namespace Vanara.PInvoke; public static partial class FwpUClnt { ///

/// /// Requests the delivery of notifications regarding changes to particular dynamic keyword address (FW_DYNAMIC_KEYWORD_ADDRESS0) objects. /// Based on the flag passed in, notifications can be raised for only a subset of the addresses. /// /// For more info, and code examples, see Firewall dynamic keywords. ///

/// /// Type: _In_ DWORD /// The following flags are defined in /// fwpmu.h /// . /// /// /// FWPM_NOTIFY_ADDRESSES_AUTO_RESOLVE indicates that notifications will be delivered only for objects that have the /// FW_DYNAMIC_KEYWORD_ADDRESS_FLAGS_AUTO_RESOLVE flag set. /// /// /// FWPM_NOTIFY_ADDRESSES_NON_AUTO_RESOLVE indicates that notifications will be delivered only for objects that don't have the /// FW_DYNAMIC_KEYWORD_ADDRESS_FLAGS_AUTO_RESOLVE flag set. /// /// FWPM_NOTIFY_ADDRESSES_AUTO_RESOLVE indicates that notifications will be delivered for all dynamic keyword address objects. /// /// /// Type: _In_ FWPM_DYNAMIC_KEYWORD_CALLBACK0 /// A pointer to a callback function that you implement, which will be invoked when a notification is ready for delivery. /// /// /// Type: _In_opt_ void* /// An optional context pointer. This pointer is passed to the callback function. /// /// /// Type: _Out_ HANDLE* /// The address of a handle, which is populated with a handle to the newly created subscription. /// /// /// Type: DWORD /// If the function succeeds, then it returns ERROR_SUCCESS. Otherwise, it returns one of the following values. /// /// /// Return value /// Description /// /// /// ERROR_INVALID_PARAMETER /// The flags value is zero. /// /// /// /// /// Notifications for AutoResolve dynamic keyword addresses are delivered when an object is added or deleted. /// Notifications for non-AutoResolve dynamic keyword addresses are delivered when an object is added, deleted, or updated. /// /// No data is provided to the callback function. You can use the Enumeration API if you need information about what has changed /// on the system. /// /// /// You're responsible for closing the handle when you no longer need subscription. You must do so by calling the /// FwpmDynamicKeywordUnsubscribe0 function. /// /// /// Your implementation of FWPM_DYNAMIC_KEYWORD_CALLBACK0 should react to changes in dynamic keyword address objects quickly, because it /// is scheduled on a ThreadPool thread, and could affect other wait operations. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmdynamickeywordsubscribe0 DWORD FwpmDynamicKeywordSubscribe0( // DWORD flags, FWPM_DYNAMIC_KEYWORD_CALLBACK0 callback, void *context, HANDLE *subscriptionHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmDynamicKeywordSubscribe0")] public static extern Win32Error FwpmDynamicKeywordSubscribe0(FWPM_NOTIFY flags, [In] FWPM_DYNAMIC_KEYWORD_CALLBACK0 callback, [In, Optional] IntPtr context, out HFWPMDYNKEYSUB subscriptionHandle); ///

/// /// Cancels the delivery of notifications regarding changes to particular dynamic keyword address (FW_DYNAMIC_KEYWORD_ADDRESS0) objects. /// /// For more info, and code examples, see Firewall dynamic keywords. ///

/// /// Type: _In_ HANDLE /// The subscription handle that was returned from FwpmDynamicKeywordSubscribe0. /// /// /// Type: DWORD /// If the function succeeds, then it returns ERROR_SUCCESS. /// /// FwpmDynamicKeywordUnsubscribe0 waits for all callback functions to complete before returning. // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmdynamickeywordunsubscribe0 DWORD FwpmDynamicKeywordUnsubscribe0( // HANDLE subscriptionHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmDynamicKeywordUnsubscribe0")] public static extern Win32Error FwpmDynamicKeywordUnsubscribe0(HFWPMDYNKEYSUB subscriptionHandle); ///

The FwpmEngineGetOption0 function retrieves a filter engine option.

#include <windows.h> #include <fwpmu.h> #include <stdio.h> #pragma comment(lib, "Fwpuclnt.lib") void main() { HFWPENG engineHandle = NULL; DWORD result = ERROR_SUCCESS; FWPM_ENGINE_OPTION option = FWPM_ENGINE_COLLECT_NET_EVENTS; FWP_VALUE0* fwpValue = NULL; result = FwpmEngineOpen0( NULL, RPC_C_AUTHN_WINNT, NULL, NULL, &engineHandle ); if (result != ERROR_SUCCESS) { printf("FwpmEngineOpen0 failed.\n"); return; } result = FwpmEngineGetOption0( engineHandle, option, &fwpValue); if (result != ERROR_SUCCESS) { printf("FwpmEngineGetOption0 failed.\n"); return; } else if(fwpValue->type == FWP_UINT32) { if(fwpValue->uint32 == 1 ) printf("Network events are being collected.\n"); else printf("Network events are NOT being collected.\n"); } else printf("Unexpected data type received.\n"); FwpmFreeMemory0((void**)&fwpValue); return; }

/// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmenginegetoption0 DWORD FwpmEngineGetOption0( [in] HFWPENG // engineHandle, [in] FWPM_ENGINE_OPTION option, [out] FWP_VALUE0 **value ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmEngineGetOption0")] public static extern Win32Error FwpmEngineGetOption0([In] HFWPENG engineHandle, [In] FWPM_ENGINE_OPTION option, out SafeFwpmMem value); ///

The FwpmEngineGetOption0 function retrieves a filter engine option.

#include <windows.h> #include <fwpmu.h> #include <stdio.h> #pragma comment(lib, "Fwpuclnt.lib") void main() { HFWPENG engineHandle = NULL; DWORD result = ERROR_SUCCESS; FWPM_ENGINE_OPTION option = FWPM_ENGINE_COLLECT_NET_EVENTS; FWP_VALUE0* fwpValue = NULL; result = FwpmEngineOpen0( NULL, RPC_C_AUTHN_WINNT, NULL, NULL, &engineHandle ); if (result != ERROR_SUCCESS) { printf("FwpmEngineOpen0 failed.\n"); return; } result = FwpmEngineGetOption0( engineHandle, option, &fwpValue); if (result != ERROR_SUCCESS) { printf("FwpmEngineGetOption0 failed.\n"); return; } else if(fwpValue->type == FWP_UINT32) { if(fwpValue->uint32 == 1 ) printf("Network events are being collected.\n"); else printf("Network events are NOT being collected.\n"); } else printf("Unexpected data type received.\n"); FwpmFreeMemory0((void**)&fwpValue); return; }

/// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmenginegetoption0 DWORD FwpmEngineGetOption0( [in] HFWPENG // engineHandle, [in] FWPM_ENGINE_OPTION option, [out] FWP_VALUE0 **value ); [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmEngineGetOption0")] public static Win32Error FwpmEngineGetOption0([In] HFWPENG engineHandle, [In] FWPM_ENGINE_OPTION option, out TOut value) where TOut : struct { Win32Error err = FwpmEngineGetOption0(engineHandle, option, out SafeFwpmMem val); value = val.ToStructure().GetValueOrDefault(); return err; } ///

The FwpmEngineGetSecurityInfo0 function retrieves a copy of the security descriptor for the filter engine.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: SECURITY_INFORMATION /// The type of security information to retrieve. /// /// /// Type: PSID* /// The owner security identifier (SID) in the returned security descriptor. /// /// /// Type: PSID* /// The primary group security identifier (SID) in the returned security descriptor. /// /// /// Type: PACL* /// The discretionary access control list (DACL) in the returned security descriptor. /// /// /// Type: PACL* /// The system access control list (SACL) in the returned security descriptor. /// /// /// Type: PSECURITY_DESCRIPTOR* /// The returned security descriptor. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The security descriptor was retrieved successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// The returned securityDescriptor parameter must be freed through a call to FwpmFreeMemory0. The other four (optional) returned /// parameters must not be freed, as they point to addresses within the securityDescriptor parameter. /// /// /// This function behaves like the standard Win32 GetSecurityInfo function. The caller needs the same standard access rights as described /// in the GetSecurityInfo reference topic. /// /// /// FwpmEngineGetSecurityInfo0 is a specific implementation of FwpmEngineGetSecurityInfo. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// Examples /// The following C++ example illustrates initialization of a security descriptor object using FwpmEngineGetSecurityInfo0. /// ///

#include <windows.h> #include <fwpmu.h> #include <stdio.h> #pragma comment(lib, "Fwpuclnt.lib") void main() { HFWPENG engineHandle = NULL; DWORD result = ERROR_SUCCESS; PSECURITY_DESCRIPTOR securityDescriptor; SECURITY_INFORMATION securityInfo = OWNER_SECURITY_INFORMATION; // Several functions that use the SECURITY_DESCRIPTOR structure require that this // structure be aligned on a valid pointer boundary in memory. These boundaries // vary depending on the type of processor used. securityDescriptor = (PSECURITY_DESCRIPTOR) malloc(sizeof(SECURITY_DESCRIPTOR)); result = FwpmEngineOpen0( NULL, RPC_C_AUTHN_WINNT, NULL, NULL, &engineHandle ); if (result != ERROR_SUCCESS) { printf("FwpmEngineOpen0 failed.\n"); return; } result = FwpmEngineGetSecurityInfo0( engineHandle, securityInfo, NULL, NULL, NULL, NULL, &securityDescriptor); if (result != ERROR_SUCCESS) { printf("FwpmEngineGetSecurityInfo0 failed.\n"); return; } return; }

/// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmenginegetsecurityinfo0 DWORD FwpmEngineGetSecurityInfo0( [in] // HFWPENG engineHandle, [in] SECURITY_INFORMATION securityInfo, [out, optional] PSID *sidOwner, [out, optional] PSID *sidGroup, [out, // optional] PACL *dacl, [out, optional] PACL *sacl, [out] PSECURITY_DESCRIPTOR *securityDescriptor ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmEngineGetSecurityInfo0")] public static extern Win32Error FwpmEngineGetSecurityInfo0([In] HFWPENG engineHandle, [In] SECURITY_INFORMATION securityInfo, out PSID sidOwner, out PSID sidGroup, out PACL dacl, out PACL sacl, out SafeFwpmMem securityDescriptor); ///

The FwpmEngineSetOption0 function changes the filter engine settings.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_ENGINE_OPTION /// The option to be set. /// /// /// Type: FWP_VALUE0* /// The new option value. The data type contained in the newValue parameter should be FWP_UINT32. /// When option is FWPM_ENGINE_COLLECT_NET_EVENTS, newValue should be one of the following. /// /// /// Value /// Meaning /// /// /// 0 /// Do not collect network events. /// /// /// 1 /// Collect network events. This is the default setting. /// /// /// /// When option is FWPM_ENGINE_NET_EVENT_MATCH_ANY_KEYWORDS, newValue should be either 0 (zero) or a bitwise /// combination of the following values. /// /// /// Note If newValue is 0 the collection of inbound multicast and broadcast events is disabled. This is the default setting. /// /// /// /// Value /// Meaning /// /// /// FWPM_NET_EVENT_KEYWORD_INBOUND_MCAST 1 /// Collect inbound multicast network events. /// /// /// FWPM_NET_EVENT_KEYWORD_INBOUND_BCAST 2 /// Collect inbound broadcast network events. /// /// /// /// When option is FWPM_ENGINE_PACKET_QUEUING (available only in Windows 8 and Windows Server 2012), newValue should /// be one of the following. /// /// /// /// Value /// Meaning /// /// /// FWPM_ENGINE_OPTION_PACKET_QUEUE_NONE 0 /// Do not enable packet queuing. /// /// /// FWPM_ENGINE_OPTION_PACKET_QUEUE_INBOUND 1 /// Enable inbound packet queuing. /// /// /// FWPM_ENGINE_OPTION_PACKET_QUEUE_OUTBOUND 2 /// Enable outbound packet queuing. /// /// /// /// When option is FWPM_ENGINE_MONITOR_IPSEC_CONNECTIONS (available only in Windows 8 and Windows Server 2012), /// newValue should be the following. ( FwpmEngineSetOption0 may be used to enable connections, but will fail with /// FWP_E_STILL_ON ERROR when attempting to disable it.) /// /// /// /// Value /// Meaning /// /// /// 1 /// /// The IPsec Connection Monitoring feature will be enabled. New IPsec connection events will be logged as well as notifications sent. /// /// /// /// /// When option is FWPM_ENGINE_TXN_WATCHDOG_TIMEOUT_IN_MSEC (available only in Windows 8 and Windows Server 2012), /// newValue should be the time in milliseconds that specifies the maximum duration for a single WFP transaction. Transactions /// taking longer than this duration will trigger a watchdog event. /// /// The FWPM_ENGINE_NAME_CACHE option is reserved for internal use. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The option was set successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// This function cannot be called from within a transaction. It will fail with FWP_E_TXN_IN_PROGRESS. See Object Management for /// more information about transactions. /// /// /// This function cannot be called from within a dynamic session. It will fail with FWP_E_DYNAMIC_SESSION_IN_PROGRESS. See Object /// Management for more information about sessions. /// /// The caller needs FWPM_ACTRL_WRITE access to the filter engine. See Access Control for more information. /// The default settings for network event collection are as follows: /// /// /// Outbound, all (unicast, multicast, and broadcast) events are collected. /// /// /// Inbound, only unicast events are collected. /// /// /// Network event collection settings persist across reboots. /// To collect inbound broadcast and/or multicast network events, /// /// /// Call FwpmEngineSetOption0 with option set to FWPM_ENGINE_COLLECT_NET_EVENTS and newValue set to 1. /// /// /// /// Call FwpmEngineSetOption0 with option set to FWPM_ENGINE_NET_EVENT_MATCH_ANY_KEYWORDS and newValue parameter set /// to FWPM_NET_EVENT_KEYWORD_INBOUND_MCAST and/or FWPM_NET_EVENT_KEYWORD_INBOUND_BCAST. /// /// /// /// To stop collecting inbound broadcast and/or multicast network events, /// /// /// /// Call FwpmEngineSetOption0 with option set to FWPM_ENGINE_NET_EVENT_MATCH_ANY_KEYWORDS and newValue parameter set /// to 0 (zero). /// /// /// /// /// Disabling and re-enabling of network event collection (FWPM_ENGINE_COLLECT_NET_EVENTS) does not reset the collection of inbound /// broadcast and multicast events. /// /// /// FwpmEngineSetOption0 is a specific implementation of FwpmEngineSetOption. See WFP Version-Independent Names and Targeting /// Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmenginesetoption0 DWORD FwpmEngineSetOption0( [in] HFWPENG // engineHandle, [in] FWPM_ENGINE_OPTION option, [in] const FWP_VALUE0 *newValue ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmEngineSetOption0")] public static extern Win32Error FwpmEngineSetOption0([In] HFWPENG engineHandle, [In] FWPM_ENGINE_OPTION option, in FWP_VALUE0 newValue); ///

/// The FwpmEngineSetSecurityInfo0 function sets specified security information in the security descriptor of the filter engine. ///

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: SECURITY_INFORMATION /// The type of security information to set. /// /// /// Type: const SID* /// The owner's security identifier (SID) to be set in the security descriptor. /// /// /// Type: const SID* /// The group's SID to be set in the security descriptor. /// /// /// Type: const ACL* /// The discretionary access control list (DACL) to be set in the security descriptor. /// /// /// Type: const ACL* /// The system access control list (SACL) to be set in the security descriptor. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The security descriptor was set successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// FwpmEngineSetSecurityInfo0 cannot be called from within a transaction. It will fail with FWP_E_TXN_IN_PROGRESS. See /// Object Management for more information about transactions. /// /// /// FwpmEngineSetSecurityInfo0 behaves like the standard Win32 SetSecurityInfo function. The caller needs the same standard access /// rights as described in the SetSecurityInfo reference topic. /// /// /// FwpmEngineSetSecurityInfo0 is a specific implementation of FwpmEngineSetSecurityInfo. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmenginesetsecurityinfo0 DWORD FwpmEngineSetSecurityInfo0( [in] // HFWPENG engineHandle, [in] SECURITY_INFORMATION securityInfo, [in, optional] const SID *sidOwner, [in, optional] const SID *sidGroup, // [in, optional] const ACL *dacl, [in, optional] const ACL *sacl ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmEngineSetSecurityInfo0")] public static extern Win32Error FwpmEngineSetSecurityInfo0([In] HFWPENG engineHandle, [In] SECURITY_INFORMATION securityInfo, [In, Optional] PSID sidOwner, [In, Optional] PSID sidGroup, [In, Optional] PACL dacl, [In, Optional] PACL sacl); ///

