Imports System
Imports System.Runtime.InteropServices
Partial Public Module FirewallApi
''' The INET_FIREWALL_AC_CHANGE_TYPE enumeration specifies which type of app container change occurred.
Public Enum INET_FIREWALL_AC_CHANGE_TYPE
''' This value is reserved for system use.
INET_FIREWALL_AC_CHANGE_INVALID
''' An app container was created.
INET_FIREWALL_AC_CHANGE_CREATE
''' An app container was deleted.
INET_FIREWALL_AC_CHANGE_DELETE
''' Maximum value for testing purposes.
INET_FIREWALL_AC_CHANGE_MAX
End Enum
'''
''' The NetworkIsolationDiagnoseConnectFailureAndGetInfo function gets information about a network isolation connection failure
''' due to a missing capability. This function can be used to identify the capabilities required to connect to a server.
'''
'''
''' Type: LPCWSTR
''' Name (or IP address literal string) of the server to which a connection was attempted.
'''
'''
''' Type: NETISO_ERROR_TYPE*
''' The error that has occurred, indicating which network capability was missing and thus caused the failure.
'''
'''
''' Type: DWORD
''' Returns ERROR_SUCCESS if successful, or an error value otherwise.
'''
Public Function NetworkIsolationDiagnoseConnectFailureAndGetInfo(
ByVal wszServerName As String, ByRef netIsoError As NETISO_ERROR_TYPE) As Win32Error
End Function
'''
''' The NetworkIsolationFreeAppContainers function is used to release memory resources allocated to one or more app containers
'''
'''
''' Type: PINET_FIREWALL_APP_CONTAINER
''' The app container memory resources to be freed.
'''
'''
''' Type: DWORD
''' Returns ERROR_SUCCESS if successful, or an error value otherwise.
'''
Public Function NetworkIsolationFreeAppContainers(
<[In]> ByVal pPublicAppCs As IntPtr) As Win32Error
End Function
'''
''' The NetworkIsolationGetAppContainerConfig function is used to retrieve configuration information about one or more app containers.
'''
'''
''' Type: DWORD*
''' The number of app containers in the appContainerSids member.
'''
'''
''' Type: PSID_AND_ATTRIBUTES*
''' The security identifiers (SIDs) of app containers that are allowed to send loopback traffic. Used for debugging purposes.
'''
'''
''' Type: DWORD
''' Returns ERROR_SUCCESS if successful, or an error value otherwise.
'''
'''
'''
''' Note that it is the calling program's responsibility to free the memory associated with the PSID_AND_ATTRIBUTES structure. The
''' following code sample shows how to call this function. The FreeAppContainerConfig function shows how to free all of the associated memory.
'''
'''
''' #include "stdafx.h" #include <netfw.h> typedef DWORD (WINAPI *FN_NETWORKISOLATIONGETAPPCONTAINERCONFIG)( _Out_ DWORD *pdwNumPublicAppCs, _Outptr_result_buffer_(*pdwNumPublicAppCs) PSID_AND_ATTRIBUTES *appContainerSids ); void FreeAppContainerConfig( __in DWORD sidCount, __in_ecount(sidCount) SID_AND_ATTRIBUTES *srcSidAttrib ) { DWORD dwIndex = 0; for (dwIndex = 0; dwIndex < sidCount; dwIndex++) { HeapFree(GetProcessHeap(), 0, srcSidAttrib[dwIndex].Sid); } HeapFree(GetProcessHeap(), 0, srcSidAttrib); } int _tmain(int argc, _TCHAR* argv[]) { DWORD dwErr = 0; PSID_AND_ATTRIBUTES appContainerSids = NULL; DWORD dwCount = 0; HMODULE hModule = NULL; FN_NETWORKISOLATIONGETAPPCONTAINERCONFIG pfnNetworkIsolationGetAppContainerConfig = NULL; hModule = LoadLibraryW(L"FirewallAPI.dll"); if (hModule == NULL) { dwErr = GetLastError(); goto Cleanup; } pfnNetworkIsolationGetAppContainerConfig = (FN_NETWORKISOLATIONGETAPPCONTAINERCONFIG)GetProcAddress( hModule, "NetworkIsolationGetAppContainerConfig" ); if (pfnNetworkIsolationGetAppContainerConfig == NULL) { dwErr = GetLastError(); goto Cleanup; } dwErr = pfnNetworkIsolationGetAppContainerConfig( &dwCount, &appContainerSids ); if (dwErr != ERROR_SUCCESS) { goto Cleanup; } // Process the app container sids Cleanup: FreeAppContainerConfig( dwCount, appContainerSids ); if (hModule != NULL) { FreeLibrary(hModule); } return 0; }
'''
'''
Public Function NetworkIsolationGetAppContainerConfig( ByRef pdwNumPublicAppCs As UInteger, ByRef appContainerSids As IntPtr) As Win32Error
End Function
'''
''' The NetworkIsolationRegisterForAppContainerChanges function is used to register for the delivery of notifications regarding
''' changes to an app container.
