Is there exists some method to catch silently discarded packets on discard layers? RRS feed

  • Question

  • I meet some problem: I need to inspect all discard layers to watch dropped packets. I have some program, that drops packets silently using FWPS_CLASSIFY_OUT_FLAG_ABSORB flag thus my discard inspector can't see discarded packets.

    1. Is there any method to watch silently discarded packets?

    2. I think solution is to make sublayer with zero priority with layers  correspong with discards and watch only packets with FWP_ACTION_BLOCK flag. But I need to watch reason of discard and discarded filter. How can I do this?

    Monday, April 29, 2019 2:53 PM