The FwpmFilterAdd0 function adds a new filter object to the system.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_FILTER0* /// The filter object to be added. /// /// /// Type: SECURITY_DESCRIPTOR /// Security information about the filter object. /// /// /// Type: UINT64* /// The runtime identifier for this filter. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The filter was successfully added. /// /// /// ERROR_INVALID_SECURITY_DESCR 0x8007053A /// The security descriptor structure is invalid. Or, a filter condition contains a security descriptor in absolute format. /// /// /// FWP_E_CALLOUT_NOTIFICATION_FAILED 0x80320037 /// The caller added a callout filter and the callout returned an error from its notification routine. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// FwpmFilterAdd0 adds the filter to the specified sub-layer at every filtering layer in the system. /// Some fields in the FWPM_FILTER0 structure are assigned by the system, not the caller, and are ignored in the call to FwpmFilterAdd0. /// If the caller supplies a NULL security descriptor, the system will assign a default security descriptor. /// /// To block connections to particular locations, add a FWP_ACTION_BLOCK filter specifying the local address at the /// FWPM_LAYER_ALE_AUTH_CONNECT_V* layer, or add a FWP_ACTION_BLOCK filter without specifying the local address at the /// FWPM_LAYER_ALE_RESOURCE_ASSIGNMENT_V* layer. /// /// /// Note /// /// If a local address is specified at the resource assignment layer, an implicit bind would succeed because address, address type, and /// port may come back as FWP_EMPTY. /// /// /// /// The FWPM_FILTER0 structure can label a filter as a boot-time or persistent filter. Boot-time filters are added to the Base Filtering /// Engine (BFE) when the TCP/IP driver starts, and are removed once the BFE finishes initialization. Persistent objects are added when /// the BFE starts. /// /// /// This function cannot be called from within a read-only transaction. It will fail with FWP_E_INCOMPATIBLE_TXN. See Object /// Management for more information about transactions. /// /// The caller needs the following access rights: /// /// /// FWPM_ACTRL_ADD access to the filter's container /// /// /// FWPM_ACTRL_ADD_LINK access to the provider (if any) /// /// /// FWPM_ACTRL_ADD_LINK access to the applicable layer /// /// /// FWPM_ACTRL_ADD_LINK access to the applicable sub-layer /// /// /// FWPM_ACTRL_ADD_LINK access to the callout (if any) /// /// /// FWPM_ACTRL_ADD_LINK access to the provider context (if any). /// /// /// See Access Control for more information. /// To add a filter that references a callout, invoke the functions in the following order. /// /// /// Call FwpsCalloutRegister0 (documented in the Windows Driver Kit (WDK)), to register the callout with the filter engine. /// /// /// Call FwpmCalloutAdd0 to add the callout to the system. /// /// /// Call FwpmFilterAdd0 to add the filter that references the callout to the system. /// /// /// /// By default filters that reference callouts that have been added but have not yet registered with the filter engine are treated as /// Block filters. /// /// /// FwpmFilterAdd0 is a specific implementation of FwpmFilterAdd. See WFP Version-Independent Names and Targeting Specific /// Versions of Windows for more information. /// /// Examples /// /// The following C++ example shows how to initialize and add a filter using FwpmFilterAdd0 that specifically blocks traffic on IP /// V4 for all applications. /// /// ///

 // Add filter to block traffic on IP V4 for all applications. // FWPM_FILTER0 fwpFilter; FWPM_SUBLAYER0 fwpFilterSubLayer; RtlZeroMemory(&fwpFilter, sizeof(FWPM_FILTER0)); fwpFilter.layerKey = FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4; fwpFilter.action.type = FWP_ACTION_BLOCK; if (&fwpFilterSubLayer.subLayerKey != NULL) fwpFilter.subLayerKey = fwpFilterSubLayer.subLayerKey; fwpFilter.weight.type = FWP_EMPTY; // auto-weight. fwpFilter.numFilterConditions = 0; // this applies to all application traffic fwpFilter.displayData.name = L"Receive/Accept Layer Block"; fwpFilter.displayData.description = L"Filter to block all inbound connections."; printf("Adding filter to block all inbound connections.\n"); result = FwpmFilterAdd0(engineHandle, &fwpFilter, NULL, NULL); if (result != ERROR_SUCCESS) printf("FwpmFilterAdd0 failed. Return value: %d.\n", result); else printf("Filter added successfully.\n");

/// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfilteradd0 DWORD FwpmFilterAdd0( [in] HFWPENG engineHandle, [in] // const FWPM_FILTER0 *filter, [in, optional] PSECURITY_DESCRIPTOR sd, [out, optional] UINT64 *id ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterAdd0")] public static extern Win32Error FwpmFilterAdd0([In] HFWPENG engineHandle, in FWPM_FILTER0 filter, [In, Optional] PSECURITY_DESCRIPTOR sd, out ulong id); ///

The FwpmFilterCreateEnumHandle0 function creates a handle used to enumerate a set of filter objects.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_FILTER_ENUM_TEMPLATE0* /// Template to selectively restrict the enumeration. /// /// /// Type: HANDLE* /// The handle for filter enumeration. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The enumerator was created successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// If enumTemplate is NULL, all filters are returned. /// /// The enumerator is not "live", meaning it does not reflect changes made to the system after the call to /// FwpmFilterCreateEnumHandle0 returns. If you need to ensure that the results are current, you must call /// FwpmFilterCreateEnumHandle0 and FwpmFilterEnum0 from within the same explicit transaction. /// /// The caller must free the returned handle by a call to FwpmFilterDestroyEnumHandle0. /// /// The caller needs FWPM_ACTRL_ENUM access to the filters' containers and FWPM_ACTRL_READ access to the filters. Only filters to /// which the caller has FWPM_ACTRL_READ access will be returned. See Access Control for more information. /// /// /// FwpmFilterCreateEnumHandle0 is a specific implementation of FwpmFilterCreateEnumHandle. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfiltercreateenumhandle0 DWORD FwpmFilterCreateEnumHandle0( [in] // HFWPENG engineHandle, [in, optional] const FWPM_FILTER_ENUM_TEMPLATE0 *enumTemplate, [out] HANDLE *enumHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterCreateEnumHandle0")] public static extern Win32Error FwpmFilterCreateEnumHandle0([In] HFWPENG engineHandle, in FWPM_FILTER_ENUM_TEMPLATE0 enumTemplate, out HANDLE enumHandle); ///

The FwpmFilterCreateEnumHandle0 function creates a handle used to enumerate a set of filter objects.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_FILTER_ENUM_TEMPLATE0* /// Template to selectively restrict the enumeration. /// /// /// Type: HANDLE* /// The handle for filter enumeration. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The enumerator was created successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// If enumTemplate is NULL, all filters are returned. /// /// The enumerator is not "live", meaning it does not reflect changes made to the system after the call to /// FwpmFilterCreateEnumHandle0 returns. If you need to ensure that the results are current, you must call /// FwpmFilterCreateEnumHandle0 and FwpmFilterEnum0 from within the same explicit transaction. /// /// The caller must free the returned handle by a call to FwpmFilterDestroyEnumHandle0. /// /// The caller needs FWPM_ACTRL_ENUM access to the filters' containers and FWPM_ACTRL_READ access to the filters. Only filters to /// which the caller has FWPM_ACTRL_READ access will be returned. See Access Control for more information. /// /// /// FwpmFilterCreateEnumHandle0 is a specific implementation of FwpmFilterCreateEnumHandle. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfiltercreateenumhandle0 DWORD FwpmFilterCreateEnumHandle0( [in] // HFWPENG engineHandle, [in, optional] const FWPM_FILTER_ENUM_TEMPLATE0 *enumTemplate, [out] HANDLE *enumHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterCreateEnumHandle0")] public static extern Win32Error FwpmFilterCreateEnumHandle0([In] HFWPENG engineHandle, [In, Optional] IntPtr enumTemplate, out HANDLE enumHandle); ///

The FwpmFilterDeleteById0 function removes a filter object from the system.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: UINT64 /// Runtime identifier for the object being removed from the system. This value is returned by the FwpmFilterAdd0 function. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The filter was successfully deleted. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// This function cannot be called from within a read-only transaction. It will fail with FWP_E_INCOMPATIBLE_TXN. See Object /// Management for more information about transactions. /// /// /// This function can be called within a dynamic session if the corresponding object was added during the same session. If this function /// is called for an object that was added during a different dynamic session, it will fail with FWP_E_WRONG_SESSION. If this /// function is called for an object that was not added during a dynamic session, it will fail with FWP_E_DYNAMIC_SESSION_IN_PROGRESS. /// /// The caller needs DELETE access to the filter. See Access Control for more information. /// /// FwpmFilterDeleteById0 is a specific implementation of FwpmFilterDeleteById. See WFP Version-Independent Names and Targeting /// Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfilterdeletebyid0 DWORD FwpmFilterDeleteById0( [in] HFWPENG // engineHandle, [in] UINT64 id ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterDeleteById0")] public static extern Win32Error FwpmFilterDeleteById0([In] HFWPENG engineHandle, ulong id); ///

The FwpmFilterDeleteByKey0 function removes a filter object from the system.

