Filter hook driver reference
A filter hook driver provides its own filter hook addresses to register the filter hook entity pointer to the IP filter driver provided by the system. This
The filter hook is a data type defined by PacketFilterextensionPTR. Because a filter hook driver provides this address instead of the name,
Device developers are completely arbitrarily named this filter hook.
TypedEf pf_forward_action (* packetfilterextensionptr)
In unsigned char * packetheader,
In unsigned char * packet,
In unsigned int packetlength,
In unsigned int recvinterfaceIndex,
In unsigned int sendInterfaceIndex,
In ipaddr recvlinknexthop,
In ipaddr sendlinknexthop
);
This PacketFilteRextensionPTR data type points to a filter hook callback function. This function is handled to his package and check
Whether forwarding or a DROP package or allowing IP filter drivers then handling this package.
parameter:
PacketHeader: Pointer of the IP header. The filter hook can calculate the information indicted by the header of the IP head structure.
Packet: The buffer pointer containing the information of the package received by the filter hook. This buffer cannot include IP headers pointing with the header.
PacketLength: IP packet byte length information does not include the length of the IP header.
RecvinterFaceIndex: The number of interface adapters reached by the package. Filter hook Use this index to identify the interface accepted by the package
Details of the adapter, for the transmitted package, this parameter is set to INVALID_PF_IF_INDEX and RecVlinkNexthop
Information is meaningless.
SendinterFaceIndex: The number of indexes of the interface adapter sent by the package. If this package will be required to route the information of the interface.
The filter hook can check the routing table via the SNMP. For the arrival package, this parameter is set to nvalid_pf_if_index and
The information in SendlinkNexthop is meaningless.
RecvlinkNexthop: If the interface adapter is an interface pointing to the multi-pointer, this parameter is set to receive the IP of the interface adapter.
site. This parameter is set to ZERO_PF_IP_ADDR.
SendlinkNexthop: If the interface adapter is an interface pointing to the multi-pointer, this parameter is set to the IP of the interface adapter for the package.
site. This parameter is set to ZERO_PF_IP_ADDR.
return value
Returns one of the following values from the PF_FORWARD_ACTION list:
Pf_forward
PF_DROP
PF_pass
IOCTL_PF_SET_EXTENSION_POINTER
Filter hook driver Use this IOCTL to set an IRP for filtering the hook driver to submit to the IP filter driver. Filter hook
The driver sends this IOCTL in the IOBUILDDEVICECONTROLREQUEST function to set IRP.
IOCTL_PF_SET_EXTENSION_POINTER Registered Filter Hook Pickup Function Gives IP Filter Drivers to Note IP Filter Drivers to Each
To send and receive IP packages to call these filter hooks. Similarly, ioctl_pf_set_extension_pointer from IP filter driver
Clear the filter hook callback function.
parameter
IOCONTROLCODE IOCTL_PF_SET_EXTENSION_POINTER.
DeviceObject: IP filtered the pointer of the driver device object.
InputBuffer: A pointer to the PF_SET_EXTENSION_HOOK_INFO structure. To register the filter hook callback function, this
The structure retains the address of the filter hook callback function to clear the filter hook callback function, this structure is NULL. INPUTBUFFERLENGTH PF_SET_EXTENSION_HOOK_INFO structure byte length
OutputBuffer: null
OutputBufferlength: zero.
INTERDEVICEIOCONTROL: FALSE.
Event: NULL.
Iostatusblock: A pointer to a I / O status block in a local location. This I / O status is set after the IP filter driver completes I / O request.
Comment
Set an IRP, filter the hook driver to call the IObuildDeviceiocontrolRequest function. In this call, filter hooks
The driver sends a parameter specifies the IOCTL request for ioctl_pf_set_extension_pointer; this is a device object pointing to the IP filter driver.
The pointer; and an output buffer containing the PF_SET_EXTENSION_HOOK_INFO structure. To get the device object of the IP filter driver, filter hook
The sub-driver calls the IOGETDEVICEOBJECTPOINTER function. In this call, the filter hook driver sends parameters to specify IP filter driver.
The name of the device object, and synchronize, generic_read, and generic_write. These values specify synchronization, read, and write to this device.
Access mode and must be provided. In the IogetDeviceObjectPointer call, filter hook drivers also send a buffer pointer to save the return.
IP filter driver file or device object. This Unicode string contains the name icon of the device object of the IP filter driver // device / ipfil-
Terdriver format.
Submit this IRP, filter the hook driver to call the IOCALLDRIVER function.
The PF_SET_EXTENSION_HOOK_INFO structure is defined as follows.
The PF_SET_EXTENSION_HOK_INFO structure contains some description information of the filter hook callback function.
Typedef struct _pf_set_extension_hook_info {
Packetfilterextensionptr extensionPointer;
} Pf_set_extension_hook_info, * ppf_set_extension_hook_info;
Contains information about the following members:
ExtensionPointer
Type a PacketFilTeRextensionPTR's data type to point to a filter hook callback function and register this letter in an IP filter driver.
Number. If ExtensionPointer is empty, the previous registration function is cleared from the IP filter driver.
