/* Copyright (c) Microsoft Corporation SYNOPSIS Declares the system portion of the FWP API. */ #ifndef FWPSX_H #define FWPSX_H #if _MSC_VER >= 1020 #pragma once #endif #include #pragma region Desktop Family or AppRuntime Package #if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_PKG_APPRUNTIME) #if (NTDDI_VERSION >= NTDDI_WIN6) #include "fwpstypes.h" #include "ws2def.h" #include #include #include "fwpvi.h" #ifdef __cplusplus extern "C" { #endif #if defined(_MSC_VER) && !defined(__clang__) /***********************************************************************************************\ * * * Windows Filtering Platform (WFP) Driver Callout Annotations * * * * Version 1.0.0 * * * * Defines annotations to be used in Windows Filtering Callout Drivers to enforce API * * contracts that can be statically verified through the use of CodeQL queries. * * * * All APIs these annotations check for are present since Vista * * * \**********************************************************************************************/ #define _Wfp_Annotation_ __declspec("_Wfp_Annotation_") #define _Wfp_stream_injection_classify_ __declspec("_Wfp_stream_injection_classify_") #define _Wfp_stream_inspection_classify_ __declspec("_Wfp_stream_inspection_classify_") #define _Wfp_stream_inspection_notify_ __declspec("_Wfp_stream_inspection_notify_") #define _Wfp_flow_inspection_notify_ __declspec("_Wfp_flow_inspection_notify_") #define _Wfp_flow_inspection_classify_ __declspec("_Wfp_flow_inspection_classify_") #define _Wfp_flow_injection_classify_ __declspec("_Wfp_flow_injection_classify_") #define _Wfp_Transport_inspection_classify_ __declspec("_Wfp_Transport_inspection_classify_") #define _Wfp_transport_injection_classify_ __declspec("_Wfp_transport_injection_classify_") #define _Wfp_transport_injection_classify_inline_ __declspec("_Wfp_transport_injection_classify_inline_") #define _Wfp_ale_inspection_notify_ __declspec("_Wfp_ale_inspection_notify_") #define _Wfp_ale_inspection_classify_ __declspec("_Wfp_ale_inspection_classify_") #if (NTDDI_VERSION >= NTDDI_WIN8) // Connect Redirect APIs are not availible until Windows 8 #define _Wfp_connect_redirect_inline_classify_ __declspec("_Wfp_connect_redirect_inline_classify_") #define _Wfp_connect_redirect_classify_ __declspec("_Wfp_connect_redirect_classify_") #endif /// (NTDDI_VERSION >= NTDDI_WIN8) #endif /// (_MSC_VER) && !defined(__clang__) /////////////////////////////////////////////////////////////////////////////// // // LUIDs for built-in layers. // /////////////////////////////////////////////////////////////////////////////// typedef enum FWPS_BUILTIN_LAYERS_ { // Kernel-mode layers FWPS_LAYER_INBOUND_IPPACKET_V4, // 0 FWPS_LAYER_INBOUND_IPPACKET_V4_DISCARD, FWPS_LAYER_INBOUND_IPPACKET_V6, FWPS_LAYER_INBOUND_IPPACKET_V6_DISCARD, FWPS_LAYER_OUTBOUND_IPPACKET_V4, FWPS_LAYER_OUTBOUND_IPPACKET_V4_DISCARD, // 5 FWPS_LAYER_OUTBOUND_IPPACKET_V6, FWPS_LAYER_OUTBOUND_IPPACKET_V6_DISCARD, FWPS_LAYER_IPFORWARD_V4, FWPS_LAYER_IPFORWARD_V4_DISCARD, FWPS_LAYER_IPFORWARD_V6, // 10 FWPS_LAYER_IPFORWARD_V6_DISCARD, FWPS_LAYER_INBOUND_TRANSPORT_V4, FWPS_LAYER_INBOUND_TRANSPORT_V4_DISCARD, FWPS_LAYER_INBOUND_TRANSPORT_V6, FWPS_LAYER_INBOUND_TRANSPORT_V6_DISCARD, // 15 FWPS_LAYER_OUTBOUND_TRANSPORT_V4, FWPS_LAYER_OUTBOUND_TRANSPORT_V4_DISCARD, FWPS_LAYER_OUTBOUND_TRANSPORT_V6, FWPS_LAYER_OUTBOUND_TRANSPORT_V6_DISCARD, FWPS_LAYER_STREAM_V4, // 20 FWPS_LAYER_STREAM_V4_DISCARD, FWPS_LAYER_STREAM_V6, FWPS_LAYER_STREAM_V6_DISCARD, FWPS_LAYER_DATAGRAM_DATA_V4, FWPS_LAYER_DATAGRAM_DATA_V4_DISCARD, // 25 FWPS_LAYER_DATAGRAM_DATA_V6, FWPS_LAYER_DATAGRAM_DATA_V6_DISCARD, FWPS_LAYER_INBOUND_ICMP_ERROR_V4, FWPS_LAYER_INBOUND_ICMP_ERROR_V4_DISCARD, FWPS_LAYER_INBOUND_ICMP_ERROR_V6, // 30 FWPS_LAYER_INBOUND_ICMP_ERROR_V6_DISCARD, FWPS_LAYER_OUTBOUND_ICMP_ERROR_V4, FWPS_LAYER_OUTBOUND_ICMP_ERROR_V4_DISCARD, FWPS_LAYER_OUTBOUND_ICMP_ERROR_V6, FWPS_LAYER_OUTBOUND_ICMP_ERROR_V6_DISCARD, // 35 FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V4, FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V4_DISCARD, FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V6, FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V6_DISCARD, FWPS_LAYER_ALE_AUTH_LISTEN_V4, // 40 FWPS_LAYER_ALE_AUTH_LISTEN_V4_DISCARD, FWPS_LAYER_ALE_AUTH_LISTEN_V6, FWPS_LAYER_ALE_AUTH_LISTEN_V6_DISCARD, FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V4, FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V4_DISCARD, // 45 FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V6, FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V6_DISCARD, FWPS_LAYER_ALE_AUTH_CONNECT_V4, FWPS_LAYER_ALE_AUTH_CONNECT_V4_DISCARD, FWPS_LAYER_ALE_AUTH_CONNECT_V6, // 50 FWPS_LAYER_ALE_AUTH_CONNECT_V6_DISCARD, FWPS_LAYER_ALE_FLOW_ESTABLISHED_V4, FWPS_LAYER_ALE_FLOW_ESTABLISHED_V4_DISCARD, FWPS_LAYER_ALE_FLOW_ESTABLISHED_V6, FWPS_LAYER_ALE_FLOW_ESTABLISHED_V6_DISCARD, // 55 #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_LAYER_INBOUND_MAC_FRAME_ETHERNET, FWPS_LAYER_OUTBOUND_MAC_FRAME_ETHERNET, #if (NTDDI_VERSION == NTDDI_WIN7) FWPS_LAYER_RESERVED1_V4, FWPS_LAYER_RESERVED1_V6, #else FWPS_LAYER_INBOUND_MAC_FRAME_NATIVE, FWPS_LAYER_OUTBOUND_MAC_FRAME_NATIVE, #endif FWPS_LAYER_NAME_RESOLUTION_CACHE_V4, // 60 FWPS_LAYER_NAME_RESOLUTION_CACHE_V6, FWPS_LAYER_ALE_RESOURCE_RELEASE_V4, FWPS_LAYER_ALE_RESOURCE_RELEASE_V6, FWPS_LAYER_ALE_ENDPOINT_CLOSURE_V4, FWPS_LAYER_ALE_ENDPOINT_CLOSURE_V6, // 65 FWPS_LAYER_ALE_CONNECT_REDIRECT_V4, FWPS_LAYER_ALE_CONNECT_REDIRECT_V6, FWPS_LAYER_ALE_BIND_REDIRECT_V4, FWPS_LAYER_ALE_BIND_REDIRECT_V6, FWPS_LAYER_STREAM_PACKET_V4, // 70 FWPS_LAYER_STREAM_PACKET_V6, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_LAYER_INGRESS_VSWITCH_ETHERNET, FWPS_LAYER_EGRESS_VSWITCH_ETHERNET, FWPS_LAYER_INGRESS_VSWITCH_TRANSPORT_V4, FWPS_LAYER_INGRESS_VSWITCH_TRANSPORT_V6, // 75 FWPS_LAYER_EGRESS_VSWITCH_TRANSPORT_V4, FWPS_LAYER_EGRESS_VSWITCH_TRANSPORT_V6, #if (NTDDI_VERSION >= NTDDI_WINBLUE) FWPS_LAYER_INBOUND_TRANSPORT_FAST, FWPS_LAYER_OUTBOUND_TRANSPORT_FAST, FWPS_LAYER_INBOUND_MAC_FRAME_NATIVE_FAST, // 80 FWPS_LAYER_OUTBOUND_MAC_FRAME_NATIVE_FAST, #if (NTDDI_VERSION >= NTDDI_WIN10_RS3) FWPS_LAYER_INBOUND_RESERVED2, #if (NTDDI_VERSION >= NTDDI_WIN10_FE) FWPS_LAYER_RESERVED_LAYER_9, FWPS_LAYER_RESERVED_LAYER_10, #if (NTDDI_VERSION >= NTDDI_WIN10_NI) FWPS_LAYER_OUTBOUND_NETWORK_CONNECTION_POLICY_V4, // 85 FWPS_LAYER_OUTBOUND_NETWORK_CONNECTION_POLICY_V6, #endif // (NTDDI_VERSION >= NTDDI_WIN10_NI) #endif // (NTDDI_VERSION >= NTDDI_WIN10_FE) #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS3) #endif // (NTDDI_VERSION >= NTDDI_WINBLUE) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN7) // User-mode layers FWPS_LAYER_IPSEC_KM_DEMUX_V4, // 87 FWPS_LAYER_IPSEC_KM_DEMUX_V6, FWPS_LAYER_IPSEC_V4, FWPS_LAYER_IPSEC_V6, // 90 FWPS_LAYER_IKEEXT_V4, FWPS_LAYER_IKEEXT_V6, FWPS_LAYER_RPC_UM, FWPS_LAYER_RPC_EPMAP, FWPS_LAYER_RPC_EP_ADD, // 95 FWPS_LAYER_RPC_PROXY_CONN, FWPS_LAYER_RPC_PROXY_IF, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_LAYER_KM_AUTHORIZATION, #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_BUILTIN_LAYER_MAX, // 99 } FWPS_BUILTIN_LAYERS; #define FWPS_BUILTIN_KM_LAYER_MAX FWPS_LAYER_IPSEC_KM_DEMUX_V4 /////////////////////////////////////////////////////////////////////////////// // // LUIDs for built-in fields. // /////////////////////////////////////////////////////////////////////////////// typedef enum FWPS_FIELDS_INBOUND_IPPACKET_V4_ { FWPS_FIELD_INBOUND_IPPACKET_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_INBOUND_IPPACKET_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_INBOUND_IPPACKET_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_INBOUND_IPPACKET_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_INBOUND_IPPACKET_V4_INTERFACE_INDEX, FWPS_FIELD_INBOUND_IPPACKET_V4_SUB_INTERFACE_INDEX, FWPS_FIELD_INBOUND_IPPACKET_V4_FLAGS, FWPS_FIELD_INBOUND_IPPACKET_V4_INTERFACE_TYPE, FWPS_FIELD_INBOUND_IPPACKET_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_IPPACKET_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_IPPACKET_V4_MAX } FWPS_FIELDS_INBOUND_IPPACKET_V4; typedef enum FWPS_FIELDS_INBOUND_IPPACKET_V6_ { FWPS_FIELD_INBOUND_IPPACKET_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_INBOUND_IPPACKET_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_INBOUND_IPPACKET_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_INBOUND_IPPACKET_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_INBOUND_IPPACKET_V6_INTERFACE_INDEX, FWPS_FIELD_INBOUND_IPPACKET_V6_SUB_INTERFACE_INDEX, FWPS_FIELD_INBOUND_IPPACKET_V6_FLAGS, FWPS_FIELD_INBOUND_IPPACKET_V6_INTERFACE_TYPE, FWPS_FIELD_INBOUND_IPPACKET_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_IPPACKET_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_IPPACKET_V6_MAX } FWPS_FIELDS_INBOUND_IPPACKET_V6; typedef enum FWPS_FIELDS_OUTBOUND_IPPACKET_V4_ { FWPS_FIELD_OUTBOUND_IPPACKET_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_OUTBOUND_IPPACKET_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_IPPACKET_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_OUTBOUND_IPPACKET_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_OUTBOUND_IPPACKET_V4_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_IPPACKET_V4_SUB_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_IPPACKET_V4_FLAGS, FWPS_FIELD_OUTBOUND_IPPACKET_V4_INTERFACE_TYPE, FWPS_FIELD_OUTBOUND_IPPACKET_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_IPPACKET_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_IPPACKET_V4_MAX } FWPS_FIELDS_OUTBOUND_IPPACKET_V4; typedef enum FWPS_FIELDS_OUTBOUND_IPPACKET_V6_ { FWPS_FIELD_OUTBOUND_IPPACKET_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_OUTBOUND_IPPACKET_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_IPPACKET_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_OUTBOUND_IPPACKET_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_OUTBOUND_IPPACKET_V6_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_IPPACKET_V6_SUB_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_IPPACKET_V6_FLAGS, FWPS_FIELD_OUTBOUND_IPPACKET_V6_INTERFACE_TYPE, FWPS_FIELD_OUTBOUND_IPPACKET_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_IPPACKET_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_IPPACKET_V6_MAX } FWPS_FIELDS_OUTBOUND_IPPACKET_V6; typedef enum FWPS_FIELDS_IPFORWARD_V4_ { FWPS_FIELD_IPFORWARD_V4_IP_SOURCE_ADDRESS, FWPS_FIELD_IPFORWARD_V4_IP_DESTINATION_ADDRESS, FWPS_FIELD_IPFORWARD_V4_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_IPFORWARD_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_IPFORWARD_V4_IP_FORWARD_INTERFACE, FWPS_FIELD_IPFORWARD_V4_SOURCE_INTERFACE_INDEX, FWPS_FIELD_IPFORWARD_V4_SOURCE_SUB_INTERFACE_INDEX, FWPS_FIELD_IPFORWARD_V4_DESTINATION_INTERFACE_INDEX, FWPS_FIELD_IPFORWARD_V4_DESTINATION_SUB_INTERFACE_INDEX, FWPS_FIELD_IPFORWARD_V4_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IPFORWARD_V4_IP_PHYSICAL_ARRIVAL_INTERFACE, FWPS_FIELD_IPFORWARD_V4_ARRIVAL_INTERFACE_PROFILE_ID, FWPS_FIELD_IPFORWARD_V4_IP_PHYSICAL_NEXTHOP_INTERFACE, FWPS_FIELD_IPFORWARD_V4_NEXTHOP_INTERFACE_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_IPFORWARD_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IPFORWARD_V4_MAX } FWPS_FIELDS_IPFORWARD_V4; typedef enum FWPS_FIELDS_IPFORWARD_V6_ { FWPS_FIELD_IPFORWARD_V6_IP_SOURCE_ADDRESS, FWPS_FIELD_IPFORWARD_V6_IP_DESTINATION_ADDRESS, FWPS_FIELD_IPFORWARD_V6_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_IPFORWARD_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_IPFORWARD_V6_IP_FORWARD_INTERFACE, FWPS_FIELD_IPFORWARD_V6_SOURCE_INTERFACE_INDEX, FWPS_FIELD_IPFORWARD_V6_SOURCE_SUB_INTERFACE_INDEX, FWPS_FIELD_IPFORWARD_V6_DESTINATION_INTERFACE_INDEX, FWPS_FIELD_IPFORWARD_V6_DESTINATION_SUB_INTERFACE_INDEX, FWPS_FIELD_IPFORWARD_V6_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IPFORWARD_V6_IP_PHYSICAL_ARRIVAL_INTERFACE, FWPS_FIELD_IPFORWARD_V6_ARRIVAL_INTERFACE_PROFILE_ID, FWPS_FIELD_IPFORWARD_V6_IP_PHYSICAL_NEXTHOP_INTERFACE, FWPS_FIELD_IPFORWARD_V6_NEXTHOP_INTERFACE_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_IPFORWARD_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IPFORWARD_V6_MAX } FWPS_FIELDS_IPFORWARD_V6; typedef enum FWPS_FIELDS_INBOUND_TRANSPORT_V4_ { FWPS_FIELD_INBOUND_TRANSPORT_V4_IP_PROTOCOL, FWPS_FIELD_INBOUND_TRANSPORT_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_INBOUND_TRANSPORT_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_INBOUND_TRANSPORT_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_INBOUND_TRANSPORT_V4_IP_LOCAL_PORT, FWPS_FIELD_INBOUND_TRANSPORT_V4_IP_REMOTE_PORT, FWPS_FIELD_INBOUND_TRANSPORT_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_INBOUND_TRANSPORT_V4_INTERFACE_INDEX, FWPS_FIELD_INBOUND_TRANSPORT_V4_SUB_INTERFACE_INDEX, FWPS_FIELD_INBOUND_TRANSPORT_V4_FLAGS, FWPS_FIELD_INBOUND_TRANSPORT_V4_INTERFACE_TYPE, FWPS_FIELD_INBOUND_TRANSPORT_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_INBOUND_TRANSPORT_V4_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_INBOUND_TRANSPORT_V4_IPSEC_SECURITY_REALM_ID, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_TRANSPORT_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_INBOUND_TRANSPORT_V4_MAX } FWPS_FIELDS_INBOUND_TRANSPORT_V4; #if (NTDDI_VERSION >= NTDDI_WINBLUE) typedef enum FWPS_FIELDS_INBOUND_TRANSPORT_FAST { FWPS_FIELD_INBOUND_TRANSPORT_FAST_MAX } FWPS_FIELDS_INBOUND_TRANSPORT_FAST; typedef enum FWPS_FIELDS_OUTBOUND_TRANSPORT_FAST { FWPS_FIELD_OUTBOUND_TRANSPORT_FAST_MAX } FWPS_FIELDS_OUTBOUND_TRANSPORT_FAST; #endif //(NTDDI_VERSION >= NTDDI_WINBLUE) #define FWPS_FIELD_INBOUND_TRANSPORT_V4_ICMP_TYPE \ FWPS_FIELD_INBOUND_TRANSPORT_V4_IP_LOCAL_PORT #define FWPS_FIELD_INBOUND_TRANSPORT_V4_ICMP_CODE \ FWPS_FIELD_INBOUND_TRANSPORT_V4_IP_REMOTE_PORT typedef enum FWPS_FIELDS_INBOUND_TRANSPORT_V6_ { FWPS_FIELD_INBOUND_TRANSPORT_V6_IP_PROTOCOL, FWPS_FIELD_INBOUND_TRANSPORT_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_INBOUND_TRANSPORT_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_INBOUND_TRANSPORT_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_INBOUND_TRANSPORT_V6_IP_LOCAL_PORT, FWPS_FIELD_INBOUND_TRANSPORT_V6_IP_REMOTE_PORT, FWPS_FIELD_INBOUND_TRANSPORT_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_INBOUND_TRANSPORT_V6_INTERFACE_INDEX, FWPS_FIELD_INBOUND_TRANSPORT_V6_SUB_INTERFACE_INDEX, FWPS_FIELD_INBOUND_TRANSPORT_V6_FLAGS, FWPS_FIELD_INBOUND_TRANSPORT_V6_INTERFACE_TYPE, FWPS_FIELD_INBOUND_TRANSPORT_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_INBOUND_TRANSPORT_V6_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_INBOUND_TRANSPORT_V6_IPSEC_SECURITY_REALM_ID, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_TRANSPORT_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_INBOUND_TRANSPORT_V6_MAX } FWPS_FIELDS_INBOUND_TRANSPORT_V6; #define FWPS_FIELD_INBOUND_TRANSPORT_V6_ICMP_TYPE \ FWPS_FIELD_INBOUND_TRANSPORT_V6_IP_LOCAL_PORT #define FWPS_FIELD_INBOUND_TRANSPORT_V6_ICMP_CODE \ FWPS_FIELD_INBOUND_TRANSPORT_V6_IP_REMOTE_PORT typedef enum FWPS_FIELDS_OUTBOUND_TRANSPORT_V4_ { FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_PROTOCOL, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_LOCAL_PORT, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_REMOTE_PORT, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_SUB_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_FLAGS, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_INTERFACE_TYPE, FWPS_FIELD_OUTBOUND_TRANSPORT_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_OUTBOUND_TRANSPORT_V4_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IPSEC_SECURITY_REALM_ID, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_TRANSPORT_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_OUTBOUND_TRANSPORT_V4_MAX } FWPS_FIELDS_OUTBOUND_TRANSPORT_V4; #define FWPS_FIELD_OUTBOUND_TRANSPORT_V4_ICMP_TYPE \ FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_LOCAL_PORT #define FWPS_FIELD_OUTBOUND_TRANSPORT_V4_ICMP_CODE \ FWPS_FIELD_OUTBOUND_TRANSPORT_V4_IP_REMOTE_PORT typedef enum FWPS_FIELDS_OUTBOUND_TRANSPORT_V6_ { FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_PROTOCOL, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_LOCAL_PORT, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_REMOTE_PORT, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_SUB_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_FLAGS, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_INTERFACE_TYPE, FWPS_FIELD_OUTBOUND_TRANSPORT_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_OUTBOUND_TRANSPORT_V6_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IPSEC_SECURITY_REALM_ID, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_TRANSPORT_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_OUTBOUND_TRANSPORT_V6_MAX } FWPS_FIELDS_OUTBOUND_TRANSPORT_V6; #define FWPS_FIELD_OUTBOUND_TRANSPORT_V6_ICMP_TYPE \ FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_LOCAL_PORT #define FWPS_FIELD_OUTBOUND_TRANSPORT_V6_ICMP_CODE \ FWPS_FIELD_OUTBOUND_TRANSPORT_V6_IP_REMOTE_PORT typedef enum FWPS_FIELDS_STREAM_V4_ { FWPS_FIELD_STREAM_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_STREAM_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_STREAM_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_STREAM_V4_IP_LOCAL_PORT, FWPS_FIELD_STREAM_V4_IP_REMOTE_PORT, FWPS_FIELD_STREAM_V4_DIRECTION, #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_STREAM_V4_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_STREAM_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_STREAM_V4_MAX } FWPS_FIELDS_STREAM_V4; typedef enum FWPS_FIELDS_STREAM_V6_ { FWPS_FIELD_STREAM_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_STREAM_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_STREAM_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_STREAM_V6_IP_LOCAL_PORT, FWPS_FIELD_STREAM_V6_IP_REMOTE_PORT, FWPS_FIELD_STREAM_V6_DIRECTION, #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_STREAM_V6_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_STREAM_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_STREAM_V6_MAX } FWPS_FIELDS_STREAM_V6; typedef enum FWPS_FIELDS_DATAGRAM_DATA_V4_ { FWPS_FIELD_DATAGRAM_DATA_V4_IP_PROTOCOL, FWPS_FIELD_DATAGRAM_DATA_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_DATAGRAM_DATA_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_DATAGRAM_DATA_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_DATAGRAM_DATA_V4_IP_LOCAL_PORT, FWPS_FIELD_DATAGRAM_DATA_V4_IP_REMOTE_PORT, FWPS_FIELD_DATAGRAM_DATA_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_DATAGRAM_DATA_V4_INTERFACE_INDEX, FWPS_FIELD_DATAGRAM_DATA_V4_SUB_INTERFACE_INDEX, FWPS_FIELD_DATAGRAM_DATA_V4_DIRECTION, FWPS_FIELD_DATAGRAM_DATA_V4_FLAGS, FWPS_FIELD_DATAGRAM_DATA_V4_INTERFACE_TYPE, FWPS_FIELD_DATAGRAM_DATA_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_DATAGRAM_DATA_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_DATAGRAM_DATA_V4_MAX } FWPS_FIELDS_DATAGRAM_DATA_V4; #define FWPS_FIELD_DATAGRAM_DATA_V4_ICMP_TYPE \ FWPS_FIELD_DATAGRAM_DATA_V4_IP_LOCAL_PORT #define FWPS_FIELD_DATAGRAM_DATA_V4_ICMP_CODE \ FWPS_FIELD_DATAGRAM_DATA_V4_IP_REMOTE_PORT typedef enum FWPS_FIELDS_DATAGRAM_DATA_V6_ { FWPS_FIELD_DATAGRAM_DATA_V6_IP_PROTOCOL, FWPS_FIELD_DATAGRAM_DATA_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_DATAGRAM_DATA_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_DATAGRAM_DATA_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_DATAGRAM_DATA_V6_IP_LOCAL_PORT, FWPS_FIELD_DATAGRAM_DATA_V6_IP_REMOTE_PORT, FWPS_FIELD_DATAGRAM_DATA_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_DATAGRAM_DATA_V6_INTERFACE_INDEX, FWPS_FIELD_DATAGRAM_DATA_V6_SUB_INTERFACE_INDEX, FWPS_FIELD_DATAGRAM_DATA_V6_DIRECTION, FWPS_FIELD_DATAGRAM_DATA_V6_FLAGS, FWPS_FIELD_DATAGRAM_DATA_V6_INTERFACE_TYPE, FWPS_FIELD_DATAGRAM_DATA_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_DATAGRAM_DATA_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_DATAGRAM_DATA_V6_MAX } FWPS_FIELDS_DATAGRAM_DATA_V6; #define FWPS_FIELD_DATAGRAM_DATA_V6_ICMP_TYPE \ FWPS_FIELD_DATAGRAM_DATA_V6_IP_LOCAL_PORT #define FWPS_FIELD_DATAGRAM_DATA_V6_ICMP_CODE \ FWPS_FIELD_DATAGRAM_DATA_V6_IP_REMOTE_PORT #if (NTDDI_VERSION >= NTDDI_WIN7) typedef enum FWPS_FIELDS_STREAM_PACKET_V4_ { FWPS_FIELD_STREAM_PACKET_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_STREAM_PACKET_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_STREAM_PACKET_V4_IP_LOCAL_PORT, FWPS_FIELD_STREAM_PACKET_V4_IP_REMOTE_PORT, FWPS_FIELD_STREAM_PACKET_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_STREAM_PACKET_V4_INTERFACE_INDEX, FWPS_FIELD_STREAM_PACKET_V4_SUB_INTERFACE_INDEX, FWPS_FIELD_STREAM_PACKET_V4_DIRECTION, FWPS_FIELD_STREAM_PACKET_V4_FLAGS, FWPS_FIELD_STREAM_PACKET_V4_INTERFACE_TYPE, FWPS_FIELD_STREAM_PACKET_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_STREAM_PACKET_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_STREAM_PACKET_V4_MAX } FWPS_FIELDS_STREAM_PACKET_V4; typedef enum FWPS_FIELDS_STREAM_PACKET_V6_ { FWPS_FIELD_STREAM_PACKET_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_STREAM_PACKET_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_STREAM_PACKET_V6_IP_LOCAL_PORT, FWPS_FIELD_STREAM_PACKET_V6_IP_REMOTE_PORT, FWPS_FIELD_STREAM_PACKET_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_STREAM_PACKET_V6_INTERFACE_INDEX, FWPS_FIELD_STREAM_PACKET_V6_SUB_INTERFACE_INDEX, FWPS_FIELD_STREAM_PACKET_V6_DIRECTION, FWPS_FIELD_STREAM_PACKET_V6_FLAGS, FWPS_FIELD_STREAM_PACKET_V6_INTERFACE_TYPE, FWPS_FIELD_STREAM_PACKET_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_STREAM_PACKET_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_STREAM_PACKET_V6_MAX } FWPS_FIELDS_STREAM_PACKET_V6; #endif // (NTDDI_VERSION >= NTDDI_WIN7) typedef enum FWPS_FIELDS_INBOUND_ICMP_ERROR_V4_ { FWPS_FIELD_INBOUND_ICMP_ERROR_V4_EMBEDDED_PROTOCOL, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_EMBEDDED_REMOTE_ADDRESS, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_EMBEDDED_LOCAL_ADDRESS_TYPE, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_EMBEDDED_LOCAL_PORT, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_EMBEDDED_REMOTE_PORT, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_ICMP_TYPE, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_ICMP_CODE, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_INTERFACE_INDEX, // of local/delivery interface FWPS_FIELD_INBOUND_ICMP_ERROR_V4_SUB_INTERFACE_INDEX, // of arrival interface FWPS_FIELD_INBOUND_ICMP_ERROR_V4_INTERFACE_TYPE, // of local/delivery interface FWPS_FIELD_INBOUND_ICMP_ERROR_V4_TUNNEL_TYPE, // of local/delivery interface #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_INBOUND_ICMP_ERROR_V4_IP_ARRIVAL_INTERFACE, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_ARRIVAL_INTERFACE_INDEX, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_ARRIVAL_INTERFACE_TYPE, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_ARRIVAL_TUNNEL_TYPE, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_INBOUND_ICMP_ERROR_V4_ARRIVAL_INTERFACE_PROFILE_ID, FWPS_FIELD_INBOUND_ICMP_ERROR_V4_INTERFACE_QUARANTINE_EPOCH, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_ICMP_ERROR_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_INBOUND_ICMP_ERROR_V4_MAX } FWPS_FIELDS_INBOUND_ICMP_ERROR_V4; #if (NTDDI_VERSION >= NTDDI_WIN6SP1) #define FWPS_FIELD_INBOUND_ICMP_ERROR_V4_LOCAL_INTERFACE_INDEX \ FWPS_FIELD_INBOUND_ICMP_ERROR_V4_INTERFACE_INDEX #define FWPS_FIELD_INBOUND_ICMP_ERROR_V4_ARRIVAL_SUB_INTERFACE_INDEX \ FWPS_FIELD_INBOUND_ICMP_ERROR_V4_SUB_INTERFACE_INDEX #define FWPS_FIELD_INBOUND_ICMP_ERROR_V4_LOCAL_INTERFACE_TYPE \ FWPS_FIELD_INBOUND_ICMP_ERROR_V4_INTERFACE_TYPE #define FWPS_FIELD_INBOUND_ICMP_ERROR_V4_LOCAL_TUNNEL_TYPE \ FWPS_FIELD_INBOUND_ICMP_ERROR_V4_TUNNEL_TYPE #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) typedef enum FWPS_FIELDS_INBOUND_ICMP_ERROR_V6_ { FWPS_FIELD_INBOUND_ICMP_ERROR_V6_EMBEDDED_PROTOCOL, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_EMBEDDED_REMOTE_ADDRESS, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_EMBEDDED_LOCAL_ADDRESS_TYPE, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_EMBEDDED_LOCAL_PORT, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_EMBEDDED_REMOTE_PORT, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_ICMP_TYPE, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_ICMP_CODE, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_INTERFACE_INDEX, // of local/delivery interface FWPS_FIELD_INBOUND_ICMP_ERROR_V6_SUB_INTERFACE_INDEX, // of arrival interface FWPS_FIELD_INBOUND_ICMP_ERROR_V6_INTERFACE_TYPE, // of local/delivery interface FWPS_FIELD_INBOUND_ICMP_ERROR_V6_TUNNEL_TYPE, // of local/delivery interface #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_INBOUND_ICMP_ERROR_V6_IP_ARRIVAL_INTERFACE, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_ARRIVAL_INTERFACE_INDEX, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_ARRIVAL_INTERFACE_TYPE, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_ARRIVAL_TUNNEL_TYPE, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_INBOUND_ICMP_ERROR_V6_ARRIVAL_INTERFACE_PROFILE_ID, FWPS_FIELD_INBOUND_ICMP_ERROR_V6_INTERFACE_QUARANTINE_EPOCH, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_ICMP_ERROR_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_INBOUND_ICMP_ERROR_V6_MAX } FWPS_FIELDS_INBOUND_ICMP_ERROR_V6; #if (NTDDI_VERSION >= NTDDI_WIN6SP1) #define FWPS_FIELD_INBOUND_ICMP_ERROR_V6_LOCAL_INTERFACE_INDEX \ FWPS_FIELD_INBOUND_ICMP_ERROR_V6_INTERFACE_INDEX #define FWPS_FIELD_INBOUND_ICMP_ERROR_V6_ARRIVAL_SUB_INTERFACE_INDEX \ FWPS_FIELD_INBOUND_ICMP_ERROR_V6_SUB_INTERFACE_INDEX #define FWPS_FIELD_INBOUND_ICMP_ERROR_V6_LOCAL_INTERFACE_TYPE \ FWPS_FIELD_INBOUND_ICMP_ERROR_V6_INTERFACE_TYPE #define FWPS_FIELD_INBOUND_ICMP_ERROR_V6_LOCAL_TUNNEL_TYPE \ FWPS_FIELD_INBOUND_ICMP_ERROR_V6_TUNNEL_TYPE #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) typedef enum FWPS_FIELDS_OUTBOUND_ICMP_ERROR_V4_ { FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_ICMP_TYPE, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_ICMP_CODE, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_SUB_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_INTERFACE_TYPE, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_NEXTHOP_INTERFACE_PROFILE_ID, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_INTERFACE_QUARANTINE_EPOCH, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_OUTBOUND_ICMP_ERROR_V4_MAX } FWPS_FIELDS_OUTBOUND_ICMP_ERROR_V4; typedef enum FWPS_FIELDS_OUTBOUND_ICMP_ERROR_V6_ { FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_IP_LOCAL_PORT, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_IP_REMOTE_PORT, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_SUB_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_INTERFACE_TYPE, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_NEXTHOP_INTERFACE_PROFILE_ID, FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_INTERFACE_QUARANTINE_EPOCH, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_MAX } FWPS_FIELDS_OUTBOUND_ICMP_ERROR_V6; #define FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_ICMP_TYPE \ FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_IP_LOCAL_PORT #define FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_ICMP_CODE \ FWPS_FIELD_OUTBOUND_ICMP_ERROR_V6_IP_REMOTE_PORT typedef enum FWPS_FIELDS_ALE_RESOURCE_ASSIGNMENT_V4_ { FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_ALE_APP_ID, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_ALE_USER_ID, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_IP_LOCAL_PORT, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_IP_PROTOCOL, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_ALE_PROMISCUOUS_MODE, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_FLAGS, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_INTERFACE_TYPE, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_LOCAL_INTERFACE_PROFILE_ID, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_SIO_FIREWALL_SOCKET_PROPERTY, #endif // (NTDDI_VERSION >= NTDDI_WIN7) #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif //(NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN10_RS5) // // These reserved fields MUST be in this order. DO NOT change their order // FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_RESERVED_0, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_RESERVED_1, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS5) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V4_MAX } FWPS_FIELDS_ALE_RESOURCE_ASSIGNMENT_V4; typedef enum FWPS_FIELDS_ALE_RESOURCE_ASSIGNMENT_V6_ { FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_ALE_APP_ID, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_ALE_USER_ID, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_IP_LOCAL_PORT, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_IP_PROTOCOL, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_ALE_PROMISCUOUS_MODE, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_FLAGS, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_INTERFACE_TYPE, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_LOCAL_INTERFACE_PROFILE_ID, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_SIO_FIREWALL_SOCKET_PROPERTY, #endif // (NTDDI_VERSION >= NTDDI_WIN7) #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif //(NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN10_RS5) // // These reserved fields MUST be in this order. DO NOT change their order // FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_RESERVED_0, FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_RESERVED_1, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS5) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_RESOURCE_ASSIGNMENT_V6_MAX } FWPS_FIELDS_ALE_RESOURCE_ASSIGNMENT_V6; #if (NTDDI_VERSION >= NTDDI_WIN7) typedef enum FWPS_FIELDS_ALE_RESOURCE_RELEASE_V4_ { FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_ALE_APP_ID, FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_ALE_USER_ID, FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_IP_LOCAL_PORT, FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_IP_PROTOCOL, FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif //(NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_RESOURCE_RELEASE_V4_MAX } FWPS_FIELDS_ALE_RESOURCE_RELEASE_V4; typedef enum FWPS_FIELDS_ALE_RESOURCE_RELEASE_V6_ { FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_ALE_APP_ID, FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_ALE_USER_ID, FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_IP_LOCAL_PORT, FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_IP_PROTOCOL, FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif //(NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_RESOURCE_RELEASE_V6_MAX } FWPS_FIELDS_ALE_RESOURCE_RELEASE_V6; typedef enum FWPS_FIELDS_ALE_ENDPOINT_CLOSURE_V4_ { FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_ALE_APP_ID, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_ALE_USER_ID, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_IP_LOCAL_PORT, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_IP_PROTOCOL, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_IP_REMOTE_PORT, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif //(NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V4_MAX } FWPS_FIELDS_ALE_ENDPOINT_CLOSURE_V4; typedef enum FWPS_FIELDS_ALE_ENDPOINT_CLOSURE_V6_ { FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_ALE_APP_ID, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_ALE_USER_ID, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_IP_LOCAL_PORT, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_IP_PROTOCOL, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_IP_REMOTE_PORT, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif //(NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_ENDPOINT_CLOSURE_V6_MAX } FWPS_FIELDS_ALE_ENDPOINT_CLOSURE_V6; #endif // (NTDDI_VERSION >= NTDDI_WIN7) typedef enum FWPS_FIELDS_ALE_AUTH_LISTEN_V4_ { FWPS_FIELD_ALE_AUTH_LISTEN_V4_ALE_APP_ID, FWPS_FIELD_ALE_AUTH_LISTEN_V4_ALE_USER_ID, FWPS_FIELD_ALE_AUTH_LISTEN_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_AUTH_LISTEN_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_AUTH_LISTEN_V4_IP_LOCAL_PORT, FWPS_FIELD_ALE_AUTH_LISTEN_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_AUTH_LISTEN_V4_FLAGS, FWPS_FIELD_ALE_AUTH_LISTEN_V4_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_LISTEN_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_ALE_AUTH_LISTEN_V4_LOCAL_INTERFACE_PROFILE_ID, FWPS_FIELD_ALE_AUTH_LISTEN_V4_SIO_FIREWALL_SOCKET_PROPERTY, #endif // (NTDDI_VERSION >= NTDDI_WIN7) #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_AUTH_LISTEN_V4_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_AUTH_LISTEN_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_AUTH_LISTEN_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif //(NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_LISTEN_V4_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_LISTEN_V4_MAX } FWPS_FIELDS_ALE_AUTH_LISTEN_V4; typedef enum FWPS_FIELDS_ALE_AUTH_LISTEN_V6_ { FWPS_FIELD_ALE_AUTH_LISTEN_V6_ALE_APP_ID, FWPS_FIELD_ALE_AUTH_LISTEN_V6_ALE_USER_ID, FWPS_FIELD_ALE_AUTH_LISTEN_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_AUTH_LISTEN_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_AUTH_LISTEN_V6_IP_LOCAL_PORT, FWPS_FIELD_ALE_AUTH_LISTEN_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_AUTH_LISTEN_V6_FLAGS, FWPS_FIELD_ALE_AUTH_LISTEN_V6_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_LISTEN_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_ALE_AUTH_LISTEN_V6_LOCAL_INTERFACE_PROFILE_ID, FWPS_FIELD_ALE_AUTH_LISTEN_V6_SIO_FIREWALL_SOCKET_PROPERTY, #endif // (NTDDI_VERSION >= NTDDI_WIN7) #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_AUTH_LISTEN_V6_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_AUTH_LISTEN_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_AUTH_LISTEN_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif //(NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_LISTEN_V6_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_LISTEN_V6_MAX } FWPS_FIELDS_ALE_AUTH_LISTEN_V6; typedef enum FWPS_FIELDS_ALE_AUTH_RECV_ACCEPT_V4_ { FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ALE_APP_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ALE_USER_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_LOCAL_PORT, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_PROTOCOL, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_REMOTE_PORT, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ALE_REMOTE_USER_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ALE_REMOTE_MACHINE_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_FLAGS, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_SIO_FIREWALL_SYSTEM_PORT, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_NAP_CONTEXT, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_INTERFACE_TYPE, // of local/delivery interface FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_TUNNEL_TYPE, // of local/delivery interface FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_INTERFACE_INDEX, // of local/delivery interface FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_SUB_INTERFACE_INDEX, // of arrival interface #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_ARRIVAL_INTERFACE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ARRIVAL_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ARRIVAL_TUNNEL_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ARRIVAL_INTERFACE_INDEX, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_NEXTHOP_SUB_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_NEXTHOP_INTERFACE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_NEXTHOP_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_NEXTHOP_TUNNEL_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_NEXTHOP_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ORIGINAL_PROFILE_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_CURRENT_PROFILE_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_REAUTHORIZE_REASON, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ORIGINAL_ICMP_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_INTERFACE_QUARANTINE_EPOCH, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) #if (NTDDI_VERSION >= NTDDI_WIN10_RS5) // // These reserved fields MUST be in this order. DO NOT change their order // FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_RESERVED_0, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_RESERVED_1, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_RESERVED_2, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_RESERVED_3, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS5) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_MAX } FWPS_FIELDS_ALE_AUTH_RECV_ACCEPT_V4; #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ICMP_TYPE \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_LOCAL_PORT #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ICMP_CODE \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_IP_REMOTE_PORT #if (NTDDI_VERSION >= NTDDI_WIN6SP1) #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_LOCAL_INTERFACE_TYPE \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_INTERFACE_TYPE #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_LOCAL_TUNNEL_TYPE \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_TUNNEL_TYPE #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_LOCAL_INTERFACE_INDEX \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_INTERFACE_INDEX #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_ARRIVAL_SUB_INTERFACE_INDEX \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_SUB_INTERFACE_INDEX #if (NTDDI_VERSION >= NTDDI_WIN7) #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_SIO_FIREWALL_SOCKET_PROPERTY \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V4_SIO_FIREWALL_SYSTEM_PORT #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) typedef enum FWPS_FIELDS_ALE_AUTH_RECV_ACCEPT_V6_ { FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ALE_APP_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ALE_USER_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_LOCAL_PORT, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_PROTOCOL, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_REMOTE_PORT, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ALE_REMOTE_USER_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ALE_REMOTE_MACHINE_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_FLAGS, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_SIO_FIREWALL_SYSTEM_PORT, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_NAP_CONTEXT, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_INTERFACE_TYPE, // of local/delivery interface FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_TUNNEL_TYPE, // of local/delivery interface FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_INTERFACE_INDEX, // of local/delivery interface FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_SUB_INTERFACE_INDEX, // of arrival interface #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_ARRIVAL_INTERFACE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ARRIVAL_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ARRIVAL_TUNNEL_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ARRIVAL_INTERFACE_INDEX, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_NEXTHOP_SUB_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_NEXTHOP_INTERFACE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_NEXTHOP_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_NEXTHOP_TUNNEL_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_NEXTHOP_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ORIGINAL_PROFILE_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_CURRENT_PROFILE_ID, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_REAUTHORIZE_REASON, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ORIGINAL_ICMP_TYPE, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_INTERFACE_QUARANTINE_EPOCH, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) #if (NTDDI_VERSION >= NTDDI_WIN10_RS5) // // These reserved fields MUST be in this order. DO NOT change their order // FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_RESERVED_0, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_RESERVED_1, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_RESERVED_2, FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_RESERVED_3, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS5) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_MAX } FWPS_FIELDS_ALE_AUTH_RECV_ACCEPT_V6; #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ICMP_TYPE \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_LOCAL_PORT #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ICMP_CODE \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_IP_REMOTE_PORT #if (NTDDI_VERSION >= NTDDI_WIN6SP1) #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_LOCAL_INTERFACE_TYPE \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_INTERFACE_TYPE #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_LOCAL_TUNNEL_TYPE \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_TUNNEL_TYPE #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_LOCAL_INTERFACE_INDEX \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_INTERFACE_INDEX #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_ARRIVAL_SUB_INTERFACE_INDEX \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_SUB_INTERFACE_INDEX #if (NTDDI_VERSION >= NTDDI_WIN7) #define FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_SIO_FIREWALL_SOCKET_PROPERTY \ FWPS_FIELD_ALE_AUTH_RECV_ACCEPT_V6_SIO_FIREWALL_SYSTEM_PORT #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) #if (NTDDI_VERSION >= NTDDI_WIN7) typedef enum FWPS_FIELDS_ALE_BIND_REDIRECT_V4_ { FWPS_FIELD_ALE_BIND_REDIRECT_V4_ALE_APP_ID, FWPS_FIELD_ALE_BIND_REDIRECT_V4_ALE_USER_ID, FWPS_FIELD_ALE_BIND_REDIRECT_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_BIND_REDIRECT_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_BIND_REDIRECT_V4_IP_LOCAL_PORT, FWPS_FIELD_ALE_BIND_REDIRECT_V4_IP_PROTOCOL, FWPS_FIELD_ALE_BIND_REDIRECT_V4_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_BIND_REDIRECT_V4_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_BIND_REDIRECT_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_BIND_REDIRECT_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_BIND_REDIRECT_V4_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_BIND_REDIRECT_V4_MAX } FWPS_FIELDS_ALE_BIND_REDIRECT_V4; typedef enum FWPS_FIELDS_ALE_BIND_REDIRECT_V6_ { FWPS_FIELD_ALE_BIND_REDIRECT_V6_ALE_APP_ID, FWPS_FIELD_ALE_BIND_REDIRECT_V6_ALE_USER_ID, FWPS_FIELD_ALE_BIND_REDIRECT_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_BIND_REDIRECT_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_BIND_REDIRECT_V6_IP_LOCAL_PORT, FWPS_FIELD_ALE_BIND_REDIRECT_V6_IP_PROTOCOL, FWPS_FIELD_ALE_BIND_REDIRECT_V6_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_BIND_REDIRECT_V6_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_BIND_REDIRECT_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_BIND_REDIRECT_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_BIND_REDIRECT_V6_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_BIND_REDIRECT_V6_MAX } FWPS_FIELDS_ALE_BIND_REDIRECT_V6; typedef enum FWPS_FIELDS_ALE_CONNECT_REDIRECT_V4_ { FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_ALE_APP_ID, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_ALE_USER_ID, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_IP_LOCAL_PORT, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_IP_PROTOCOL, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_IP_REMOTE_PORT, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_ALE_ORIGINAL_APP_ID, FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_MAX } FWPS_FIELDS_ALE_CONNECT_REDIRECT_V4; #define FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_ICMP_TYPE \ FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_IP_LOCAL_PORT #define FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_ICMP_CODE \ FWPS_FIELD_ALE_CONNECT_REDIRECT_V4_IP_REMOTE_PORT typedef enum FWPS_FIELDS_ALE_CONNECT_REDIRECT_V6_ { FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_ALE_APP_ID, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_ALE_USER_ID, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_IP_LOCAL_PORT, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_IP_PROTOCOL, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_IP_REMOTE_PORT, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_ALE_ORIGINAL_APP_ID, FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_MAX } FWPS_FIELDS_ALE_CONNECT_REDIRECT_V6; #define FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_ICMP_TYPE \ FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_IP_LOCAL_PORT #define FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_ICMP_CODE \ FWPS_FIELD_ALE_CONNECT_REDIRECT_V6_IP_REMOTE_PORT #endif // (NTDDI_VERSION >= NTDDI_WIN7) typedef enum FWPS_FIELDS_ALE_AUTH_CONNECT_V4_ { FWPS_FIELD_ALE_AUTH_CONNECT_V4_ALE_APP_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ALE_USER_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_LOCAL_PORT, FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_PROTOCOL, FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_REMOTE_PORT, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ALE_REMOTE_USER_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ALE_REMOTE_MACHINE_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_FLAGS, FWPS_FIELD_ALE_AUTH_CONNECT_V4_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_ALE_AUTH_CONNECT_V4_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_CONNECT_V4_SUB_INTERFACE_INDEX, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_ARRIVAL_INTERFACE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ARRIVAL_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ARRIVAL_TUNNEL_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ARRIVAL_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_CONNECT_V4_NEXTHOP_SUB_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_NEXTHOP_INTERFACE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_NEXTHOP_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_NEXTHOP_TUNNEL_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_NEXTHOP_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ORIGINAL_PROFILE_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V4_CURRENT_PROFILE_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V4_REAUTHORIZE_REASON, FWPS_FIELD_ALE_AUTH_CONNECT_V4_PEER_NAME, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ORIGINAL_ICMP_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_INTERFACE_QUARANTINE_EPOCH, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_AUTH_CONNECT_V4_ALE_ORIGINAL_APP_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_AUTH_CONNECT_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, FWPS_FIELD_ALE_AUTH_CONNECT_V4_ALE_EFFECTIVE_NAME, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_AUTH_CONNECT_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) #if (NTDDI_VERSION >= NTDDI_WIN10_RS5) // // These reserved fields MUST be in this order. DO NOT change their order // FWPS_FIELD_ALE_AUTH_CONNECT_V4_RESERVED_0, FWPS_FIELD_ALE_AUTH_CONNECT_V4_RESERVED_1, FWPS_FIELD_ALE_AUTH_CONNECT_V4_RESERVED_2, FWPS_FIELD_ALE_AUTH_CONNECT_V4_RESERVED_3, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS5) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_CONNECT_V4_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_CONNECT_V4_MAX } FWPS_FIELDS_ALE_AUTH_CONNECT_V4; #define FWPS_FIELD_ALE_AUTH_CONNECT_V4_ICMP_TYPE \ FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_LOCAL_PORT #define FWPS_FIELD_ALE_AUTH_CONNECT_V4_ICMP_CODE \ FWPS_FIELD_ALE_AUTH_CONNECT_V4_IP_REMOTE_PORT typedef enum FWPS_FIELDS_ALE_AUTH_CONNECT_V6_ { FWPS_FIELD_ALE_AUTH_CONNECT_V6_ALE_APP_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ALE_USER_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_LOCAL_PORT, FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_PROTOCOL, FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_REMOTE_PORT, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ALE_REMOTE_USER_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ALE_REMOTE_MACHINE_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_FLAGS, FWPS_FIELD_ALE_AUTH_CONNECT_V6_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_ALE_AUTH_CONNECT_V6_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_CONNECT_V6_SUB_INTERFACE_INDEX, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_ARRIVAL_INTERFACE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ARRIVAL_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ARRIVAL_TUNNEL_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ARRIVAL_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_CONNECT_V6_NEXTHOP_SUB_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_NEXTHOP_INTERFACE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_NEXTHOP_INTERFACE_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_NEXTHOP_TUNNEL_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_NEXTHOP_INTERFACE_INDEX, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ORIGINAL_PROFILE_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V6_CURRENT_PROFILE_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V6_REAUTHORIZE_REASON, FWPS_FIELD_ALE_AUTH_CONNECT_V6_PEER_NAME, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ORIGINAL_ICMP_TYPE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_INTERFACE_QUARANTINE_EPOCH, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_AUTH_CONNECT_V6_ALE_ORIGINAL_APP_ID, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_AUTH_CONNECT_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, FWPS_FIELD_ALE_AUTH_CONNECT_V6_ALE_EFFECTIVE_NAME, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_AUTH_CONNECT_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) #if (NTDDI_VERSION >= NTDDI_WIN10_RS5) // // These reserved fields MUST be in this order. DO NOT change their order // FWPS_FIELD_ALE_AUTH_CONNECT_V6_RESERVED_0, FWPS_FIELD_ALE_AUTH_CONNECT_V6_RESERVED_1, FWPS_FIELD_ALE_AUTH_CONNECT_V6_RESERVED_2, FWPS_FIELD_ALE_AUTH_CONNECT_V6_RESERVED_3, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS5) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_CONNECT_V6_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_AUTH_CONNECT_V6_MAX } FWPS_FIELDS_ALE_AUTH_CONNECT_V6; #define FWPS_FIELD_ALE_AUTH_CONNECT_V6_ICMP_TYPE \ FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_LOCAL_PORT #define FWPS_FIELD_ALE_AUTH_CONNECT_V6_ICMP_CODE \ FWPS_FIELD_ALE_AUTH_CONNECT_V6_IP_REMOTE_PORT typedef enum FWPS_FIELDS_ALE_FLOW_ESTABLISHED_V4_ { FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ALE_APP_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ALE_USER_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_LOCAL_PORT, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_PROTOCOL, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_REMOTE_PORT, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ALE_REMOTE_USER_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ALE_REMOTE_MACHINE_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_DIRECTION, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_INTERFACE_TYPE, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ALE_ORIGINAL_APP_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) #if (NTDDI_VERSION >= NTDDI_WIN10_RS5) // // These reserved fields MUST be in this order. DO NOT change their order // FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_RESERVED_0, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_RESERVED_1, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_RESERVED_2, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_RESERVED_3, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS5) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_MAX } FWPS_FIELDS_ALE_FLOW_ESTABLISHED_V4; #define FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ICMP_TYPE \ FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_LOCAL_PORT #define FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_ICMP_CODE \ FWPS_FIELD_ALE_FLOW_ESTABLISHED_V4_IP_REMOTE_PORT typedef enum FWPS_FIELDS_ALE_FLOW_ESTABLISHED_V6_ { FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ALE_APP_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ALE_USER_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_LOCAL_PORT, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_PROTOCOL, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_REMOTE_PORT, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ALE_REMOTE_USER_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ALE_REMOTE_MACHINE_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_DIRECTION, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_INTERFACE_TYPE, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_TUNNEL_TYPE, #if (NTDDI_VERSION >= NTDDI_WIN6SP1) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ALE_ORIGINAL_APP_ID, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ALE_PACKAGE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) #if (NTDDI_VERSION >= NTDDI_WIN10_RS5) // // These reserved fields MUST be in this order. DO NOT change their order // FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_RESERVED_0, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_RESERVED_1, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_RESERVED_2, FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_RESERVED_3, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS5) #if (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_PACKAGE_FAMILY_NAME, #endif // (NTDDI_VERSION >= NTDDI_WIN11_ZN) FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_MAX } FWPS_FIELDS_ALE_FLOW_ESTABLISHED_V6; #define FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ICMP_TYPE \ FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_LOCAL_PORT #define FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_ICMP_CODE \ FWPS_FIELD_ALE_FLOW_ESTABLISHED_V6_IP_REMOTE_PORT #if (NTDDI_VERSION >= NTDDI_WIN7) typedef enum FWPS_FIELDS_NAME_RESOLUTION_CACHE_V4_ { FWPS_FIELD_NAME_RESOLUTION_CACHE_V4_ALE_USER_ID, FWPS_FIELD_NAME_RESOLUTION_CACHE_V4_ALE_APP_ID, FWPS_FIELD_NAME_RESOLUTION_CACHE_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_NAME_RESOLUTION_CACHE_V4_PEER_NAME, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_NAME_RESOLUTION_CACHE_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_NAME_RESOLUTION_CACHE_V4_MAX } FWPS_FIELDS_NAME_RESOLUTION_CACHE_V4; typedef enum FWPS_FIELDS_NAME_RESOLUTION_CACHE_V6_ { FWPS_FIELD_NAME_RESOLUTION_CACHE_V6_ALE_USER_ID, FWPS_FIELD_NAME_RESOLUTION_CACHE_V6_ALE_APP_ID, FWPS_FIELD_NAME_RESOLUTION_CACHE_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_NAME_RESOLUTION_CACHE_V6_PEER_NAME, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_NAME_RESOLUTION_CACHE_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_NAME_RESOLUTION_CACHE_V6_MAX } FWPS_FIELDS_NAME_RESOLUTION_CACHE_V6; #if (NTDDI_VERSION >= NTDDI_WIN8) typedef enum FWPS_FIELDS_INBOUND_MAC_FRAME_ETHERNET_ { FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_INTERFACE_MAC_ADDRESS, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_MAC_LOCAL_ADDRESS, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_MAC_REMOTE_ADDRESS, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_MAC_LOCAL_ADDRESS_TYPE, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_MAC_REMOTE_ADDRESS_TYPE, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_ETHER_TYPE, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_VLAN_ID, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_INTERFACE, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_INTERFACE_INDEX, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_NDIS_PORT, FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_MAC_FRAME_ETHERNET_MAX } FWPS_FIELDS_INBOUND_MAC_FRAME_ETHERNET; typedef enum FWPS_FIELDS_OUTBOUND_MAC_FRAME_ETHERNET_ { FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_INTERFACE_MAC_ADDRESS, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_MAC_LOCAL_ADDRESS, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_MAC_REMOTE_ADDRESS, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_MAC_LOCAL_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_MAC_REMOTE_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_ETHER_TYPE, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_VLAN_ID, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_INTERFACE, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_NDIS_PORT, FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_MAC_FRAME_ETHERNET_MAX } FWPS_FIELDS_OUTBOUND_MAC_FRAME_ETHERNET; typedef enum FWPS_FIELDS_INBOUND_MAC_FRAME_NATIVE_ { FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_NDIS_MEDIA_TYPE, FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_NDIS_PHYSICAL_MEDIA_TYPE, FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_INTERFACE, FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_INTERFACE_TYPE, FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_INTERFACE_INDEX, FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_NDIS_PORT, FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_MAX } FWPS_FIELDS_INBOUND_MAC_FRAME_NATIVE; #if (NTDDI_VERSION >= NTDDI_WINBLUE) typedef enum FWPS_FIELDS_INBOUND_MAC_FRAME_NATIVE_FAST_ { FWPS_FIELD_INBOUND_MAC_FRAME_NATIVE_FAST_MAX } FWPS_FIELDS_INBOUND_MAC_FRAME_NATIVE_FAST; #endif // (NTDDI_VERSION >= NTDDI_WINBLUE) typedef enum FWPS_FIELDS_OUTBOUND_MAC_FRAME_NATIVE_ { FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_NDIS_MEDIA_TYPE, FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_NDIS_PHYSICAL_MEDIA_TYPE, FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_INTERFACE, FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_INTERFACE_TYPE, FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_INTERFACE_INDEX, FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_NDIS_PORT, FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_MAX } FWPS_FIELDS_OUTBOUND_MAC_FRAME_NATIVE; #if (NTDDI_VERSION >= NTDDI_WINBLUE) typedef enum FWPS_FIELDS_OUTBOUND_MAC_FRAME_NATIVE_FAST { FWPS_FIELD_OUTBOUND_MAC_FRAME_NATIVE_FAST_MAX } FWPS_FIELDS_OUTBOUND_MAC_FRAME_NATIVE_FAST; #endif // (NTDDI_VERSION >= NTDDI_WINBLUE) typedef enum FWPS_FIELDS_INGRESS_VSWITCH_ETHERNET_ { FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_MAC_SOURCE_ADDRESS, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_MAC_SOURCE_ADDRESS_TYPE, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_MAC_DESTINATION_ADDRESS, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_MAC_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_ETHER_TYPE, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_VLAN_ID, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_VSWITCH_TENANT_NETWORK_ID, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_VSWITCH_ID, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_VSWITCH_NETWORK_TYPE, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_VSWITCH_SOURCE_INTERFACE_ID, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_VSWITCH_SOURCE_INTERFACE_TYPE, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_VSWITCH_SOURCE_VM_ID, FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INGRESS_VSWITCH_ETHERNET_MAX } FWPS_FIELDS_INGRESS_VSWITCH_ETHERNET; typedef enum FWPS_FIELDS_EGRESS_VSWITCH_ETHERNET_ { FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_MAC_SOURCE_ADDRESS, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_MAC_SOURCE_ADDRESS_TYPE, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_MAC_DESTINATION_ADDRESS, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_MAC_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_ETHER_TYPE, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VLAN_ID, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VSWITCH_TENANT_NETWORK_ID, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VSWITCH_ID, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VSWITCH_NETWORK_TYPE, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VSWITCH_SOURCE_INTERFACE_ID, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VSWITCH_SOURCE_INTERFACE_TYPE, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VSWITCH_SOURCE_VM_ID, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VSWITCH_DESTINATION_INTERFACE_ID, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VSWITCH_DESTINATION_INTERFACE_TYPE, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_VSWITCH_DESTINATION_VM_ID, FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_EGRESS_VSWITCH_ETHERNET_MAX } FWPS_FIELDS_EGRESS_VSWITCH_ETHERNET; typedef enum FWPS_FIELDS_INGRESS_VSWITCH_TRANSPORT_V4_ { FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_IP_SOURCE_ADDRESS, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_IP_DESTINATION_ADDRESS, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_IP_PROTOCOL, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_IP_SOURCE_PORT, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_IP_DESTINATION_PORT, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_VLAN_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_TENANT_NETWORK_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_NETWORK_TYPE, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_SOURCE_INTERFACE_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_SOURCE_INTERFACE_TYPE, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_SOURCE_VM_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_MAX } FWPS_FIELDS_INGRESS_VSWITCH_TRANSPORT_V4; #define FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_ICMP_TYPE \ FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_IP_SOURCE_PORT #define FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_ICMP_CODE \ FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V4_IP_DESTINATION_PORT typedef enum FWPS_FIELDS_INGRESS_VSWITCH_TRANSPORT_V6_ { FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_IP_SOURCE_ADDRESS, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_IP_DESTINATION_ADDRESS, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_IP_PROTOCOL, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_IP_SOURCE_PORT, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_IP_DESTINATION_PORT, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_VLAN_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_TENANT_NETWORK_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_NETWORK_TYPE, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_SOURCE_INTERFACE_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_SOURCE_INTERFACE_TYPE, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_SOURCE_VM_ID, FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_MAX } FWPS_FIELDS_INGRESS_VSWITCH_TRANSPORT_V6; #define FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_ICMP_TYPE \ FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_IP_SOURCE_PORT #define FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_ICMP_CODE \ FWPS_FIELD_INGRESS_VSWITCH_TRANSPORT_V6_IP_DESTINATION_PORT typedef enum FWPS_FIELDS_EGRESS_VSWITCH_TRANSPORT_V4_ { FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_IP_SOURCE_ADDRESS, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_IP_DESTINATION_ADDRESS, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_IP_PROTOCOL, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_IP_SOURCE_PORT, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_IP_DESTINATION_PORT, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VLAN_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_TENANT_NETWORK_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_NETWORK_TYPE, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_SOURCE_INTERFACE_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_SOURCE_INTERFACE_TYPE, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_SOURCE_VM_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_DESTINATION_INTERFACE_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_DESTINATION_INTERFACE_TYPE, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_VSWITCH_DESTINATION_VM_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_MAX } FWPS_FIELDS_EGRESS_VSWITCH_TRANSPORT_V4; #define FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_ICMP_TYPE \ FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_IP_SOURCE_PORT #define FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_ICMP_CODE \ FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V4_IP_DESTINATION_PORT typedef enum FWPS_FIELDS_EGRESS_VSWITCH_TRANSPORT_V6_ { FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_IP_SOURCE_ADDRESS, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_IP_DESTINATION_ADDRESS, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_IP_PROTOCOL, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_IP_SOURCE_PORT, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_IP_DESTINATION_PORT, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VLAN_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_TENANT_NETWORK_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_NETWORK_TYPE, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_SOURCE_INTERFACE_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_SOURCE_INTERFACE_TYPE, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_SOURCE_VM_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_DESTINATION_INTERFACE_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_DESTINATION_INTERFACE_TYPE, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_VSWITCH_DESTINATION_VM_ID, FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_L2_FLAGS, #if (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_COMPARTMENT_ID, #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS2) FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_MAX } FWPS_FIELDS_EGRESS_VSWITCH_TRANSPORT_V6; #define FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_ICMP_TYPE \ FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_IP_SOURCE_PORT #define FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_ICMP_CODE \ FWPS_FIELD_EGRESS_VSWITCH_TRANSPORT_V6_IP_DESTINATION_PORT #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN7) typedef enum FWPS_FIELDS_IPSEC_KM_DEMUX_V4_ { FWPS_FIELD_IPSEC_KM_DEMUX_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_IPSEC_KM_DEMUX_V4_IP_REMOTE_ADDRESS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_IPSEC_KM_DEMUX_V4_QM_MODE, FWPS_FIELD_IPSEC_KM_DEMUX_V4_IP_LOCAL_INTERFACE, FWPS_FIELD_IPSEC_KM_DEMUX_V4_CURRENT_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_KM_DEMUX_V4_IPSEC_SECURITY_REALM_ID, #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_IPSEC_KM_DEMUX_V4_MAX } FWPS_FIELDS_IPSEC_KM_DEMUX_V4; typedef enum FWPS_FIELDS_IPSEC_KM_DEMUX_V6_ { FWPS_FIELD_IPSEC_KM_DEMUX_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_IPSEC_KM_DEMUX_V6_IP_REMOTE_ADDRESS, #if (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_IPSEC_KM_DEMUX_V6_QM_MODE, FWPS_FIELD_IPSEC_KM_DEMUX_V6_IP_LOCAL_INTERFACE, FWPS_FIELD_IPSEC_KM_DEMUX_V6_CURRENT_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_KM_DEMUX_V6_IPSEC_SECURITY_REALM_ID, #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN8) FWPS_FIELD_IPSEC_KM_DEMUX_V6_MAX } FWPS_FIELDS_IPSEC_KM_DEMUX_V6; typedef enum FWPS_FIELDS_IPSEC_V4_ { FWPS_FIELD_IPSEC_V4_IP_PROTOCOL, FWPS_FIELD_IPSEC_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_IPSEC_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_IPSEC_V4_IP_LOCAL_PORT, FWPS_FIELD_IPSEC_V4_IP_REMOTE_PORT, FWPS_FIELD_IPSEC_V4_IP_LOCAL_INTERFACE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IPSEC_V4_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_IPSEC_V4_IPSEC_SECURITY_REALM_ID, #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IPSEC_V4_MAX } FWPS_FIELDS_IPSEC_V4; typedef enum FWPS_FIELDS_IPSEC_V6_ { FWPS_FIELD_IPSEC_V6_IP_PROTOCOL, FWPS_FIELD_IPSEC_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_IPSEC_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_IPSEC_V6_IP_LOCAL_PORT, FWPS_FIELD_IPSEC_V6_IP_REMOTE_PORT, FWPS_FIELD_IPSEC_V6_IP_LOCAL_INTERFACE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IPSEC_V6_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_IPSEC_V6_IPSEC_SECURITY_REALM_ID, #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IPSEC_V6_MAX } FWPS_FIELDS_IPSEC_V6; typedef enum FWPS_FIELDS_IKEEXT_V4_ { FWPS_FIELD_IKEEXT_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_IKEEXT_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_IKEEXT_V4_IP_LOCAL_INTERFACE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IKEEXT_V4_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_IKEEXT_V4_IPSEC_SECURITY_REALM_ID, #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IKEEXT_V4_MAX } FWPS_FIELDS_IKEEXT_V4; typedef enum FWPS_FIELDS_IKEEXT_V6_ { FWPS_FIELD_IKEEXT_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_IKEEXT_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_IKEEXT_V6_IP_LOCAL_INTERFACE, #if (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IKEEXT_V6_PROFILE_ID, #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) FWPS_FIELD_IKEEXT_V6_IPSEC_SECURITY_REALM_ID, #endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) #endif // (NTDDI_VERSION >= NTDDI_WIN7) FWPS_FIELD_IKEEXT_V6_MAX } FWPS_FIELDS_IKEEXT_V6; typedef enum FWPS_FIELDS_RPC_UM_ { FWPS_FIELD_RPC_UM_REMOTE_USER_TOKEN, FWPS_FIELD_RPC_UM_IF_UUID, FWPS_FIELD_RPC_UM_IF_VERSION, FWPS_FIELD_RPC_UM_IF_FLAG, FWPS_FIELD_RPC_UM_DCOM_APP_ID, FWPS_FIELD_RPC_UM_IMAGE_NAME, FWPS_FIELD_RPC_UM_PROTOCOL, FWPS_FIELD_RPC_UM_AUTH_TYPE, FWPS_FIELD_RPC_UM_AUTH_LEVEL, FWPS_FIELD_RPC_UM_SEC_ENCRYPT_ALGORITHM, FWPS_FIELD_RPC_UM_SEC_KEY_SIZE, FWPS_FIELD_RPC_UM_LOCAL_ADDR_V4, FWPS_FIELD_RPC_UM_LOCAL_ADDR_V6, FWPS_FIELD_RPC_UM_LOCAL_PORT, FWPS_FIELD_RPC_UM_PIPE, FWPS_FIELD_RPC_UM_REMOTE_ADDR_V4, FWPS_FIELD_RPC_UM_REMOTE_ADDR_V6, #if (NTDDI_VERSION >= NTDDI_WIN11_GA) FWPS_FIELD_RPC_UM_RPC_OPNUM, #endif // (NTDDI_VERSION >= NTDDI_WIN11_GA) FWPS_FIELD_RPC_UM_MAX } FWPS_FIELDS_RPC_UM; typedef enum FWPS_FIELDS_RPC_EPMAP_ { FWPS_FIELD_RPC_EPMAP_REMOTE_USER_TOKEN, FWPS_FIELD_RPC_EPMAP_IF_UUID, FWPS_FIELD_RPC_EPMAP_IF_VERSION, FWPS_FIELD_RPC_EPMAP_PROTOCOL, FWPS_FIELD_RPC_EPMAP_AUTH_TYPE, FWPS_FIELD_RPC_EPMAP_AUTH_LEVEL, FWPS_FIELD_RPC_EPMAP_SEC_ENCRYPT_ALGORITHM, FWPS_FIELD_RPC_EPMAP_SEC_KEY_SIZE, FWPS_FIELD_RPC_EPMAP_LOCAL_ADDR_V4, FWPS_FIELD_RPC_EPMAP_LOCAL_ADDR_V6, FWPS_FIELD_RPC_EPMAP_LOCAL_PORT, FWPS_FIELD_RPC_EPMAP_PIPE, FWPS_FIELD_RPC_EPMAP_REMOTE_ADDR_V4, FWPS_FIELD_RPC_EPMAP_REMOTE_ADDR_V6, FWPS_FIELD_RPC_EPMAP_MAX } FWPS_FIELDS_RPC_EPMAP; typedef enum FWPS_FIELDS_RPC_EP_ADD_ { FWPS_FIELD_RPC_EP_ADD_PROCESS_WITH_RPC_IF_UUID, FWPS_FIELD_RPC_EP_ADD_PROTOCOL, FWPS_FIELD_RPC_EP_ADD_EP_VALUE, FWPS_FIELD_RPC_EP_ADD_EP_FLAGS, FWPS_FIELD_RPC_EP_ADD_MAX } FWPS_FIELDS_RPC_EP_ADD; typedef enum FWPS_FIELDS_RPC_PROXY_CONN_ { FWPS_FIELD_RPC_PROXY_CONN_CLIENT_TOKEN, FWPS_FIELD_RPC_PROXY_CONN_SERVER_NAME, FWPS_FIELD_RPC_PROXY_CONN_SERVER_PORT, FWPS_FIELD_RPC_PROXY_CONN_PROXY_AUTH_TYPE, FWPS_FIELD_RPC_PROXY_CONN_CLIENT_CERT_KEY_LENGTH, FWPS_FIELD_RPC_PROXY_CONN_CLIENT_CERT_OID, FWPS_FIELD_RPC_PROXY_CONN_MAX } FWPS_FIELDS_RPC_PROXY_CONN; typedef enum FWPS_FIELDS_RPC_PROXY_IF_ { FWPS_FIELD_RPC_PROXY_IF_CLIENT_TOKEN, FWPS_FIELD_RPC_PROXY_IF_IF_UUID, FWPS_FIELD_RPC_PROXY_IF_IF_VERSION, FWPS_FIELD_RPC_PROXY_IF_SERVER_NAME, FWPS_FIELD_RPC_PROXY_IF_SERVER_PORT, FWPS_FIELD_RPC_PROXY_IF_PROXY_AUTH_TYPE, FWPS_FIELD_RPC_PROXY_IF_CLIENT_CERT_KEY_LENGTH, FWPS_FIELD_RPC_PROXY_IF_CLIENT_CERT_OID, FWPS_FIELD_RPC_PROXY_IF_MAX } FWPS_FIELDS_RPC_PROXY_IF_IF; #if (NTDDI_VERSION >= NTDDI_WIN7) typedef enum FWPS_FIELDS_KM_AUTHORIZATION_ { FWPS_FIELD_KM_AUTHORIZATION_REMOTE_ID, FWPS_FIELD_KM_AUTHORIZATION_AUTHENTICATION_TYPE, FWPS_FIELD_KM_AUTHORIZATION_KM_TYPE, FWPS_FIELD_KM_AUTHORIZATION_DIRECTION, FWPS_FIELD_KM_AUTHORIZATION_KM_MODE, FWPS_FIELD_KM_AUTHORIZATION_IPSEC_POLICY_KEY, FWPS_FIELD_KM_AUTHORIZATION_NAP_CONTEXT, FWPS_FIELD_KM_AUTHORIZATION_MAX, } FWPS_FIELDS_KM_AUTHORIZATION; #endif #if (NTDDI_VERSION >= NTDDI_WIN10_RS3) typedef enum FWPS_FIELDS_INBOUND_RESERVED2_ { FWPS_FIELD_INBOUND_RESERVED2_RESERVED0, FWPS_FIELD_INBOUND_RESERVED2_RESERVED1, FWPS_FIELD_INBOUND_RESERVED2_RESERVED2, FWPS_FIELD_INBOUND_RESERVED2_RESERVED3, FWPS_FIELD_INBOUND_RESERVED2_RESERVED4, FWPS_FIELD_INBOUND_RESERVED2_RESERVED5, FWPS_FIELD_INBOUND_RESERVED2_RESERVED6, FWPS_FIELD_INBOUND_RESERVED2_RESERVED7, FWPS_FIELD_INBOUND_RESERVED2_RESERVED8, FWPS_FIELD_INBOUND_RESERVED2_RESERVED9, FWPS_FIELD_INBOUND_RESERVED2_RESERVED10, FWPS_FIELD_INBOUND_RESERVED2_RESERVED11, FWPS_FIELD_INBOUND_RESERVED2_RESERVED12, #if (NTDDI_VERSION >= NTDDI_WIN10_19H1) FWPS_FIELD_INBOUND_RESERVED2_RESERVED13, FWPS_FIELD_INBOUND_RESERVED2_RESERVED14, FWPS_FIELD_INBOUND_RESERVED2_RESERVED15, #endif FWPS_FIELD_INBOUND_RESERVED2_MAX, } FWPS_FIELDS_INBOUND_RESERVED2; #endif //(NTDDI_VERSION >= NTDDI_WIN10_RS3) #if (NTDDI_VERSION >= NTDDI_WIN10_NI) typedef enum FWPS_FIELDS_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_ { FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_ALE_APP_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_ALE_USER_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_IP_LOCAL_ADDRESS, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_IP_LOCAL_PORT, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_IP_PROTOCOL, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_IP_REMOTE_ADDRESS, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_IP_REMOTE_PORT, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_FLAGS, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_ALE_ORIGINAL_APP_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_ALE_PACKAGE_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_COMPARTMENT_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_MAX } FWPS_FIELDS_OUTBOUND_NETWORK_POLICY_V4; #define FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_ICMP_TYPE \ FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_IP_LOCAL_PORT #define FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_ICMP_CODE \ FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V4_IP_REMOTE_PORT typedef enum FWPS_FIELDS_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_ { FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_ALE_APP_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_ALE_USER_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_IP_LOCAL_ADDRESS, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_IP_LOCAL_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_IP_LOCAL_PORT, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_IP_PROTOCOL, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_IP_REMOTE_ADDRESS, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_IP_DESTINATION_ADDRESS_TYPE, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_IP_REMOTE_PORT, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_FLAGS, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_ALE_ORIGINAL_APP_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_ALE_PACKAGE_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_COMPARTMENT_ID, FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_MAX } FWPS_FIELDS_OUTBOUND_NETWORK_POLICY_V6; #define FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_ICMP_TYPE \ FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_IP_LOCAL_PORT #define FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_ICMP_CODE \ FWPS_FIELD_OUTBOUND_NETWORK_CONNECTION_POLICY_V6_IP_REMOTE_PORT #endif //(NTDDI_VERSION >= NTDDI_WIN10_NI) /////////////////////////////////////////////////////////////////////////////// // // Network and transport discard reasons. // /////////////////////////////////////////////////////////////////////////////// // // INET_DISCARD_REASON // // Define the reasons given by INET modules for discarding incoming datagrams. // #ifndef _INET_DISCARD_REASON_DEFINE_ #define _INET_DISCARD_REASON_DEFINE_ typedef enum { InetDiscardSourceUnspecified = 0, InetDiscardDestinationMulticast = 1, InetDiscardHeaderInvalid = 2, InetDiscardChecksumInvalid = 3, InetDiscardEndpointNotFound = 4, InetDiscardConnectedPath = 5, InetDiscardSessionState = 6, InetDiscardReceiveInspection = 7, InetDiscardAckInvalid = 8, InetDiscardExpectedSyn = 9, InetDiscardRst = 10, InetDiscardSynRcvdSyn = 11, InetDiscardSimultaneousConnect = 12, InetDiscardPawsFailed = 13, InetDiscardLandAttack = 14, InetDiscardMissedReset = 15, InetDiscardOutsideWindow = 16, InetDiscardDuplicateSegment = 17, InetDiscardClosedWindow = 18, InetDiscardTcbRemoved = 19, InetDiscardFinWait2 = 20, InetDiscardReassemblyConflict = 21, InetDiscardFinReceived = 22, InetDiscardListenerInvalidFlags = 23, InetDiscardUrgentDeliveryAllocationFailure = 24, InetDiscardTcbNotInTcbTable = 25, InetDiscardTimeWaitTcbReceivedRstOutsideWindow = 26, InetDiscardTimeWaitTcbSynAndOtherFlags = 27, InetDiscardTimeWaitTcb = 28, InetDiscardSynAckWithFastopenCookieRequest = 29, InetDiscardPauseAccept = 30, InetDiscardSynAttack = 31, InetDiscardAcceptInspection = 32, InetDiscardAcceptRedirection = 33, InetDiscardReasonMaxEnumValue } INET_DISCARD_REASON, *PINET_DISCARD_REASON; #endif #ifndef _IP_DISCARD_REASON_DEFINE_ #define _IP_DISCARD_REASON_DEFINE_ typedef enum { // // Receive path discard reasons. // IpDiscardBadSourceAddress = 1, IpDiscardNotLocallyDestined, IpDiscardProtocolUnreachable, IpDiscardPortUnreachable, IpDiscardBadLength, IpDiscardMalformedHeader, IpDiscardNoRoute, IpDiscardBeyondScope, IpDiscardInspectionDrop, // Blocked by firewall, ICMP should not be sent. IpDiscardTooManyDecapsulations, IpDiscardAdministrativelyProhibited, // Blocked, ICMP should be sent. IpDiscardBadChecksum, IpDiscardFirstFragmentIncomplete, IpDiscardHeaderNotContiguous, IpDiscardHeaderNotAligned, IpDiscardReceivePathMax = 127, // // Forward path discard reasons. // IpDiscardHopLimitExceeded, IpDiscardAddressUnreachable, IpDiscardRscPacket, IpDiscardSourceViolation, IpDiscardForwardPathMax = 255, // // Internally used discard reasons. // IpDiscardArbitrationUnhandled, IpDiscardInspectionAbsorb, // WFP took ownership of the packet. // // Send path discard reasons not covered above. // IpDiscardDontFragmentMtuExceeded, IpDiscardBufferLengthExceeded, IpDiscardAddressResolutionTimeout, IpDiscardAddressResolutionFailure, IpDiscardIpsecFailure, IpDiscardExtensionHeadersFailure, IpDiscardAllocationFailure, // // Discard reasons common to all paths. // IpDiscardIpsnpiClientDrop, IpDiscardUnsupportedOffload, IpDiscardRoutingFailure, IpDiscardAncillaryDataFailure, IpDiscardRawDataFailure, IpDiscardSessionStateFailure, IpDiscardIpsnpiAllocationFailure, IpDiscardIpsnpiModifiedButNotForwarded, IpDiscardIpsnpiNoNextHop, IpDiscardIpsnpiNoCompartment, IpDiscardIpsnpiNoInterface, IpDiscardIpsnpiNoSubInterface, IpDiscardIpsnpiInterfaceDisabled, IpDiscardIpsnpiSegmentationFailed, IpDiscardIpsnpiNoEthernetHeader, IpDiscardIpsnpiUnexpectedFragment, IpDiscardIpsnpiUnsupportedInterfaceType, IpDiscardIpsnpiInvalidLsoInfo, IpDiscardIpsnpiInvalidUsoInfo, IpDiscardInternalError, IpDiscardAdministrativelyConfigured, IpDiscardBadOption, IpDiscardLoopbackDisallowed, IpDiscardSmallerScope, IpDiscardQueueFull, IpDiscardInterfaceDisabled, IpDiscardNlClientDiscard, IpDiscardIpsnpiUroSegmentSizeExceedsMtu, IpDiscardSwUsoFailure, IpDiscardMax } IP_DISCARD_REASON, *PIP_DISCARD_REASON; #endif /////////////////////////////////////////////////////////////////////////////// // // API for implementing a callout. // /////////////////////////////////////////////////////////////////////////////// ////////// // Flags that can specified which entries are present // in the FWPS_INCOMING_METADATA_VALUES0 structure. ////////// #define FWPS_METADATA_FIELD_DISCARD_REASON 0x00000001 #define FWPS_METADATA_FIELD_FLOW_HANDLE 0x00000002 #define FWPS_METADATA_FIELD_IP_HEADER_SIZE 0x00000004 #define FWPS_METADATA_FIELD_PROCESS_PATH 0x00000008 #define FWPS_METADATA_FIELD_TOKEN 0x00000010 #define FWPS_METADATA_FIELD_PROCESS_ID 0x00000020 #define FWPS_METADATA_FIELD_SYSTEM_FLAGS 0x00000040 #define FWPS_METADATA_FIELD_RESERVED 0x00000080 #define FWPS_METADATA_FIELD_SOURCE_INTERFACE_INDEX 0x00000100 #define FWPS_METADATA_FIELD_DESTINATION_INTERFACE_INDEX 0x00000200 #define FWPS_METADATA_FIELD_TRANSPORT_HEADER_SIZE 0x00000400 #define FWPS_METADATA_FIELD_COMPARTMENT_ID 0x00000800 #define FWPS_METADATA_FIELD_FRAGMENT_DATA 0x00001000 #define FWPS_METADATA_FIELD_PATH_MTU 0x00002000 #define FWPS_METADATA_FIELD_COMPLETION_HANDLE 0x00004000 #define FWPS_METADATA_FIELD_TRANSPORT_ENDPOINT_HANDLE 0x00008000 #define FWPS_METADATA_FIELD_TRANSPORT_CONTROL_DATA 0x00010000 #define FWPS_METADATA_FIELD_REMOTE_SCOPE_ID 0x00020000 #define FWPS_METADATA_FIELD_PACKET_DIRECTION 0x00040000 #if (NTDDI_VERSION >= NTDDI_WIN6SP1) #define FWPS_METADATA_FIELD_PACKET_SYSTEM_CRITICAL 0x00080000 #define FWPS_METADATA_FIELD_FORWARD_LAYER_OUTBOUND_PASS_THRU 0x00100000 #define FWPS_METADATA_FIELD_FORWARD_LAYER_INBOUND_PASS_THRU 0x00200000 #define FWPS_METADATA_FIELD_ALE_CLASSIFY_REQUIRED 0x00400000 #define FWPS_METADATA_FIELD_TRANSPORT_HEADER_INCLUDE_HEADER 0x00800000 #if (NTDDI_VERSION >= NTDDI_WIN7) #define FWPS_METADATA_FIELD_DESTINATION_PREFIX 0x01000000 #define FWPS_METADATA_FIELD_ETHER_FRAME_LENGTH 0x02000000 #define FWPS_METADATA_FIELD_PARENT_ENDPOINT_HANDLE 0x04000000 #define FWPS_METADATA_FIELD_ICMP_ID_AND_SEQUENCE 0x08000000 #define FWPS_METADATA_FIELD_LOCAL_REDIRECT_TARGET_PID 0x10000000 #define FWPS_METADATA_FIELD_ORIGINAL_DESTINATION 0x20000000 #if (NTDDI_VERSION >= NTDDI_WIN8) #define FWPS_METADATA_FIELD_REDIRECT_RECORD_HANDLE 0x40000000 #define FWPS_METADATA_FIELD_SUB_PROCESS_TAG 0x80000000 #define FWPS_L2_METADATA_FIELD_ETHERNET_MAC_HEADER_SIZE 0x00000001 #define FWPS_L2_METADATA_FIELD_WIFI_OPERATION_MODE 0x00000002 #define FWPS_L2_METADATA_FIELD_VSWITCH_SOURCE_PORT_ID 0x00000004 #define FWPS_L2_METADATA_FIELD_VSWITCH_SOURCE_NIC_INDEX 0x00000008 #define FWPS_L2_METADATA_FIELD_VSWITCH_PACKET_CONTEXT 0x00000010 #define FWPS_L2_METADATA_FIELD_VSWITCH_DESTINATION_PORT_ID 0x00000020 #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) #if (NTDDI_VERSION >= NTDDI_WINBLUE) #define FWPS_L2_METADATA_FIELD_RESERVED 0x80000000 #endif // (NTDDI_VERSION >= NTDDI_WINBLUE) // Provides additional meta-information to the filter engine. This information // is not processed by the filter engine, but is supplied to the callouts. // Unlike the FWPS_INCOMING_VALUES0, the schema of the meta-information is not // fixed. Callouts should not assume that a given FWPS_METADATA_FIELD is // present or that it is located at a given index in the array. typedef struct FWPS_INCOMING_METADATA_VALUES0_ { // Bitmask representing which values are set. UINT32 currentMetadataValues; // Internal flags; UINT32 flags; // Reserved for system use. UINT64 reserved; // Discard module and reason. FWPS_DISCARD_METADATA0 discardMetadata; // Flow Handle. UINT64 flowHandle; // IP Header size. UINT32 ipHeaderSize; // Transport Header size UINT32 transportHeaderSize; // Process Path. FWP_BYTE_BLOB* processPath; // Token used for authorization. UINT64 token; // Process Id. UINT64 processId; // Source and Destination interface indices for discard indications. UINT32 sourceInterfaceIndex; UINT32 destinationInterfaceIndex; // Compartment Id for injection APIs. ULONG compartmentId; // Fragment data for inbound fragments. FWPS_INBOUND_FRAGMENT_METADATA0 fragmentMetadata; // Path MTU for outbound packets (to enable calculation of fragments). ULONG pathMtu; // Completion handle (required in order to be able to pend at this layer). HANDLE completionHandle; // Endpoint handle for use in outbound transport layer injection. UINT64 transportEndpointHandle; // Remote scope id for use in outbound transport layer injection. SCOPE_ID remoteScopeId; // Socket control data (and length) for use in outbound transport layer injection. WSACMSGHDR* controlData; ULONG controlDataLength; // Direction for the current packet. Only specified for ALE re-authorization. FWP_DIRECTION packetDirection; #if (NTDDI_VERSION >= NTDDI_WIN6SP1) // Raw IP header (and length) if the packet is sent with IP header from a RAW socket. PVOID headerIncludeHeader; ULONG headerIncludeHeaderLength; #if (NTDDI_VERSION >= NTDDI_WIN7) IP_ADDRESS_PREFIX destinationPrefix; UINT16 frameLength; UINT64 parentEndpointHandle; UINT32 icmpIdAndSequence; // PID of the process that will be accepting the redirected connection DWORD localRedirectTargetPID; // original destination of a redirected connection SOCKADDR* originalDestination; #if (NTDDI_VERSION >= NTDDI_WIN8) HANDLE redirectRecords; // Bitmask representing which L2 values are set. UINT32 currentL2MetadataValues; // L2 layer Flags; UINT32 l2Flags; UINT32 ethernetMacHeaderSize; UINT32 wiFiOperationMode; HANDLE vSwitchPacketContext; #endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN7) #endif // (NTDDI_VERSION >= NTDDI_WIN6SP1) #if (NTDDI_VERSION >= NTDDI_WIN8) PVOID subProcessTag; // Reserved for system use. UINT64 reserved1; #endif } FWPS_INCOMING_METADATA_VALUES0; /////////////////////////////////////////////////////////////////////////////// // // Macro for checking for metadata fields // /////////////////////////////////////////////////////////////////////////////// #define FWPS_IS_METADATA_FIELD_PRESENT(metadataValues, metadataField) \ (((metadataValues)->currentMetadataValues & (metadataField)) == (metadataField)) #if (NTDDI_VERSION >= NTDDI_WIN8) #define FWPS_IS_L2_METADATA_FIELD_PRESENT(metadataValues, l2MetadataField) \ (((metadataValues)->currentL2MetadataValues & (l2MetadataField)) == (l2MetadataField)) #endif // (NTDDI_VERSION >= NTDDI_WIN8) // Invoked during classification when a callout filter matches. typedef void (NTAPI *FWPS_CALLOUT_CLASSIFY_FN0)( _In_ const FWPS_INCOMING_VALUES0* inFixedValues, _In_ const FWPS_INCOMING_METADATA_VALUES0* inMetaValues, _Inout_opt_ void* layerData, _In_ const FWPS_FILTER0* filter, _In_ UINT64 flowContext, _Inout_ FWPS_CLASSIFY_OUT0* classifyOut ); #if (NTDDI_VERSION >= NTDDI_WIN7) // Version-1 of function invoked during classification when a callout filter // matches. typedef void (NTAPI *FWPS_CALLOUT_CLASSIFY_FN1)( _In_ const FWPS_INCOMING_VALUES0* inFixedValues, _In_ const FWPS_INCOMING_METADATA_VALUES0* inMetaValues, _Inout_opt_ void* layerData, _In_opt_ const void* classifyContext, _In_ const FWPS_FILTER1* filter, _In_ UINT64 flowContext, _Inout_ FWPS_CLASSIFY_OUT0* classifyOut ); #endif // (NTDDI_VERSION >= NTDDI_WIN7) #if (NTDDI_VERSION >= NTDDI_WIN8) // Version-2 of function invoked during classification when a callout filter // matches. typedef void (NTAPI *FWPS_CALLOUT_CLASSIFY_FN2)( _In_ const FWPS_INCOMING_VALUES0* inFixedValues, _In_ const FWPS_INCOMING_METADATA_VALUES0* inMetaValues, _Inout_opt_ void* layerData, _In_opt_ const void* classifyContext, _In_ const FWPS_FILTER2* filter, _In_ UINT64 flowContext, _Inout_ FWPS_CLASSIFY_OUT0* classifyOut ); #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN10_RS3) // Version-3 of function invoked during classification when a callout filter // matches. typedef void (NTAPI *FWPS_CALLOUT_CLASSIFY_FN3)( _In_ const FWPS_INCOMING_VALUES0* inFixedValues, _In_ const FWPS_INCOMING_METADATA_VALUES0* inMetaValues, _Inout_opt_ void* layerData, _In_opt_ const void* classifyContext, _In_ const FWPS_FILTER3* filter, _In_ UINT64 flowContext, _Inout_ FWPS_CLASSIFY_OUT0* classifyOut ); #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS3) // Notifies the callout that a filter invoking it has been added/deleted. typedef NTSTATUS (NTAPI *FWPS_CALLOUT_NOTIFY_FN0)( _In_ FWPS_CALLOUT_NOTIFY_TYPE notifyType, _In_ const GUID* filterKey, _Inout_ FWPS_FILTER0* filter ); #if (NTDDI_VERSION >= NTDDI_WIN7) // Version-1 of function that notifies the callout that a filter invoking it has // been added/deleted. typedef NTSTATUS (NTAPI *FWPS_CALLOUT_NOTIFY_FN1)( _In_ FWPS_CALLOUT_NOTIFY_TYPE notifyType, _In_ const GUID* filterKey, _Inout_ FWPS_FILTER1* filter ); #endif // (NTDDI_VERSION >= NTDDI_WIN7) #if (NTDDI_VERSION >= NTDDI_WIN8) // Version-2 of function that notifies the callout that a filter invoking it has // been added/deleted. typedef NTSTATUS (NTAPI *FWPS_CALLOUT_NOTIFY_FN2)( _In_ FWPS_CALLOUT_NOTIFY_TYPE notifyType, _In_ const GUID* filterKey, _Inout_ FWPS_FILTER2* filter ); #endif // (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN10_RS3) // Version-3 of function invoked during classification when a callout filter // matches. typedef NTSTATUS (NTAPI *FWPS_CALLOUT_NOTIFY_FN3)( _In_ FWPS_CALLOUT_NOTIFY_TYPE notifyType, _In_ const GUID* filterKey, _Inout_ FWPS_FILTER3* filter ); #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS3) // Notifies the callout that a flow has been deleted. typedef void (NTAPI *FWPS_CALLOUT_FLOW_DELETE_NOTIFY_FN0)( _In_ UINT16 layerId, _In_ UINT32 calloutId, _In_ UINT64 flowContext ); // Notify callout that boottime callout has been removed typedef void (NTAPI *FWPS_CALLOUT_BOOTTIME_CALLOUT_DELETE_NOTIFY_FN0)( _In_ UINT32 calloutId ); #if (NTDDI_VERSION >= NTDDI_WIN7) /////////////////////////////////////////////////////////////////////////////// // // ALE endpoint API. // /////////////////////////////////////////////////////////////////////////////// DWORD WINAPI FwpsOpenToken0( IN HANDLE engineHandle, IN LUID modifiedId, IN DWORD desiredAccess, OUT HANDLE* accessToken ); DWORD WINAPI FwpsAleEndpointGetById0( _In_ HANDLE engineHandle, _In_ UINT64 endpointId, _Out_ FWPS_ALE_ENDPOINT_PROPERTIES0** properties ); DWORD WINAPI FwpsAleEndpointCreateEnumHandle0( _In_ HANDLE engineHandle, _In_opt_ const FWPS_ALE_ENDPOINT_ENUM_TEMPLATE0* enumTemplate, _Out_ HANDLE* enumHandle ); DWORD WINAPI FwpsAleEndpointEnum0( _In_ HANDLE engineHandle, _In_ HANDLE enumHandle, _In_ UINT32 numEntriesRequested, _Outptr_result_buffer_(*numEntriesReturned) FWPS_ALE_ENDPOINT_PROPERTIES0*** entries, _Out_ UINT32* numEntriesReturned ); DWORD WINAPI FwpsAleEndpointDestroyEnumHandle0( _In_ HANDLE engineHandle, _Inout_ HANDLE enumHandle ); DWORD WINAPI FwpsAleEndpointGetSecurityInfo0( _In_ HANDLE engineHandle, _In_ SECURITY_INFORMATION securityInfo, _Outptr_result_maybenull_ PSID* sidOwner, _Outptr_result_maybenull_ PSID* sidGroup, _Outptr_result_maybenull_ PACL* dacl, _Outptr_result_maybenull_ PACL* sacl, _Outptr_ PSECURITY_DESCRIPTOR* securityDescriptor ); DWORD WINAPI FwpsAleEndpointSetSecurityInfo0( _In_ HANDLE engineHandle, _In_ SECURITY_INFORMATION securityInfo, _In_opt_ const SID* sidOwner, _In_opt_ const SID* sidGroup, _In_opt_ const ACL* dacl, _In_opt_ const ACL* sacl ); #endif // (NTDDI_VERSION >= NTDDI_WIN7) #ifdef __cplusplus } #endif #endif // (NTDDI_VERSION >= NTDDI_WIN6) #endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_PKG_APPRUNTIME) */ #pragma endregion #endif // FWPSX_H