RedirectConnections Method of the IFWXSession Interface

The RedirectConnections method enables connections by using a local, internal Microsoft Firewall service address.

Syntax

HRESULT RedirectConnections(
  [in]			LPSOCKADDR ConnectAddresses[],
  [in]			DWORD ConnectAddressLength,
  [in]			DWORD dwNumberOfAddresses,
  [out]		 LPSOCKADDR InternalAddress,
  [in, out]	 LPDWORD InternalAddressLength,
  [in]			LPSOCKADDR ProxyExternalAddress,
  [in]			DWORD ProxyExternalAddressLength,
  [in]			INT Protocol,
  [in]			DWORD dwFlags,
  [in]			REFGUID ProtocolGuid,
  [in, optional]  IFWXSessionFilter* pSessionFilter,
  [in, optional]  IUnknown* punkContext,
  [out]		 IFWXFirewallAction* FirewallActionArray[]
);

Parameters

ConnectAddresses

Pointer to an array of pointers to sockaddr structures that contain the addresses to which the client connections will be redirected.

ConnectAddressLength

Length, in bytes, of the addresses pointed to by the ConnectAddresses parameter.

dwNumberOfAddresses

Number of addresses in the ConnectAddresses array.

InternalAddress

The socket address on the Forefront TMG internal interface where the client should connect. This value is updated by the Firewall service.

InternalAddressLength

Length, in bytes, of the InternalAddress parameter.

ProxyExternalAddress

Pointer to a sockaddr structure that contains the Forefront TMG computer's external address used for the connection. This is useful in the case of multihomed Forefront TMG computers. Requesting a specific address ensures that a secondary connection uses the same IP address as the primary connection. This parameter can be NULL, defaulting to INADDR_ANY and 0 (any port).

ProxyExternalAddressLength

Length, in bytes, of the ProxyExternalAddress structure.

Protocol

Protocol flags. This parameter can have the following flag values:

Value Meaning

FWX_PROTOCOL_TCP

The connection will use a TCP socket.

FWX_PROTOCOL_UDP

The connection will use a UDP socket.

dwFlags

Connection flags. This parameter can be a combination of the following values:

Value Meaning

FWX_FLAG_ALLOW_MULTIPLE

By default, a single outbound connection is expected. If this flag is specified, multiple connections to the same address will be possible.

FWX_FLAG_TIMEOUT

The client is expected to use the permission shortly after the call. If the client does not make the connection, the permission automatically expires.

FWX_FLAG_NO_KERNEL_MODE

Each connection goes through user-mode code, regardless of whether kernel mode could be used for the connection.

FWX_INCREASE_RECEIVE_BUFFER

The receive buffer will be increased to 64 kilobytes. This flag should be set to prevent packet loss if high-bandwidth packet bursts occur in a secondary UDP connection.

ProtocolGuid

GUID that identifies the protocol that the connection is part of.

pSessionFilter

Pointer to the IFWXSessionFilter interface. Use with the punkContext parameter to receive an event of type fwx_EstablishedConnection (as defined in the FxwFirewallEventType enumerated type) from the Firewall service.

punkContext

Provides user context information regarding the connection. Use with the pSessionFilter parameter to receive an event of type fwx_EstablishedConnection from the Firewall service. This parameter can be NULL. Specify NULL if notification of fwx_EstablishedConnection events is not required, or if you do not need to pass any context information.

FirewallActionArray

Pointer to an array of IFWXFirewallAction interface pointers. The array is filled with pointers to IFWXFirewallAction interfaces to the firewall action objects created by this call. The array contains dwNumberOfAddresses pointers.

Return Value

This method returns S_OK if the call is successful; otherwise, it returns an error code.

Remarks

This method is intended for use by filters that act as an application proxy that has to establish secondary connections and give the same address as the primary connection for the secondary connection.

Filters for Firewall clients and for SecureNAT clients usually use AllowFutureConnect instead.

Calling this method causes all filters that are registered for connect events on the appropriate port to be notified. If no data filters are installed, a kernel-mode NAT redirection may result.

Requirements

Server Requires Windows Server 2008.
Version Requires Forefront Threat Management Gateway (TMG).
Header

Declared in Wspfwext.idl.

DLL

Requires Wspsrv.exe.

See Also

IFWXSession
IFWXFirewallAction
IFWXSession::AllowFutureConnect


Send comments about this topic to Microsoft

Build date: 11/30/2009

© 2008 Microsoft Corporation. All rights reserved.

508 Resource Limit Is Reached

Resource Limit Is Reached

The website is temporarily unable to service your request as it exceeded resource limit. Please try again later.