The FwxFirewallEventProtocolSource enumerated type contains values that specify the protocols and types of connections that can be associated with an event for which notifications are sent to the filter. You can use these values to indicate whether events associated with all protocols and events associated with secondary connections will invoke the filter. For example, use the fwxAssociatedProtocolsAllConnections value for a filter that will be invoked for traffic in secondary connections.
typedef enum FwxFirewallEventProtocolSource {
fwxAnyProtocol
The filter will be invoked for any protocol. When IP routing is enabled (the default setting), this value includes only protocols, such as FTP, that are associated with an application filter. When IP routing is disabled, this value includes all protocols.
= 0x01000000, fwxAssociatedProtocolsAllConnections
The filter will be invoked for both primary and secondary connections. If this flag is not set, only events associated with primary connections will invoke the filter.
= 0x02000000 } FwxFirewallEventProtocolSource;
The filter will be invoked for any protocol. When IP routing is enabled (the default setting), this value includes only protocols, such as FTP, that are associated with an application filter. When IP routing is disabled, this value includes all protocols.
The filter will be invoked for both primary and secondary connections. If this flag is not set, only events associated with primary connections will invoke the filter.
Each value defined in the FwxFirewallEventProtocolSource enumerated type represents a single bit. The values defined in this enumerated type can be combined with one another and with values from the FwxFirewallEventType and FwxFirewallEventSource enumerated types by using the bitwise OR operator. The combined value is then used in the dwGlobalEvents member of the FwxFilterHookEvents structure that is passed by the FilterInit method to the Firewall service.
When IP routing is enabled, Forefront TMG forwards IP traffic for protocols that are not associated with an application filter in kernel mode. This traffic does not reach the Firewall service and cannot be captured by application filters that are not associated with a protocol.
If IP routing is disabled, traffic for protocols that are not associated with an application filter will also reach the Firewall service and can be captured by application filters. Note that disabling IP routing may severely impact performance because all traffic passing through the Forefront TMG computer is handled in user mode.
Traffic originating from the Forefront TMG computer itself (from the Local Host network) is always handled as if IP routing is enabled and will not reach application filters that are not associated with a protocol.
| Server | Requires Windows Server 2008. |
|---|---|
| Version | Requires Forefront Threat Management Gateway (TMG). |
| Header |
Declared in Wspfwext.idl. |
Send comments about this topic to Microsoft
Build date: 11/30/2009
© 2008 Microsoft Corporation. All rights reserved.