locked
I add a filter that blocks internet access and When i try to allow a website by adding a new filter it did not works. RRS feed

  • Question

  • Filter to block internet 

    FWPM_FILTER0 Filter = { 0 };
    FWPM_FILTER_CONDITION0 Condition = { 0 };
    FWP_V4_ADDR_AND_MASK AddrMask = { 0 };

    // Prepare filter condition.
    Filter.subLayerKey =* m_subLayerGUID;
    Filter.displayData.name = FIREWALL_SERVICE_NAMEW;
    Filter.layerKey = FWPM_LAYER_INBOUND_TRANSPORT_V4;
    Filter.action.type = FWP_ACTION_BLOCK;
    Filter.weight.type = FWP_UINT8;
    Filter.weight.uint8 = 0;
    Filter.filterCondition = &Condition;
    Filter.numFilterConditions = 1;
    Filter.flags = !(FWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT); 
    // Remote IP address should match itFilters->uHexAddrToBlock.
    Condition.fieldKey = FWPM_CONDITION_IP_REMOTE_ADDRESS;
    Condition.matchType = FWP_MATCH_EQUAL;
    Condition.conditionValue.type = FWP_V4_ADDR_MASK;
    Condition.conditionValue.v4AddrMask = &AddrMask;
     
    AddrMask.addr = 0x00000000;
    AddrMask.mask = 0x00000000;
     
    dwFwAPiRetCode = ::FwpmFilterAdd0(m_hEngineHandle,
    &Filter,
    NULL,
    &(stIPFilter.u64VistaFilterId));

    Filter to allow a website 

    FWPM_FILTER0 Filter = { 0 };
    FWPM_FILTER_CONDITION0 Condition = { 0 };
    FWP_V4_ADDR_AND_MASK AddrMask = { 0 };

    // Prepare filter condition.
    Filter.subLayerKey = *m_subLayerGUID2;
    Filter.displayData.name = FIREWALL_SERVICE_NAMEW;
    Filter.layerKey = FWPM_LAYER_INBOUND_TRANSPORT_V4;
    Filter.action.type = FWP_ACTION_PERMIT;
    Filter.flags = FWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT; 
    Filter.weight.type = FWP_UINT8;
    Filter.weight.uint8 = 15;

    Filter.filterCondition = &Condition;
    Filter.numFilterConditions = 1;

    // Remote IP address should match itFilters->uHexAddrToBlock.
    Condition.fieldKey = FWPM_CONDITION_IP_REMOTE_ADDRESS;
    Condition.matchType = FWP_MATCH_EQUAL;
    Condition.conditionValue.type = FWP_V4_ADDR_MASK;
    Condition.conditionValue.v4AddrMask = &AddrMask;
     
    AddrMask.addr = stIPFilter.uHexAddrToBlock;
    AddrMask.mask = 0xffffff00; 
    dwFwAPiRetCode = ::FwpmFilterAdd0(m_hEngineHandle,
    &Filter,
    NULL,
    &(stIPFilter.u64VistaFilterId));

    Please Dusty Harper help me. I have tried every solution that i knows. I'm totally stuck at this point.

    Regards.

    Friday, December 12, 2014 4:39 AM

All replies

  • Tell me If you need more information about my problem.

    Friday, December 12, 2014 4:40 AM
  • also did i have to allow dns explicitly, so that i can browse website in brouwser.
    Friday, December 12, 2014 6:56 AM
  • I suggest, you generate and check filters.xml file using netsh->wfp->show after applying your filters. filters.xml will help you to understand all applied filter with weight.

    Friday, December 12, 2014 7:04 AM
  • Thanks for reply .

    Weights are all correct. I have checked it already.

    Friday, December 12, 2014 11:00 AM