The FwpmFilterDestroyEnumHandle0 function frees a handle returned by FwpmFilterCreateEnumHandle0.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: HANDLE /// Handle of a filter enumeration created by a call to FwpmFilterCreateEnumHandle0. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The enumerator was successfully deleted. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// FwpmFilterDestroyEnumHandle0 is a specific implementation of FwpmFilterDestroyEnumHandle. See WFP Version-Independent Names /// and Targeting Specific Versions of Windows for more information. /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfilterdestroyenumhandle0 DWORD FwpmFilterDestroyEnumHandle0( // [in] HFWPENG engineHandle, [in] HANDLE enumHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterDestroyEnumHandle0")] public static extern Win32Error FwpmFilterDestroyEnumHandle0([In] HFWPENG engineHandle, [In] HANDLE enumHandle); ///

The FwpmFilterEnum0 function returns the next page of results from the filter enumerator.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: HANDLE /// Handle for a filter enumeration created by a call to FwpmFilterCreateEnumHandle0. /// /// /// Type: UINT32 /// The number of filter objects requested. /// /// /// Type: FWPM_FILTER0*** /// Addresses of enumeration entries. /// /// /// Type: UINT32* /// The number of filter objects returned. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The filters were enumerated successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// If the numEntriesReturned is less than the numEntriesRequested, the enumeration is exhausted. /// The returned array of entries (but not the individual entries themselves) must be freed by a call to FwpmFreeMemory0. /// A subsequent call using the same enumeration handle will return the next set of items following those in the last output buffer. /// FwpmFilterEnum0 works on a snapshot of the filters taken at the time the enumeration handle was created. /// /// FwpmFilterEnum0 is a specific implementation of FwpmFilterEnum. See WFP Version-Independent Names and Targeting Specific /// Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfilterenum0 DWORD FwpmFilterEnum0( [in] HFWPENG engineHandle, // [in] HANDLE enumHandle, [in] UINT32 numEntriesRequested, [out] FWPM_FILTER0 ***entries, [out] UINT32 *numEntriesReturned ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterEnum0")] public static extern Win32Error FwpmFilterEnum0([In] HFWPENG engineHandle, [In] HANDLE enumHandle, uint numEntriesRequested, out SafeFwpmMem entries, out uint numEntriesReturned); ///

The FwpmFilterEnum0 function returns the next page of results from the filter enumerator.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_FILTER0*** /// Addresses of enumeration entries. /// /// /// Type: FWPM_FILTER_ENUM_TEMPLATE0* /// Template to selectively restrict the enumeration. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The filters were enumerated successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// If enumTemplate is NULL, all filters are returned. /// FwpmFilterEnum0 works on a snapshot of the filters taken at the time the enumeration handle was created. /// /// FwpmFilterEnum0 is a specific implementation of FwpmFilterEnum. See WFP Version-Independent Names and Targeting Specific /// Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfilterenum0 DWORD FwpmFilterEnum0( [in] HFWPENG engineHandle, // [in] HANDLE enumHandle, [in] UINT32 numEntriesRequested, [out] FWPM_FILTER0 ***entries, [out] UINT32 *numEntriesReturned ); [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterEnum0")] public static Win32Error FwpmFilterEnum0([In] HFWPENG engineHandle, out SafeFwpmArray entries, FWPM_FILTER_ENUM_TEMPLATE0? enumTemplate = null) => FwpmGenericEnum(FwpmFilterCreateEnumHandle0, FwpmFilterEnum0, FwpmFilterDestroyEnumHandle0, engineHandle, out entries, enumTemplate); ///

The FwpmFilterGetById0 function retrieves a filter object.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: UINT64 /// /// A runtime identifier for the desired object. This identifier was received from the system when the application called FwpmFilterAdd0 /// for this object. /// /// /// /// Type: FWPM_FILTER0** /// The filter information. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The filter was retrieved successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// The caller must free the returned object by a call to FwpmFreeMemory0. /// The caller needs FWPM_ACTRL_READ access to the filter. See Access Control for more information. /// /// FwpmFilterGetById0 is a specific implementation of FwpmFilterGetById. See WFP Version-Independent Names and Targeting Specific /// Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfiltergetbyid0 DWORD FwpmFilterGetById0( [in] HFWPENG // engineHandle, [in] UINT64 id, [out] FWPM_FILTER0 **filter ); [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterGetById0")] public static Win32Error FwpmFilterGetById0([In] HFWPENG engineHandle, ulong id, out SafeFwpmStruct filter) => FwpmGenericGetById(FwpmFilterGetById0, engineHandle, id, out filter); ///

The FwpmFilterGetByKey0 function retrieves a filter object.

The FwpmFilterGetSecurityInfoByKey0 function retrieves a copy of the security descriptor for a filter object.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: const GUID* /// /// Unique identifier of the filter. This GUID was specified in the filterKey member of the filter parameter when the /// application called FwpmFilterAdd0 for this object. /// /// /// /// Type: SECURITY_INFORMATION /// The type of security information to retrieve. /// /// /// Type: PSID* /// The owner security identifier (SID) in the returned security descriptor. /// /// /// Type: PSID* /// The primary group security identifier (SID) in the returned security descriptor. /// /// /// Type: PACL* /// The discretionary access control list (DACL) in the returned security descriptor. /// /// /// Type: PACL* /// The system access control list (SACL) in the returned security descriptor. /// /// /// Type: PSECURITY_DESCRIPTOR* /// The returned security descriptor. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The security descriptor was retrieved successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// If the key parameter is NULL or if it is a NULL GUID, this function manages the security information of the /// filters container. /// /// /// The returned securityDescriptor parameter must be freed through a call to FwpmFreeMemory0. The other four (optional) returned /// parameters must not be freed, as they point to addresses within the securityDescriptor parameter. /// /// /// This function behaves like the standard Win32 GetSecurityInfo function. The caller needs the same standard access rights as described /// in the GetSecurityInfo reference topic. /// /// /// FwpmFilterGetSecurityInfoByKey0 is a specific implementation of FwpmFilterGetSecurityInfoByKey. See WFP Version-Independent /// Names and Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfiltergetsecurityinfobykey0 DWORD // FwpmFilterGetSecurityInfoByKey0( [in] HFWPENG engineHandle, [in, optional] const GUID *key, [in] SECURITY_INFORMATION securityInfo, // [out, optional] PSID *sidOwner, [out, optional] PSID *sidGroup, [out, optional] PACL *dacl, [out, optional] PACL *sacl, [out] // PSECURITY_DESCRIPTOR *securityDescriptor ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterGetSecurityInfoByKey0")] public static extern Win32Error FwpmFilterGetSecurityInfoByKey0([In] HFWPENG engineHandle, in Guid key, SECURITY_INFORMATION securityInfo, out PSID sidOwner, out PSID sidGroup, out PACL dacl, out PACL sacl, out SafeFwpmMem securityDescriptor); ///

/// The FwpmFilterSetSecurityInfoByKey0 function sets specified security information in the security descriptor of a filter object. ///

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: const GUID* /// /// Unique identifier of the filter. This GUID was specified in the filterKey member of the filter parameter when the /// application called FwpmFilterAdd0 for this object. /// /// /// /// Type: SECURITY_INFORMATION /// The type of security information to set. /// /// /// Type: const SID* /// The owner's security identifier (SID) to be set in the security descriptor. /// /// /// Type: const SID* /// The group's SID to be set in the security descriptor. /// /// /// Type: const ACL* /// The discretionary access control list (DACL) to be set in the security descriptor. /// /// /// Type: const ACL* /// The system access control list (SACL) to be set in the security descriptor. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The security descriptor was set successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// If the key parameter is NULL or if it is a NULL GUID, this function manages the security information of the /// filters container. /// /// /// This function cannot be called from within a transaction. It will fail with FWP_E_TXN_IN_PROGRESS. See Object Management for /// more information about transactions. /// /// /// This function can be called within a dynamic session if the corresponding object was added during the same session. If this function /// is called for an object that was added during a different dynamic session, it will fail with FWP_E_WRONG_SESSION. If this /// function is called for an object that was not added during a dynamic session, it will fail with FWP_E_DYNAMIC_SESSION_IN_PROGRESS. /// /// /// This function behaves like the standard Win32 SetSecurityInfo function. The caller needs the same standard access rights as described /// in the SetSecurityInfo reference topic. /// /// /// FwpmFilterSetSecurityInfoByKey0 is a specific implementation of FwpmFilterSetSecurityInfoByKey. See WFP Version-Independent /// Names and Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfiltersetsecurityinfobykey0 DWORD // FwpmFilterSetSecurityInfoByKey0( [in] HFWPENG engineHandle, [in, optional] const GUID *key, [in] SECURITY_INFORMATION securityInfo, // [in, optional] const SID *sidOwner, [in, optional] const SID *sidGroup, [in, optional] const ACL *dacl, [in, optional] const ACL *sacl ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterSetSecurityInfoByKey0")] public static extern Win32Error FwpmFilterSetSecurityInfoByKey0([In] HFWPENG engineHandle, in Guid key, SECURITY_INFORMATION securityInfo, [In, Optional] PSID sidOwner, [In, Optional] PSID sidGroup, [In, Optional] PACL dacl, [In, Optional] PACL sacl); ///

/// The FwpmFilterSubscribeChanges0 function is used to request the delivery of notifications regarding changes in a particular filter. ///

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_FILTER_SUBSCRIPTION0* /// The notifications to be delivered. /// /// /// Type: FWPM_FILTER_CHANGE_CALLBACK0 /// The function pointer that will be invoked when a notification is ready for delivery. /// /// /// Type: void* /// Optional context pointer. This pointer is passed to the callback function along with details of the change. /// /// /// Type: HANDLE* /// Handle to the newly created subscription. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The subscription was created successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// Subscribers do not receive notifications for changes made with the same session handle used to subscribe. This is because subscribers /// only need to see changes made by others since they already know which changes they made themselves. /// /// /// This function cannot be called from within a transaction. It will fail with FWP_E_TXN_IN_PROGRESS. See Object Management for /// more information about transactions. /// /// /// The caller needs FWPM_ACTRL_SUBSCRIBE access to the filter's container and FWPM_ACTRL_READ access to the filter. The /// subscriber will only get notifications for filters to which it has FWPM_ACTRL_READ access. See Access Control for more information. /// /// /// FwpmFilterSubscribeChanges0 is a specific implementation of FwpmFilterSubscribeChanges. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfiltersubscribechanges0 DWORD FwpmFilterSubscribeChanges0( [in] // HFWPENG engineHandle, [in] const FWPM_FILTER_SUBSCRIPTION0 *subscription, [in] FWPM_FILTER_CHANGE_CALLBACK0 callback, [in, optional] // void *context, [out] HANDLE *changeHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterSubscribeChanges0")] public static extern Win32Error FwpmFilterSubscribeChanges0([In] HFWPENG engineHandle, in FWPM_FILTER_SUBSCRIPTION0 subscription, [In] FWPM_FILTER_CHANGE_CALLBACK0 callback, [In, Optional] IntPtr context, out HFWPMFILTERSUB changeHandle); ///

