使用WFP过滤器,允许端口和IP的配对。

问题描述 投票:1回答:1

我希望有一个防火墙,将我的设备与网络隔离开来,除了我希望允许的几个端口对。

例如,为了允许某些端口(对于所有的IP地址),我使用了以下的过滤器。

FWPM_FILTER_CONDITION0条件[2];

conditions[0].fieldKey = FWPM_CONDITION_IP_REMOTE_PORT;
conditions[0].conditionValue.type = FWP_UINT16;
conditions[0].conditionValue.uint16 = port;

conditions[1].fieldKey = FWPM_CONDITION_IP_PROTOCOL;
conditions[1].conditionValue.type = FWP_UINT8;
conditions[1].conditionValue.uint32 = 0;
conditions[1].matchType = FWP_MATCH_GREATER_OR_EQUAL;

Filter.subLayerKey = myGUID;
Filter.displayData.name = L"myFirewall";
Filter.action.type = FWP_ACTION_PERMIT;
Filter.weight.type = FWP_UINT64;

uint64 weightvalue = 0x102;

Filter.weight.uint64 = &weightvalue;
Filter.flags = FWPM_FILTER_FLAG_PERSISTENT;
Filter.filterCondition = conditions;
Filter.layerKey = FWPM_LAYER_OUTBOUND_TRANSPORT_V4
Filter.numFilterConditions = 2;

这个过滤器允许数据包的目的地只有一个端口,而不考虑它的ip.我如何添加特定的ip到过滤条件?

谢谢

c++ windows filter firewall wfp
1个回答
1
投票

匹配远程IP地址的过滤条件

conditions[1].fieldKey = FWPM_CONDITION_IP_PROTOCOL;
conditions[1].conditionValue.type = FWP_V4_ADDR_MASK;
conditions[1].conditionValue.v4AddrMask = new FWP_V4_ADDR_AND_MASK;
conditions[1].conditionValue.v4AddrMask->addr = ip;
conditions[1].conditionValue.v4AddrMask->mask = VISTA_SUBNET_MASK;
conditions[1].matchType = FWP_MATCH_EQUAL;
© www.soinside.com 2019 - 2024. All rights reserved.