FwpsInjectTransportSendAsync0 (Compact 2013)
3/26/2014
This function injects packet data from the transport, datagram data, or ICMP error layers into the send data path.
Syntax
NTSTATUS NTAPI
FwpsInjectTransportSendAsync0(
IN HANDLE injectionHandle,
IN OPTIONAL HANDLE injectionContext,
IN UINT64 endpointHandle,
IN UINT32 flags,
IN OPTIONAL FWPS_TRANSPORT_SEND_PARAMS0 *sendArgs,
IN ADDRESS_FAMILY addressFamily,
IN COMPARTMENT_ID compartmentId,
IN OUT NET_BUFFER_LIST *netBufferList
IN FWPS_INJECT_COMPLETE0 completionFn,
IN OPTIONAL HANDLE completionContext
);
Parameters
- injectionHandle
An injection handle that was previously created by a call to the FwpsInjectionHandleCreate0 function
- injectionContext
An optional handle to the injection context. If it is specified, it can be obtained by calling the FwpsQueryPacketInjectionState0 function when the packet injection state FWPS_PACKET_INJECTION_STATE is FWPS_PACKET_INJECTED_BY_SELF or FWPS_PACKET_PREVIOUSLY_INJECTED_BY_SELF
- flags
Reserved. Callout drivers must set this parameter to zero
- Sendargs
A pointer to a FWPS_TRANSPORT_SEND_PARAMS0 structure that specifies the properties of the current outgoing packet. Can be NULL only if the net buffer list to be injected contains an IP header (for example, if the packet is sent through a raw socket).
addressFamily
One of the following address families:- AF_INET: The IPv4 address family
- AF_INET6: The IPv6 address family
- compartmentId
The identifier of the routing compartment into which the packet data is injected, specified as a COMPARTMENT_ID type. This identifier is provided to a callout through the compartmentId member of the FWPS_INCOMING_METADATA_VALUES0 structure that is passed to the callout's classifyFn callout function. If the compartmentId member is available to callouts, FWPS_METADATA_FIELD_COMPARTMENT_ID will be set in the currentMetadataValues member. Otherwise, set this parameter to UNSPECIFIED_COMPARTMENT_ID
- netBufferList
A pointer to a NET_BUFFER_LIST structure that describes the packet data that is being injected. A callout driver allocates a NET_BUFFER_LIST structure to use to insert packet data by calling either the FwpsAllocateCloneNetBufferList0 function or the FwpsAllocateNetBufferAndNetBufferList0 function. The NET_BUFFER_LIST structure must begin with an IP header
- completionFn
A pointer to a completionFn callout function that is provided by the callout driver. The filter engine calls this function after the packet data, described by the netBufferList parameter is injected into the network stack
- completionContext
A pointer to a callout driver-provided context that is passed to the callout function pointed to by the completionFn parameter. This parameter is optional and can be NULL
Return Value
The FwpsInjectTransportSendAsync0 function returns one of the following NTSTATUS codes:
Value |
Description |
|---|---|
STATUS_SUCCESS |
The packet data injection was initiated successfully. The filter engine calls the completion function after the filter engine has completed injecting the packet data into the network stack, or when a subsequent error occurs. If there is an error, the Status member of the completed NET_BUFFER_LIST structure will indicate the reason for failure. |
STATUS_FWP_TCPIP_NOT_READY |
The TCP/IP network stack is not ready to accept injection of packet data |
STATUS_FWP_INJECT_HANDLE_CLOSING |
The injection handle is being closed |
Other status codes |
An error occurred |
Remarks
A callout driver calls the FwpsInjectTransportSendAsync0 function to insert network packet data from the transport, datagram data, or ICMP error layers into the send data path. At these layers, the IP header might not yet be formed, and when IPsec policy is active, the packet data is not encrypted or signed. Therefore, this function is ideal to use for packet inspection in an IPsec-enabled environment.
This function can execute asynchronously.
If the return value is not STATUS_SUCCESS, the completion function is not called. In this case, the net buffer list pointed to by netBufferList must be freed by a call to the FwpsFreeNetBufferList0 or FwpsFreeCloneNetBufferList0 functions.
Callout drivers typically insert data into the network stack when modifying packet data.
The injected packet can be indicated to the callout driver again. To prevent infinite looping, the driver should first call the FwpsQueryPacketInjectionState0 function recalling the classifyFn callout function. The driver should allow packets that have the injection state FWPS_PACKET_INJECTION_STATE set to FWPS_PACKET_INJECTED_BY_SELF or FWPS_PACKET_PREVIOUSLY_INJECTED_BY_SELF.
The endpointHandle parameter, in addition to members declared in the FWPS_TRANSPORT_SEND_PARAMS0 structure pointed to by the sendArgs parameter, are provided to callouts from the following network layers:
- FWPS_LAYER_OUTBOUND_TRANSPORT_V4
- FWPS_LAYER_OUTBOUND_TRANSPORT_V6
- FWPS_LAYER_DATAGRAM_DATA_V4 (when outgoing direction is specified with FWP_DIRECTION_OUTBOUND)
- FWPS_LAYER_DATAGRAM_DATA_V6 (when outgoing direction is specified with FWP_DIRECTION_OUTBOUND)
- FWPS_LAYER_OUTBOUND_ICMP_ERROR_V4
- FWPS_LAYER_OUTBOUND_ICMP_ERROR_V6
Requirements
Header |
fwpsk.h |
See Also
Reference
Functions Called by Callout Drivers
FWPS_INCOMING_METADATA_VALUES0
FWPS_PACKET_INJECTION_STATE
FWPS_TRANSPORT_SEND_PARAMS0
classifyFn
NET_BUFFER_LIST
completionFn
FwpsAllocateCloneNetBufferList0
FwpsFreeNetBufferList0
FwpsFreeCloneNetBufferList0
FwpsAllocateNetBufferAndNetBufferList0
FwpsInjectionHandleCreate0
FwpsInjectionHandleDestroy0
FwpsQueryPacketInjectionState0
WFP Callout Driver Functions