'''
'''
''' Type: DWORD
''' A bitmask value of control flags which specify when to receive notifications. May contain one or more of the following flags.
'''
'''
''' Value
''' Meaning
'''
''' -
''' INET_FIREWALL_AC_NONE 0x00
''' No notifications will be delivered.
'''
''' -
''' INET_FIREWALL_AC_PACKAGE_ID_ONLY 0x01
''' Notifications will be delivered when an app container is created with a package identifier.
'''
''' -
''' INET_FIREWALL_AC_BINARY 0x02
''' Notifications will be delivered when an app container is created with a binary path.
'''
''' -
''' INET_FIREWALL_AC_MAX 0x04
''' Maximum value for testing purposes.
'''
'''
'''
'''
''' Type: PAC_CHANGES_CALLBACK_FN
''' Function pointer that will be invoked when a notification is ready for delivery.
'''
'''
''' Type: PVOID
''' Optional context pointer. This pointer is passed to the callback function along with details of the change.
'''
'''
''' Type: HANDLE*
''' Handle to the newly created registration.
'''
'''
''' Type: DWORD
''' Returns ERROR_SUCCESS if successful, or an error value otherwise.
'''
Public Function NetworkIsolationRegisterForAppContainerChanges(ByVal flags As INET_FIREWALL_AC_CREATION_TYPE, ByVal callback As PAC_CHANGES_CALLBACK_FN,
<[In], [Optional]> ByVal context As IntPtr, ByRef registrationObject As HANDLE) As Win32Error
End Function
'''
''' The NetworkIsolationUnregisterForAppContainerChanges function is used to cancel an app container change registration and stop
''' receiving notifications.
'''
'''
''' Type: HANDLE
''' Handle to the previously created registration.
'''
'''
''' Type: DWORD
''' Returns ERROR_SUCCESS if successful, or an error value otherwise.
'''
Public Function NetworkIsolationUnregisterForAppContainerChanges(ByVal registrationObject As HANDLE) As Win32Error
End Function
''' The INET_FIREWALL_AC_CAPABILITIES structure contains information about the capabilities of an app container.
Public Structure INET_FIREWALL_AC_CAPABILITIES
'''
''' Type: DWORD
''' The number of security identifiers (SIDs) in the capabilities member.
'''
Public count As UInteger
'''
''' Type: SID_AND_ATTRIBUTES*
''' Security information related to the app container's capabilities.
'''
Public capabilities As IntPtr
End Structure
''' The INET_FIREWALL_APP_CONTAINER structure contains information about an specific app container.
Public Structure INET_FIREWALL_APP_CONTAINER
'''
''' Type: SID*
''' The package identifier of the app container
'''
Public appContainerSid As PSID
'''
''' Type: SID*
''' The security identifier (SID) of the user to whom the app container belongs.
'''
Public userSid As PSID
'''
''' Type: LPWSTR
''' The app container's globally unique name.
''' Also referred to as the Package Family Name, for the app container of a Windows Store app.
'''
Public appContainerName As String
'''
''' Type: LPWSTR
''' Friendly name of the app container
'''
Public displayName As String
'''
''' Type: LPWSTR
''' A description of the app container (its use, the objective of the application that uses it, etc.)
'''
Public description As String
'''
''' Type: INET_FIREWALL_AC_CAPABILITIES
''' The capabilities of the app container.
'''
Public capabilities As INET_FIREWALL_AC_CAPABILITIES
'''
''' Type: INET_FIREWALL_AC_BINARIES
''' Binary paths to the applications running in the app container.
'''
Public binaries As INET_FIREWALL_AC_BINARIES
'''
Public workingDirectory As String
'''
Public packageFullName As String
End Structure
End Module