Microsoft Internet Security and Acceleration Server 2000

Adding a Packet Filter

ISA Server's packet-filtering features allow you to control the flow of information to and from ISA Server. With packet filtering, you can intercept and either allow or block packets destined for specific computers on your corporate network.

You can use administration COM objects to add and configure packet filters. This is done by using the FPCIpPacketFilter object.

The following example adds a packet filter that applies to all the servers within the array arr:

' this code creates a static filter for a service that is running 
' on the ISA server and needs to connect to
' NTP server on the Internet at a known address.

Dim objFPC As New FPCLib.FPC
Dim arr As FPCArray
Dim pf As FPCIpPacketFilter
Set arr = objFPC.Arrays.GetContainingArray
Set pf = arr.ArrayPolicy.IpPacketFilters.Add("NetTime", fpcAllowingPacketFilter)
pf.Description = "NTP filter for My App"

' apply to all servers in the array
pf.AllServers = True
pf.FilterType = fpcCustomFilterType
pf.ProtocolNumber = 17

' allow both send and receive
pf.PacketDirection = fpcPfDirectionIndexBoth
' application runs on the ISA Server computer
pf.SetLocalHost fpcPfDefaultProxyExternalIp
pf.LocalPortType = fpcPfDynamicPort

' connecting to a well-known server on the Internet
pf.RemotePortType = fpcPfFixedRemotePort
pf.RemotePortNumber = 123
pf.SetRemoteHost fpcPfExternalIpRange, "", ""
pf.LogMatchingPackets = False
' enable the filter
pf.Enabled = True
' save the changes

See Also