none
Using WFP filter to allow pair of port and ip. RRS feed

  • Question

  • Hi, 

    I'd like to have firewall that isolate my device from network with exception of few port/ip pairs that I wish to allow. 

    For example, in order to allow certain port (for all ip addresses)  i use the following filter:

    FWPM_FILTER_CONDITION0 conditions[2]; conditions[0].fieldKey = FWPM_CONDITION_IP_REMOTE_PORT; conditions[0].conditionValue.type = FWP_UINT16; conditions[0].conditionValue.uint16 = port; conditions[1].fieldKey = FWPM_CONDITION_IP_PROTOCOL; conditions[1].conditionValue.type = FWP_UINT8; conditions[1].conditionValue.uint32 = 0; conditions[1].matchType = FWP_MATCH_GREATER_OR_EQUAL; Filter.subLayerKey = myGUID; Filter.displayData.name = L"myFirewall"; Filter.action.type = FWP_ACTION_PERMIT; Filter.weight.type = FWP_UINT64; uint64 weightvalue = 0x102; Filter.weight.uint64 = &weightvalue; Filter.flags = FWPM_FILTER_FLAG_PERSISTENT; Filter.filterCondition = conditions;

    Filter.layerKey = FWPM_LAYER_OUTBOUND_TRANSPORT_V4

    Filter.numFilterConditions = 2;


    This filter allow packets with a single dest port disregarding of its ip.

    How do i add specific ip to the filter condition ? 

    thanks 




    • Edited by Zohar81 Tuesday, May 21, 2019 12:55 PM
    Tuesday, May 21, 2019 12:48 PM