The FwpmFilterSubscriptionsGet0 function retrieves an array of all the current filter change notification subscriptions.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_FILTER_SUBSCRIPTION0*** /// The current filter change notification subscriptions. /// /// /// Type: UINT32* /// The number of entries returned. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The subscriptions were retrieved successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// The returned array (but not the individual entries in the array) must be freed through a call to FwpmFreeMemory0. /// The caller needs FWPM_ACTRL_READ access to the filter's container. See Access Control for more information. /// /// FwpmFilterSubscriptionsGet0 is a specific implementation of FwpmFilterSubscriptionsGet. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfiltersubscriptionsget0 DWORD FwpmFilterSubscriptionsGet0( [in] // HFWPENG engineHandle, [out] FWPM_FILTER_SUBSCRIPTION0 ***entries, [out] UINT32 *numEntries ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterSubscriptionsGet0")] public static extern Win32Error FwpmFilterSubscriptionsGet0([In] HFWPENG engineHandle, out SafeFwpmMem entries, out uint numEntries); ///

The FwpmFilterSubscriptionsGet0 function retrieves an array of all the current filter change notification subscriptions.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_FILTER_SUBSCRIPTION0*** /// The current filter change notification subscriptions. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The subscriptions were retrieved successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// The returned array (but not the individual entries in the array) must be freed through a call to FwpmFreeMemory0. /// The caller needs FWPM_ACTRL_READ access to the filter's container. See Access Control for more information. /// /// FwpmFilterSubscriptionsGet0 is a specific implementation of FwpmFilterSubscriptionsGet. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfiltersubscriptionsget0 DWORD FwpmFilterSubscriptionsGet0( [in] // HFWPENG engineHandle, [out] FWPM_FILTER_SUBSCRIPTION0 ***entries, [out] UINT32 *numEntries ); [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterSubscriptionsGet0")] public static Win32Error FwpmFilterSubscriptionsGet0([In] HFWPENG engineHandle, out SafeFwpmArray entries) => FwpmGenericGetSubs(FwpmFilterSubscriptionsGet0, engineHandle, out entries); ///

/// The FwpmFilterUnsubscribeChanges0 function is used to cancel a filter change subscription and stop receiving change notifications. ///

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: HANDLE /// Handle of the subscribed change notification. This is the handle returned by the call to FwpmFilterSubscribeChanges0. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The subscription was deleted successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// If the callback is currently being invoked, this function will not return until it completes. Thus, when calling this function, you /// must not hold any locks that the callback may also try to acquire lest you deadlock. /// /// /// It is not necessary to unsubscribe before closing a session; all subscriptions are automatically canceled when the subscribing /// session terminates. /// /// /// This function cannot be called from within a transaction. It will fail with FWP_E_TXN_IN_PROGRESS. See Object Management for /// more information about transactions. /// /// /// FwpmFilterUnsubscribeChanges0 is a specific implementation of FwpmFilterUnsubscribeChanges. See WFP Version-Independent Names /// and Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmfilterunsubscribechanges0 DWORD FwpmFilterUnsubscribeChanges0( // [in] HFWPENG engineHandle, [in] HANDLE changeHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmFilterUnsubscribeChanges0")] public static extern Win32Error FwpmFilterUnsubscribeChanges0([In] HFWPENG engineHandle, [In] HFWPMFILTERSUB changeHandle); ///

The FwpmGetAppIdFromFileName0 function retrieves an application identifier from a file name.

/// /// Type: const wchar_t* /// File name from which the application identifier will be retrieved. /// /// /// Type: FWP_BYTE_BLOB** /// The retrieved application identifier. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The application identifier was retrieved successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// The caller must free the returned object by a call to FwpmFreeMemory0. /// /// FwpmGetAppIdFromFileName0 is a specific implementation of FwpmGetAppIdFromFileName. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// Examples /// The following C++ example shows how to retrieve an application identifier using FwpmGetAppIdFromFileName0. /// ///

#include <windows.h> #include <fwpmu.h> #include <stdio.h> #pragma comment(lib, "Fwpuclnt.lib") // Hard-coded file name for demonstration purposes. #define FILE_PATH1 L"C:\\Program Files\\SomeAppFolder\\SomeApplication.exe" int main() { DWORD result = ERROR_SUCCESS; FWP_BYTE_BLOB *fwpApplicationByteBlob = NULL; printf("Retrieving Id for application to allow through firewall.\n"); result = FwpmGetAppIdFromFileName0(FILE_PATH1, &fwpApplicationByteBlob); if (result != ERROR_SUCCESS) { printf("FwpmGetAppIdFromFileName failed (%d).\n", result); return result; } else { printf("The Id is: %d\n", fwpApplicationByteBlob->data); } return 0; } // ----------------------------------------------------------------------

/// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmgetappidfromfilename0 DWORD FwpmGetAppIdFromFileName0( [in] // PCWSTR fileName, [out] FWP_BYTE_BLOB **appId ); [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmGetAppIdFromFileName0")] public static Win32Error FwpmGetAppIdFromFileName0([MarshalAs(UnmanagedType.LPWStr)] string fileName, out byte[] appId) { Win32Error err = FwpmGetAppIdFromFileName0(fileName, out SafeFwpmMem mem); FWP_BYTE_BLOB blob = mem.ToStructure().GetValueOrDefault(); appId = err.Succeeded ? blob.data.ToArray((int)blob.size) : null; return err; } ///

/// The FwpmIPsecTunnelAdd1 function adds a new Internet Protocol Security (IPsec) tunnel mode policy to the system. /// /// NoteFwpmIPsecTunnelAdd1 is the specific implementation of FwpmIPsecTunnelAdd used in Windows 7. See WFP /// Version-Independent Names and Targeting Specific Versions of Windows for more information. For Windows Vista, FwpmIPsecTunnelAdd0 is /// available. For Windows 8, FwpmIPsecTunnelAdd2 is available. /// ///

/// /// Type: HANDLE /// A handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: UINT32 /// Possible values: /// /// /// IPsec tunnel flag /// Meaning /// /// /// FWPM_TUNNEL_FLAG_POINT_TO_POINT /// Adds a point-to-point tunnel to the system. /// /// /// FWPM_TUNNEL_FLAG_ENABLE_VIRTUAL_IF_TUNNELING /// Enables virtual interface-based IPsec tunnel mode. /// /// /// /// /// Type: FWPM_PROVIDER_CONTEXT1* /// The Main Mode policy for the IPsec tunnel. /// /// /// Type: FWPM_PROVIDER_CONTEXT1* /// The Quick Mode policy for the IPsec tunnel. /// /// /// Type: UINT32 /// Number of filter conditions present in the filterConditions parameter. /// /// /// Type: const FWPM_FILTER_CONDITION0* /// Array of filter conditions that describe the traffic which should be tunneled by IPsec. /// /// /// Type: const GUID* /// Pointer to a GUID that uniquely identifies the keying module key. /// /// If the caller supplies this parameter, only that keying module will be used for the tunnel. Otherwise, the default keying policy applies. /// /// /// /// Type: PSECURITY_DESCRIPTOR /// The security information associated with the IPsec tunnel. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The IPsec tunnel mode policy was successfully added. /// /// /// FWP_E_INVALID_PARAMETER 0x80320035 /// FWPM_TUNNEL_FLAG_POINT_TO_POINT was not set and conditions other than local/remote address were specified. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// This function cannot be called from within a read-only transaction. It will fail with FWP_E_INCOMPATIBLE_TXN. See Object /// Management for more information about transactions. /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmipsectunneladd1 DWORD FwpmIPsecTunnelAdd1( [in] HFWPENG // engineHandle, [in] UINT32 flags, [in, optional] const FWPM_PROVIDER_CONTEXT1 *mainModePolicy, [in] const FWPM_PROVIDER_CONTEXT1 // *tunnelPolicy, [in] UINT32 numFilterConditions, [in] const FWPM_FILTER_CONDITION0 *filterConditions, [in, optional] const GUID // *keyModKey, [in, optional] PSECURITY_DESCRIPTOR sd ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmIPsecTunnelAdd1")] public static extern Win32Error FwpmIPsecTunnelAdd1([In] HFWPENG engineHandle, FWPM_TUNNEL_FLAG flags, in FWPM_PROVIDER_CONTEXT1 mainModePolicy, in FWPM_PROVIDER_CONTEXT1 tunnelPolicy, uint numFilterConditions, [In, MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 4)] FWPM_FILTER_CONDITION0[] filterConditions, in Guid keyModKey, [In, Optional] PSECURITY_DESCRIPTOR sd); ///

