FwpsInjectTransportReceiveAsync0 (Compact 7)
3/12/2014
This function injects packet data from the transport, datagram data, or ICMP error layers into the receive data path.
Syntax
NTSTATUS NTAPI
FwpsInjectTransportReceiveAsync0(
IN HANDLE injectionHandle,
IN OPTIONAL HANDLE injectionContext,
IN PVOID reserved,
IN UINT32 flags,
IN ADDRESS_FAMILY addressFamily,
IN COMPARTMENT_ID compartmentId,
IN IF_INDEX interfaceIndex,
IN IF_INDEX subInterfaceIndex,
IN OUT NET_BUFFER_LIST *netBufferList
IN FWPS_INJECT_COMPLETE0 completionFn,
IN OPTIONAL HANDLE completionContext
);
Parameters
- injectionHandle
An injection handle that was previously created by a call to the FwpsInjectionHandleCreate0 function,
- injectionContext
An optional handle to the injection context. If it is specified, it can be obtained by calling the FwpsQueryPacketInjectionState0 function when the packet injection state FWPS_PACKET_INJECTION_STATE is FWPS_PACKET_INJECTED_BY_SELF or FWPS_PACKET_PREVIOUSLY_INJECTED_BY_SELF
- reserved
Reserved; set to 0 (zero).
- flags
Reserved; set to 0 (zero).
addressFamily
One of the following address families:- AF_INET: The IPv4 address family
- AF_INET6: The IPv6 address family
- compartmentId
The identifier of the routing compartment into which the packet data is injected, specified as a COMPARTMENT_ID type. This identifier is provided to a callout through the compartmentId member of the FWPS_INCOMING_METADATA_VALUES0 structure that is passed to the callout's classifyFn callout function. If the compartmentId member is available to callouts, FWPS_METADATA_FIELD_COMPARTMENT_ID is set in the currentMetadataValues member. Otherwise, set this parameter to UNSPECIFIED_COMPARTMENT_ID
- interfaceIndex
The index of the interface on which the original packet data was received. A callout driver should use the value of the interface index as one of the incoming data values to its classifyFn callout function if the packet is to be injected into the same interface where the original packet was indicated.
- subInterfaceIndex
The index of the subinterface on which the original packet data was received. A callout driver should use the value of the subinterface index that is passed as one of the incoming data values to its classifyFn callout function for this parameter if the packet is to be injected into the same subinterface where the original packet was indicated
- netBufferList
A pointer to a NET_BUFFER_LIST structure that describes the packet data that is being injected. A callout driver allocates a NET_BUFFER_LIST structure to use to insert packet data by calling either the FwpsAllocateCloneNetBufferList0 function or the FwpsAllocateNetBufferAndNetBufferList0 function. The NET_BUFFER_LIST structure must begin with an IP header
- completionFn
A pointer to a completionFn callout function that is provided by the callout driver. The filter engine calls this function after the packet data, described by the netBufferList parameter is injected into the network stack
- completionContext
A pointer to a callout driver-provided context that is passed to the callout function pointed to by the completionFn parameter. This parameter is optional and can be NULL
Return Value
The FwpsInjectTransportReceiveAsync0 function returns one of the following NTSTATUS codes:
Value | Description |
---|---|
STATUS_SUCCESS |
The packet data injection was initiated successfully. The filter engine calls the completion function after the filter engine has completed injecting the packet data into the network stack, or when a subsequent error occurs. In this case, the Status member of the completed NET_BUFFER_LIST structure will indicate the reason for failure. |
STATUS_FWP_TCPIP_NOT_READY |
The TCP/IP network stack is not ready to accept injection of packet data. |
STATUS_FWP_INJECT_HANDLE_CLOSING |
The injection handle is being closed. |
Other status codes |
An error occurred |
Remarks
A callout driver calls the FwpsInjectTransportReceiveAsync0 function to insert packet data from the transport, datagram data, or ICMP error layers into the receive data path. This function can execute asynchronously. Callout drivers normally inject data into the network stack when modifying packet data.
If the return value is not STATUS_SUCCESS, the completion function is not called. In this case, the net buffer list pointed to by netBufferList must be freed by a call to FwpsFreeNetBufferList0 or FwpsFreeCloneNetBufferList0.
If the original incoming packet data was subject to IPsec policy enforcement when it was originally processed by the transport layer, the cloned packet injected by this function will bypass IPsec verification when it reenters the network stack. Locally generated incoming packets that use the FwpsAllocateNetBufferAndNetBufferList0 function also bypass IPsec verification.
To allow IPsec to process incoming packets first, the callout that inspects the transport layer data must have a lower value of subLayerWeight in the FWPS_FILTER0 structure than the universal sublayer. The callout must not intercept tunnel-mode packets for which the combination of FWPS_PACKET_LIST_INBOUND_IPSEC_INFORMATION0 members (isTunnelMode && !isDeTunneled) is returned by the FwpsGetPacketListSecurityInformation0 function. The callout must wait for the packet to be detunneled and should then intercept it at the transport layer or at a forward layer.
This function can be called from one of the following transport layers if the FWP_CONDITION_FLAG_REQUIRES_ALE_CLASSIFY flag is not set (that is, when flag conditions are set, the matchType member of FWPS_FILTER_CONDITION0 is FWP_MATCH_FLAGS_NONE_SET):
- FWPS_LAYER_INBOUND_TRANSPORT_V4
- FWPS_LAYER_INBOUND_TRANSPORT_V6
- FWPS_LAYER_DATAGRAM_DATA_V4 (when incoming direction is specified with FWP_DIRECTION_INBOUND)
- FWPS_LAYER_DATAGRAM_DATA_V6 (when incoming direction is specified with FWP_DIRECTION_INBOUND)
- FWPS_LAYER_INBOUND_ICMP_ERROR_V4
- FWPS_LAYER_INBOUND_ICMP_ERROR_V6
Otherwise this function should be called from the following Application Layer Enforcement (ALE) layers after a pended ALE operation was initiated with a call to FwpsPendOperation0 and has completed with a call to FwpsCompleteOperation0:
- FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V4
- FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V6
A net buffer list to be injected must be passed to the FwpsCompleteOperation0 function as the netBufferList argument.
The injected packet can be indicated to the callout driver again. To prevent infinite looping, the driver should first call the FwpsQueryPacketInjectionState0 function before it continues with a call to the classifyFn callout function, and the driver should allow packets that have the injection state FWPS_PACKET_INJECTION_STATE set to FWPS_PACKET_INJECTED_BY_SELF or FWPS_PACKET_PREVIOUSLY_INJECTED_BY_SELF to pass through unaltered.
Requirements
Header |
fwpsk.h |
See Also
Reference
Functions Called by Callout Drivers
FWPS_FILTER_CONDITION0
classifyFn
NET_BUFFER_LIST
completionFn
FWPS_FILTER0
FWPS_INCOMING_METADATA_VALUES0
FWPS_PACKET_INJECTION_STATE
FWPS_PACKET_LIST_INBOUND_IPSEC_INFORMATION0
FwpsAllocateCloneNetBufferList0
FwpsAllocateNetBufferAndNetBufferList0
FwpsCompleteOperation0
FwpsFreeNetBufferList0
FwpsFreeCloneNetBufferList0
FwpsGetPacketListSecurityInformation0
FwpsInjectionHandleCreate0
FwpsInjectionHandleDestroy0
FwpsInjectNetworkSendAsync0
FwpsPendOperation0
FwpsQueryPacketInjectionState0
WFP Callout Driver Functions