locked
Filtering Option RRS feed

  • Question

  • Is it possible to filter at the ALE layers by HTTP/FTP specifically and no other TCP traffic? Or do the layers not know at that point what kind of TCP traffic it is?

    Thanks

    Thursday, July 21, 2011 8:45 PM

Answers

  • Yes.  You can achieve this by creating filter(s) with multiple conditions. i.e. FWPM_CONDITION_IP_PROTOCOL = IPPROTO_TCP AND FWPM_CONDITION_IP_REMOTE_PORT = 80 (HTTP) OR FWPM_CONDITION_IP_REMOTE_PORT = 21 (FTP).

     

    Hope this helps,

     

     


    Dusty Harper [MSFT]
    Microsoft Corporation
    ------------------------------------------------------------
    This posting is provided "AS IS", with NO warranties and confers NO rights
    ------------------------------------------------------------
    Thursday, July 21, 2011 11:01 PM
    Moderator

All replies

  • Yes.  You can achieve this by creating filter(s) with multiple conditions. i.e. FWPM_CONDITION_IP_PROTOCOL = IPPROTO_TCP AND FWPM_CONDITION_IP_REMOTE_PORT = 80 (HTTP) OR FWPM_CONDITION_IP_REMOTE_PORT = 21 (FTP).

     

    Hope this helps,

     

     


    Dusty Harper [MSFT]
    Microsoft Corporation
    ------------------------------------------------------------
    This posting is provided "AS IS", with NO warranties and confers NO rights
    ------------------------------------------------------------
    Thursday, July 21, 2011 11:01 PM
    Moderator
  • Ahh that makes sense thank you!
    Friday, July 22, 2011 7:27 PM