FwxFirewallEventProtocolSource Enumeration

The FwxFirewallEventProtocolSource enumerated type contains values that specify the protocols and types of connections that can be associated with an event for which notifications are sent to the filter. You can use these values to indicate whether events associated with all protocols and events associated with secondary connections will invoke the filter. For example, use the fwxAssociatedProtocolsAllConnections value for a filter that will be invoked for traffic in secondary connections.

Syntax

typedef enum FwxFirewallEventProtocolSource {
  fwxAnyProtocol
fwxAnyProtocol

The filter will be invoked for any protocol. When IP routing is enabled (the default setting), this value includes only protocols, such as FTP, that are associated with an application filter. When IP routing is disabled, this value includes all protocols.

						 = 0x01000000,
  fwxAssociatedProtocolsAllConnections
fwxAssociatedProtocolsAllConnections

The filter will be invoked for both primary and secondary connections. If this flag is not set, only events associated with primary connections will invoke the filter.

   = 0x02000000
} FwxFirewallEventProtocolSource;

Constants

fwxAnyProtocol

The filter will be invoked for any protocol. When IP routing is enabled (the default setting), this value includes only protocols, such as FTP, that are associated with an application filter. When IP routing is disabled, this value includes all protocols.

fwxAssociatedProtocolsAllConnections

The filter will be invoked for both primary and secondary connections. If this flag is not set, only events associated with primary connections will invoke the filter.

Remarks

Each value defined in the FwxFirewallEventProtocolSource enumerated type represents a single bit. The values defined in this enumerated type can be combined with one another and with values from the FwxFirewallEventType and FwxFirewallEventSource enumerated types by using the bitwise OR operator. The combined value is then used in the dwGlobalEvents member of the FwxFilterHookEvents structure that is passed by the FilterInit method to the Firewall service.

When IP routing is enabled, Forefront TMG forwards IP traffic for protocols that are not associated with an application filter in kernel mode. This traffic does not reach the Firewall service and cannot be captured by application filters that are not associated with a protocol.

If IP routing is disabled, traffic for protocols that are not associated with an application filter will also reach the Firewall service and can be captured by application filters. Note that disabling IP routing may severely impact performance because all traffic passing through the Forefront TMG computer is handled in user mode.

Traffic originating from the Forefront TMG computer itself (from the Local Host network) is always handled as if IP routing is enabled and will not reach application filters that are not associated with a protocol.

Requirements

Server Requires Windows Server 2008.
Version Requires Forefront Threat Management Gateway (TMG).
Header

Declared in Wspfwext.idl.

See Also

Filter Enumerated Types


Send comments about this topic to Microsoft

Build date: 11/30/2009

© 2008 Microsoft Corporation. All rights reserved.

[an error occurred while processing this directive]