/// /// Type: HANDLE /// A handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: UINT32 /// Possible values: /// /// /// IPsec tunnel flag /// Meaning /// /// /// FWPM_TUNNEL_FLAG_POINT_TO_POINT /// Adds a point-to-point tunnel to the system. /// /// /// FWPM_TUNNEL_FLAG_ENABLE_VIRTUAL_IF_TUNNELING /// Enables virtual interface-based IPsec tunnel mode. /// /// /// /// /// Type: FWPM_PROVIDER_CONTEXT1* /// The Main Mode policy for the IPsec tunnel. /// /// /// Type: FWPM_PROVIDER_CONTEXT1* /// The Quick Mode policy for the IPsec tunnel. /// /// /// Type: UINT32 /// Number of filter conditions present in the filterConditions parameter. /// /// /// Type: const FWPM_FILTER_CONDITION0* /// Array of filter conditions that describe the traffic which should be tunneled by IPsec. /// /// /// Type: const GUID* /// Pointer to a GUID that uniquely identifies the keying module key. /// /// If the caller supplies this parameter, only that keying module will be used for the tunnel. Otherwise, the default keying policy applies. /// /// /// /// Type: PSECURITY_DESCRIPTOR /// The security information associated with the IPsec tunnel. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The IPsec tunnel mode policy was successfully added. /// /// /// FWP_E_INVALID_PARAMETER 0x80320035 /// FWPM_TUNNEL_FLAG_POINT_TO_POINT was not set and conditions other than local/remote address were specified. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// This function cannot be called from within a read-only transaction. It will fail with FWP_E_INCOMPATIBLE_TXN. See Object /// Management for more information about transactions. /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmipsectunneladd1 DWORD FwpmIPsecTunnelAdd1( [in] HANDLE // engineHandle, [in] UINT32 flags, [in, optional] const FWPM_PROVIDER_CONTEXT1 *mainModePolicy, [in] const FWPM_PROVIDER_CONTEXT1 // *tunnelPolicy, [in] UINT32 numFilterConditions, [in] const FWPM_FILTER_CONDITION0 *filterConditions, [in, optional] const GUID // *keyModKey, [in, optional] PSECURITY_DESCRIPTOR sd ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmIPsecTunnelAdd1")] public static extern Win32Error FwpmIPsecTunnelAdd1([In] HFWPENG engineHandle, FWPM_TUNNEL_FLAG flags, [In, Optional] IntPtr mainModePolicy, in FWPM_PROVIDER_CONTEXT1 tunnelPolicy, uint numFilterConditions, [In, MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 4)] FWPM_FILTER_CONDITION0[] filterConditions, [In, Optional] GuidPtr keyModKey, [In, Optional] PSECURITY_DESCRIPTOR sd); ///

/// The FwpmIPsecTunnelAdd2 function adds a new Internet Protocol Security (IPsec) tunnel mode policy to the system. /// /// NoteFwpmIPsecTunnelAdd2 is the specific implementation of FwpmIPsecTunnelAdd used in Windows 8. See WFP /// Version-Independent Names and Targeting Specific Versions of Windows for more information. For Windows 7, FwpmIPsecTunnelAdd1 is /// available. For Windows Vista, FwpmIPsecTunnelAdd0 is available. /// ///

/// /// Type: HANDLE /// A handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: UINT32 /// Possible values: /// /// /// IPsec tunnel flag /// Meaning /// /// /// FWPM_TUNNEL_FLAG_POINT_TO_POINT /// Adds a point-to-point tunnel to the system. /// /// /// FWPM_TUNNEL_FLAG_ENABLE_VIRTUAL_IF_TUNNELING /// Enables virtual interface-based IPsec tunnel mode. /// /// /// /// /// Type: FWPM_PROVIDER_CONTEXT2* /// The Main Mode policy for the IPsec tunnel. /// /// /// Type: FWPM_PROVIDER_CONTEXT2* /// The Quick Mode policy for the IPsec tunnel. /// /// /// Type: UINT32 /// Number of filter conditions present in the filterConditions parameter. /// /// /// Type: FWPM_FILTER_CONDITION0* /// Array of filter conditions that describe the traffic which should be tunneled by IPsec. /// /// /// Type: const GUID* /// Pointer to a GUID that uniquely identifies the keying module key. /// /// If the caller supplies this parameter, only that keying module will be used for the tunnel. Otherwise, the default keying policy applies. /// /// /// /// Type: PSECURITY_DESCRIPTOR /// The security information associated with the IPsec tunnel. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The IPsec tunnel mode policy was successfully added. /// /// /// FWP_E_INVALID_PARAMETER 0x80320035 /// FWPM_TUNNEL_FLAG_POINT_TO_POINT was not set and conditions other than local/remote address were specified. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// This function cannot be called from within a read-only transaction. It will fail with FWP_E_INCOMPATIBLE_TXN. See Object /// Management for more information about transactions. /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmipsectunneladd2 DWORD FwpmIPsecTunnelAdd2( [in] HFWPENG // engineHandle, [in] UINT32 flags, [in, optional] const FWPM_PROVIDER_CONTEXT2 *mainModePolicy, [in] const FWPM_PROVIDER_CONTEXT2 // *tunnelPolicy, [in] UINT32 numFilterConditions, [in] const FWPM_FILTER_CONDITION0 *filterConditions, [in, optional] const GUID // *keyModKey, [in, optional] PSECURITY_DESCRIPTOR sd ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmIPsecTunnelAdd2")] public static extern Win32Error FwpmIPsecTunnelAdd2([In] HFWPENG engineHandle, [In] FWPM_TUNNEL_FLAG flags, in FWPM_PROVIDER_CONTEXT2 mainModePolicy, in FWPM_PROVIDER_CONTEXT2 tunnelPolicy, uint numFilterConditions, [In, MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 4)] FWPM_FILTER_CONDITION0[] filterConditions, in Guid keyModKey, [In, Optional] PSECURITY_DESCRIPTOR sd); ///

/// /// Type: HANDLE /// A handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: UINT32 /// Possible values: /// /// /// IPsec tunnel flag /// Meaning /// /// /// FWPM_TUNNEL_FLAG_POINT_TO_POINT /// Adds a point-to-point tunnel to the system. /// /// /// FWPM_TUNNEL_FLAG_ENABLE_VIRTUAL_IF_TUNNELING /// Enables virtual interface-based IPsec tunnel mode. /// /// /// /// /// Type: FWPM_PROVIDER_CONTEXT2* /// The Main Mode policy for the IPsec tunnel. /// /// /// Type: FWPM_PROVIDER_CONTEXT2* /// The Quick Mode policy for the IPsec tunnel. /// /// /// Type: UINT32 /// Number of filter conditions present in the filterConditions parameter. /// /// /// Type: FWPM_FILTER_CONDITION0* /// Array of filter conditions that describe the traffic which should be tunneled by IPsec. /// /// /// Type: const GUID* /// Pointer to a GUID that uniquely identifies the keying module key. /// /// If the caller supplies this parameter, only that keying module will be used for the tunnel. Otherwise, the default keying policy applies. /// /// /// /// Type: PSECURITY_DESCRIPTOR /// The security information associated with the IPsec tunnel. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The IPsec tunnel mode policy was successfully added. /// /// /// FWP_E_INVALID_PARAMETER 0x80320035 /// FWPM_TUNNEL_FLAG_POINT_TO_POINT was not set and conditions other than local/remote address were specified. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// This function cannot be called from within a read-only transaction. It will fail with FWP_E_INCOMPATIBLE_TXN. See Object /// Management for more information about transactions. /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmipsectunneladd2 DWORD FwpmIPsecTunnelAdd2( [in] HFWPENG // engineHandle, [in] UINT32 flags, [in, optional] const FWPM_PROVIDER_CONTEXT2 *mainModePolicy, [in] const FWPM_PROVIDER_CONTEXT2 // *tunnelPolicy, [in] UINT32 numFilterConditions, [in] const FWPM_FILTER_CONDITION0 *filterConditions, [in, optional] const GUID // *keyModKey, [in, optional] PSECURITY_DESCRIPTOR sd ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmIPsecTunnelAdd2")] public static extern Win32Error FwpmIPsecTunnelAdd2([In] HFWPENG engineHandle, [In] FWPM_TUNNEL_FLAG flags, [In, Optional] IntPtr mainModePolicy, in FWPM_PROVIDER_CONTEXT2 tunnelPolicy, uint numFilterConditions, [In, MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 4)] FWPM_FILTER_CONDITION0[] filterConditions, [In, Optional] GuidPtr keyModKey, [In, Optional] PSECURITY_DESCRIPTOR sd); ///

/// The FwpmIPsecTunnelDeleteByKey0 function removes an Internet Protocol Security (IPsec) tunnel mode policy from the system. ///

