sizeof(FWP_BYTE_BLOB));
printf("Retrieving application identifier for filter testing.\n");
result = FwpmGetAppIdFromFileName0(FILE0_PATH, &fwpApplicationByteBlob);
if (result != ERROR_SUCCESS)
{
printf("FwpmGetAppIdFromFileName failed (%d).\n", result);
return;
}
// Application identifier filter condition.
fwpConditions[conCount].fieldKey = FWPM_CONDITION_ALE_APP_ID;
fwpConditions[conCount].matchType = FWP_MATCH_EQUAL;
fwpConditions[conCount].conditionValue.type = FWP_BYTE_BLOB_TYPE;
fwpConditions[conCount].conditionValue.byteBlob = fwpApplicationByteBlob;
++conCount;
// TCP protocol filter condition
fwpConditions[conCount].fieldKey = FWPM_CONDITION_IP_PROTOCOL;
fwpConditions[conCount].matchType = FWP_MATCH_EQUAL;
fwpConditions[conCount].conditionValue.type = FWP_UINT8;
fwpConditions[conCount].conditionValue.uint8 = IPPROTO_TCP;
++conCount;
// Add conditions and condition count to a filter.
memset(&fwpFilter, 0, sizeof(FWPM_FILTER0));
fwpFilter.numFilterConditions = conCount;
if (conCount > 0)
fwpFilter.filterCondition = fwpConditions;
// Finish initializing filter...
return;
}
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Header | fwpmtypes.h |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for