/// /// Type: HANDLE /// A handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: const GUID* /// /// Unique identifier of the IPsec tunnel. This GUID was specified in the providerContextKey member of the tunnelPolicy /// parameter of the FwpmIPsecTunnelAdd0 function. /// /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The IPsec tunnel mode policy was successfully deleted. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// This function cannot be called from within a read-only transaction. It will fail with FWP_E_INCOMPATIBLE_TXN. See Object /// Management for more information about transactions. /// /// /// FwpmIPsecTunnelDeleteByKey0 is a specific implementation of FwpmIPsecTunnelDeleteByKey. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmipsectunneldeletebykey0 DWORD FwpmIPsecTunnelDeleteByKey0( [in] // HFWPENG engineHandle, [in] const GUID *key ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmIPsecTunnelDeleteByKey0")] public static extern Win32Error FwpmIPsecTunnelDeleteByKey0([In] HFWPENG engineHandle, [In] in Guid key); ///

The FwpmLayerCreateEnumHandle0 function creates a handle used to enumerate a set of layer objects.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_LAYER_ENUM_TEMPLATE0* /// Template to selectively restrict the enumeration. /// /// /// Type: HANDLE* /// Handle for the layer enumeration. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The enumerator was created successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// If enumTemplate is NULL, all layers are returned. /// /// The enumerator is not "live", meaning it does not reflect changes made to the system after the call to /// FwpmLayerCreateEnumHandle0 returns. If you need to ensure that the results are current, you must call /// FwpmLayerCreateEnumHandle0 and FwpmLayerEnum0 from within the same explicit transaction. /// /// The caller must free the returned handle by a call to the FwpmLayerDestroyEnumHandle0. /// /// The caller needs FWPM_ACTRL_ENUM access to the layers' containers and FWPM_ACTRL_READ access to the layers. Only layers to /// which the caller has FWPM_ACTRL_READ access will be returned. See Access Control for more information. /// /// /// FwpmLayerCreateEnumHandle0 is a specific implementation of FwpmLayerCreateEnumHandle. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayercreateenumhandle0 DWORD FwpmLayerCreateEnumHandle0( [in] // HFWPENG engineHandle, [in, optional] const FWPM_LAYER_ENUM_TEMPLATE0 *enumTemplate, [out] HANDLE *enumHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerCreateEnumHandle0")] public static extern Win32Error FwpmLayerCreateEnumHandle0([In] HFWPENG engineHandle, in FWPM_LAYER_ENUM_TEMPLATE0 enumTemplate, out HANDLE enumHandle); ///

The FwpmLayerCreateEnumHandle0 function creates a handle used to enumerate a set of layer objects.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_LAYER_ENUM_TEMPLATE0* /// Template to selectively restrict the enumeration. /// /// /// Type: HANDLE* /// Handle for the layer enumeration. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The enumerator was created successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// If enumTemplate is NULL, all layers are returned. /// /// The enumerator is not "live", meaning it does not reflect changes made to the system after the call to /// FwpmLayerCreateEnumHandle0 returns. If you need to ensure that the results are current, you must call /// FwpmLayerCreateEnumHandle0 and FwpmLayerEnum0 from within the same explicit transaction. /// /// The caller must free the returned handle by a call to the FwpmLayerDestroyEnumHandle0. /// /// The caller needs FWPM_ACTRL_ENUM access to the layers' containers and FWPM_ACTRL_READ access to the layers. Only layers to /// which the caller has FWPM_ACTRL_READ access will be returned. See Access Control for more information. /// /// /// FwpmLayerCreateEnumHandle0 is a specific implementation of FwpmLayerCreateEnumHandle. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayercreateenumhandle0 DWORD FwpmLayerCreateEnumHandle0( [in] // HFWPENG engineHandle, [in, optional] const FWPM_LAYER_ENUM_TEMPLATE0 *enumTemplate, [out] HANDLE *enumHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerCreateEnumHandle0")] public static extern Win32Error FwpmLayerCreateEnumHandle0([In] HFWPENG engineHandle, [In, Optional] IntPtr enumTemplate, out HANDLE enumHandle); ///

The FwpmLayerDestroyEnumHandle0 function frees a handle returned by FwpmFilterCreateEnumHandle0.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: HANDLE /// Handle of a layer enumeration created by a call to FwpmLayerCreateEnumHandle0. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The enumerator was successfully deleted. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// FwpmLayerDestroyEnumHandle0 is a specific implementation of FwpmLayerDestroyEnumHandle. See WFP Version-Independent Names and /// Targeting Specific Versions of Windows for more information. /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayerdestroyenumhandle0 DWORD FwpmLayerDestroyEnumHandle0( [in] // HFWPENG engineHandle, [in] HANDLE enumHandle ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerDestroyEnumHandle0")] public static extern Win32Error FwpmLayerDestroyEnumHandle0([In] HFWPENG engineHandle, [In] HANDLE enumHandle); ///

The FwpmLayerEnum0 function returns the next page of results from the layer enumerator.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: HANDLE /// Handle for a layer enumeration created by a call to FwpmLayerCreateEnumHandle0. /// /// /// Type: UINT32 /// The number of layer entries requested. /// /// /// Type: FWPM_LAYER0*** /// Addresses of the enumeration entries. /// /// /// Type: UINT32* /// The number of layer entries returned. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The layers were enumerated successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// If the numEntriesReturned is less than the numEntriesRequested, the enumeration is exhausted. /// The returned array of entries (but not the individual entries themselves) must be freed by a call to FwpmFreeMemory0. /// A subsequent call using the same enumeration handle will return the next set of items following those in the last output buffer. /// /// FwpmLayerEnum0 is a specific implementation of FwpmLayerEnum. See WFP Version-Independent Names and Targeting Specific /// Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayerenum0 DWORD FwpmLayerEnum0( [in] HFWPENG engineHandle, [in] // HANDLE enumHandle, [in] UINT32 numEntriesRequested, [out] FWPM_LAYER0 ***entries, [out] UINT32 *numEntriesReturned ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerEnum0")] public static extern Win32Error FwpmLayerEnum0([In] HFWPENG engineHandle, [In] HANDLE enumHandle, uint numEntriesRequested, out SafeFwpmMem entries, out uint numEntriesReturned); ///

The FwpmLayerEnum0 function returns the next page of results from the layer enumerator.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: FWPM_LAYER0*** /// Addresses of the enumeration entries. /// /// /// Type: FWPM_LAYER_ENUM_TEMPLATE0* /// Template to selectively restrict the enumeration. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The layers were enumerated successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// If enumTemplate is NULL, all layers are returned. /// /// FwpmLayerEnum0 is a specific implementation of FwpmLayerEnum. See WFP Version-Independent Names and Targeting Specific /// Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayerenum0 DWORD FwpmLayerEnum0( [in] HFWPENG engineHandle, [in] // HANDLE enumHandle, [in] UINT32 numEntriesRequested, [out] FWPM_LAYER0 ***entries, [out] UINT32 *numEntriesReturned ); [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerEnum0")] public static Win32Error FwpmLayerEnum0([In] HFWPENG engineHandle, out SafeFwpmArray entries, FWPM_LAYER_ENUM_TEMPLATE0? enumTemplate = null) => FwpmGenericEnum(FwpmLayerCreateEnumHandle0, FwpmLayerEnum0, FwpmLayerDestroyEnumHandle0, engineHandle, out entries, enumTemplate); ///

The FwpmLayerGetById0 function retrieves a layer object.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: UINT16 /// /// Identifier of the desired layer. For a list of possible values, see Run-time Filtering Layer Identifiers in the WDK documentation for /// Windows Filtering Platform. /// /// /// /// Type: FWPM_LAYER0** /// The layer information. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The layer was retrieved successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// The caller must free the returned object by a call to FwpmFreeMemory0. /// The caller needs FWPM_ACTRL_READ access to the layer. See Access Control for more information. /// /// FwpmLayerGetById0 is a specific implementation of FwpmLayerGetById. See WFP Version-Independent Names and Targeting Specific /// Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayergetbyid0 DWORD FwpmLayerGetById0( [in] HFWPENG // engineHandle, [in] UINT16 id, [out] FWPM_LAYER0 **layer ); [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerGetById0")] public static Win32Error FwpmLayerGetById0([In] HFWPENG engineHandle, [In] ushort id, out SafeFwpmStruct layer) => FwpmGenericGetById(FwpmLayerGetById0, engineHandle, id, out layer); ///

The FwpmLayerGetByKey0 function retrieves a layer object.

The FwpmLayerGetSecurityInfoByKey0 function retrieves a copy of the security descriptor for a layer object.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: const GUID* /// Unique identifier of the layer. See Filtering Layer Identifiers for a list of possible GUID values. /// /// /// Type: SECURITY_INFORMATION /// The type of security information to retrieve. /// /// /// Type: PSID* /// The owner security identifier (SID) in the returned security descriptor. /// /// /// Type: PSID* /// The primary group security identifier (SID) in the returned security descriptor. /// /// /// Type: PACL* /// The discretionary access control list (DACL) in the returned security descriptor. /// /// /// Type: PACL* /// The system access control list (SACL) in the returned security descriptor. /// /// /// Type: PSECURITY_DESCRIPTOR* /// The returned security descriptor. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The security descriptor was retrieved successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// If the key parameter is NULL or if it is a NULL GUID, this function manages the security information of the /// layers container. /// /// /// The returned securityDescriptor parameter must be freed through a call to FwpmFreeMemory0. The other four (optional) returned /// parameters must not be freed, as they point to addresses within the securityDescriptor parameter. /// /// /// This function behaves like the standard Win32 GetSecurityInfo function. The caller needs the same standard access rights as described /// in the GetSecurityInfo reference topic. /// /// /// FwpmLayerGetSecurityInfoByKey0 is a specific implementation of FwpmLayerGetSecurityInfoByKey. See WFP Version-Independent /// Names and Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayergetsecurityinfobykey0 DWORD FwpmLayerGetSecurityInfoByKey0( // [in] HFWPENG engineHandle, [in, optional] const GUID *key, [in] SECURITY_INFORMATION securityInfo, [out, optional] PSID *sidOwner, // [out, optional] PSID *sidGroup, [out, optional] PACL *dacl, [out, optional] PACL *sacl, [out] PSECURITY_DESCRIPTOR *securityDescriptor ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerGetSecurityInfoByKey0")] public static extern Win32Error FwpmLayerGetSecurityInfoByKey0([In] HFWPENG engineHandle, in Guid key, SECURITY_INFORMATION securityInfo, out PSID sidOwner, out PSID sidGroup, out PACL dacl, out PACL sacl, out SafeFwpmMem securityDescriptor); ///

The FwpmLayerGetSecurityInfoByKey0 function retrieves a copy of the security descriptor for a layer object.

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: const GUID* /// Unique identifier of the layer. See Filtering Layer Identifiers for a list of possible GUID values. /// /// /// Type: SECURITY_INFORMATION /// The type of security information to retrieve. /// /// /// Type: PSID* /// The owner security identifier (SID) in the returned security descriptor. /// /// /// Type: PSID* /// The primary group security identifier (SID) in the returned security descriptor. /// /// /// Type: PACL* /// The discretionary access control list (DACL) in the returned security descriptor. /// /// /// Type: PACL* /// The system access control list (SACL) in the returned security descriptor. /// /// /// Type: PSECURITY_DESCRIPTOR* /// The returned security descriptor. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The security descriptor was retrieved successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// If the key parameter is NULL or if it is a NULL GUID, this function manages the security information of the /// layers container. /// /// /// The returned securityDescriptor parameter must be freed through a call to FwpmFreeMemory0. The other four (optional) returned /// parameters must not be freed, as they point to addresses within the securityDescriptor parameter. /// /// /// This function behaves like the standard Win32 GetSecurityInfo function. The caller needs the same standard access rights as described /// in the GetSecurityInfo reference topic. /// /// /// FwpmLayerGetSecurityInfoByKey0 is a specific implementation of FwpmLayerGetSecurityInfoByKey. See WFP Version-Independent /// Names and Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayergetsecurityinfobykey0 DWORD FwpmLayerGetSecurityInfoByKey0( // [in] HFWPENG engineHandle, [in, optional] const GUID *key, [in] SECURITY_INFORMATION securityInfo, [out, optional] PSID *sidOwner, // [out, optional] PSID *sidGroup, [out, optional] PACL *dacl, [out, optional] PACL *sacl, [out] PSECURITY_DESCRIPTOR *securityDescriptor ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerGetSecurityInfoByKey0")] public static extern Win32Error FwpmLayerGetSecurityInfoByKey0([In] HFWPENG engineHandle, [In, Optional] IntPtr key, SECURITY_INFORMATION securityInfo, out PSID sidOwner, out PSID sidGroup, out PACL dacl, out PACL sacl, out SafeFwpmMem securityDescriptor); ///

/// The FwpmLayerSetSecurityInfoByKey0 function sets specified security information in the security descriptor of a layer object. ///

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: const GUID* /// Unique identifier of the layer. See Filtering Layer Identifiers for a list of possible GUID values. /// /// /// Type: SECURITY_INFORMATION /// The type of security information to set. /// /// /// Type: const SID* /// The owner's security identifier (SID) to be set in the security descriptor. /// /// /// Type: const SID* /// The group's SID to be set in the security descriptor. /// /// /// Type: const ACL* /// The discretionary access control list (DACL) to be set in the security descriptor. /// /// /// Type: const ACL* /// The system access control list (SACL) to be set in the security descriptor. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The security descriptor was set successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// If the key parameter is NULL or if it is a NULL GUID, this function manages the security information of the /// layers container. /// /// /// This function cannot be called from within a transaction. It will fail with FWP_E_TXN_IN_PROGRESS. See Object Management for /// more information about transactions. /// /// /// This function behaves like the standard Win32 SetSecurityInfo function. The caller needs the same standard access rights as described /// in the SetSecurityInfo reference topic. /// /// /// FwpmLayerSetSecurityInfoByKey0 is a specific implementation of FwpmLayerSetSecurityInfoByKey. See WFP Version-Independent /// Names and Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayersetsecurityinfobykey0 DWORD FwpmLayerSetSecurityInfoByKey0( // [in] HFWPENG engineHandle, [in, optional] const GUID *key, [in] SECURITY_INFORMATION securityInfo, [in, optional] const SID *sidOwner, // [in, optional] const SID *sidGroup, [in, optional] const ACL *dacl, [in, optional] const ACL *sacl ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerSetSecurityInfoByKey0")] public static extern Win32Error FwpmLayerSetSecurityInfoByKey0([In] HFWPENG engineHandle, in Guid key, SECURITY_INFORMATION securityInfo, [In, Optional] PSID sidOwner, [In, Optional] PSID sidGroup, [In, Optional] PACL dacl, [In, Optional] PACL sacl); ///

/// The FwpmLayerSetSecurityInfoByKey0 function sets specified security information in the security descriptor of a layer object. ///

/// /// Type: HANDLE /// Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine. /// /// /// Type: const GUID* /// Unique identifier of the layer. See Filtering Layer Identifiers for a list of possible GUID values. /// /// /// Type: SECURITY_INFORMATION /// The type of security information to set. /// /// /// Type: const SID* /// The owner's security identifier (SID) to be set in the security descriptor. /// /// /// Type: const SID* /// The group's SID to be set in the security descriptor. /// /// /// Type: const ACL* /// The discretionary access control list (DACL) to be set in the security descriptor. /// /// /// Type: const ACL* /// The system access control list (SACL) to be set in the security descriptor. /// /// /// Type: DWORD /// /// /// Return code/value /// Description /// /// /// ERROR_SUCCESS 0 /// The security descriptor was set successfully. /// /// /// FWP_E_* error code 0x80320001—0x80320039 /// A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. /// /// /// RPC_* error code 0x80010001—0x80010122 /// Failure to communicate with the remote or local firewall engine. /// /// /// /// /// /// If the key parameter is NULL or if it is a NULL GUID, this function manages the security information of the /// layers container. /// /// /// This function cannot be called from within a transaction. It will fail with FWP_E_TXN_IN_PROGRESS. See Object Management for /// more information about transactions. /// /// /// This function behaves like the standard Win32 SetSecurityInfo function. The caller needs the same standard access rights as described /// in the SetSecurityInfo reference topic. /// /// /// FwpmLayerSetSecurityInfoByKey0 is a specific implementation of FwpmLayerSetSecurityInfoByKey. See WFP Version-Independent /// Names and Targeting Specific Versions of Windows for more information. /// /// // https://docs.microsoft.com/en-us/windows/win32/api/fwpmu/nf-fwpmu-fwpmlayersetsecurityinfobykey0 DWORD FwpmLayerSetSecurityInfoByKey0( // [in] HFWPENG engineHandle, [in, optional] const GUID *key, [in] SECURITY_INFORMATION securityInfo, [in, optional] const SID *sidOwner, // [in, optional] const SID *sidGroup, [in, optional] const ACL *dacl, [in, optional] const ACL *sacl ); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] [PInvokeData("fwpmu.h", MSDNShortId = "NF:fwpmu.FwpmLayerSetSecurityInfoByKey0")] public static extern Win32Error FwpmLayerSetSecurityInfoByKey0([In] HFWPENG engineHandle, [In, Optional] IntPtr key, SECURITY_INFORMATION securityInfo, [In, Optional] PSID sidOwner, [In, Optional] PSID sidGroup, [In, Optional] PACL dacl, [In, Optional] PACL sacl); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] private static extern Win32Error FwpmFilterGetById0([In] HFWPENG engineHandle, ulong id, out SafeFwpmMem filter); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] private static extern Win32Error FwpmFilterGetByKey0([In] HFWPENG engineHandle, in Guid key, out SafeFwpmMem filter); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] private static extern Win32Error FwpmGetAppIdFromFileName0([MarshalAs(UnmanagedType.LPWStr)] string fileName, out SafeFwpmMem appId); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] private static extern Win32Error FwpmLayerGetById0([In] HFWPENG engineHandle, [In] ushort id, out SafeFwpmMem layer); [DllImport(Lib_Fwpuclnt, SetLastError = false, ExactSpelling = true)] private static extern Win32Error FwpmLayerGetByKey0([In] HFWPENG engineHandle, [In] in Guid key, out SafeFwpmMem layer); }