Share via


FwpsInjectTransportReceiveAsync0 (Compact 7)

3/12/2014

This function injects packet data from the transport, datagram data, or ICMP error layers into the receive data path.

Syntax

NTSTATUS NTAPI
  FwpsInjectTransportReceiveAsync0(
    IN HANDLE  injectionHandle,
    IN OPTIONAL HANDLE  injectionContext,
    IN PVOID  reserved,
    IN UINT32  flags,
    IN ADDRESS_FAMILY  addressFamily,
    IN COMPARTMENT_ID  compartmentId,
    IN IF_INDEX  interfaceIndex,
    IN IF_INDEX  subInterfaceIndex,
    IN OUT NET_BUFFER_LIST  *netBufferList
    IN FWPS_INJECT_COMPLETE0  completionFn,
    IN OPTIONAL HANDLE  completionContext
    );

Parameters

  • injectionContext
    An optional handle to the injection context. If it is specified, it can be obtained by calling the FwpsQueryPacketInjectionState0 function when the packet injection state FWPS_PACKET_INJECTION_STATE is FWPS_PACKET_INJECTED_BY_SELF or FWPS_PACKET_PREVIOUSLY_INJECTED_BY_SELF
  • reserved
    Reserved; set to 0 (zero).
  • flags
    Reserved; set to 0 (zero).
  • addressFamily
    One of the following address families:

    • AF_INET: The IPv4 address family
    • AF_INET6: The IPv6 address family
  • compartmentId
    The identifier of the routing compartment into which the packet data is injected, specified as a COMPARTMENT_ID type. This identifier is provided to a callout through the compartmentId member of the FWPS_INCOMING_METADATA_VALUES0 structure that is passed to the callout's classifyFn callout function. If the compartmentId member is available to callouts, FWPS_METADATA_FIELD_COMPARTMENT_ID is set in the currentMetadataValues member. Otherwise, set this parameter to UNSPECIFIED_COMPARTMENT_ID
  • interfaceIndex
    The index of the interface on which the original packet data was received. A callout driver should use the value of the interface index as one of the incoming data values to its classifyFn callout function if the packet is to be injected into the same interface where the original packet was indicated.
  • subInterfaceIndex
    The index of the subinterface on which the original packet data was received. A callout driver should use the value of the subinterface index that is passed as one of the incoming data values to its classifyFn callout function for this parameter if the packet is to be injected into the same subinterface where the original packet was indicated
  • completionFn
    A pointer to a completionFn callout function that is provided by the callout driver. The filter engine calls this function after the packet data, described by the netBufferList parameter is injected into the network stack
  • completionContext
    A pointer to a callout driver-provided context that is passed to the callout function pointed to by the completionFn parameter. This parameter is optional and can be NULL

Return Value

The FwpsInjectTransportReceiveAsync0 function returns one of the following NTSTATUS codes:

Value Description

STATUS_SUCCESS

The packet data injection was initiated successfully. The filter engine calls the completion function after the filter engine has completed injecting the packet data into the network stack, or when a subsequent error occurs. In this case, the Status member of the completed NET_BUFFER_LIST structure will indicate the reason for failure.

STATUS_FWP_TCPIP_NOT_READY

The TCP/IP network stack is not ready to accept injection of packet data.

STATUS_FWP_INJECT_HANDLE_CLOSING

The injection handle is being closed.

Other status codes

An error occurred

Remarks

A callout driver calls the FwpsInjectTransportReceiveAsync0 function to insert packet data from the transport, datagram data, or ICMP error layers into the receive data path. This function can execute asynchronously. Callout drivers normally inject data into the network stack when modifying packet data.

If the return value is not STATUS_SUCCESS, the completion function is not called. In this case, the net buffer list pointed to by netBufferList must be freed by a call to FwpsFreeNetBufferList0 or FwpsFreeCloneNetBufferList0.

If the original incoming packet data was subject to IPsec policy enforcement when it was originally processed by the transport layer, the cloned packet injected by this function will bypass IPsec verification when it reenters the network stack. Locally generated incoming packets that use the FwpsAllocateNetBufferAndNetBufferList0 function also bypass IPsec verification.

To allow IPsec to process incoming packets first, the callout that inspects the transport layer data must have a lower value of subLayerWeight in the FWPS_FILTER0 structure than the universal sublayer. The callout must not intercept tunnel-mode packets for which the combination of FWPS_PACKET_LIST_INBOUND_IPSEC_INFORMATION0 members (isTunnelMode && !isDeTunneled) is returned by the FwpsGetPacketListSecurityInformation0 function. The callout must wait for the packet to be detunneled and should then intercept it at the transport layer or at a forward layer.

This function can be called from one of the following transport layers if the FWP_CONDITION_FLAG_REQUIRES_ALE_CLASSIFY flag is not set (that is, when flag conditions are set, the matchType member of FWPS_FILTER_CONDITION0 is FWP_MATCH_FLAGS_NONE_SET):

  • FWPS_LAYER_INBOUND_TRANSPORT_V4
  • FWPS_LAYER_INBOUND_TRANSPORT_V6
  • FWPS_LAYER_DATAGRAM_DATA_V4 (when incoming direction is specified with FWP_DIRECTION_INBOUND)
  • FWPS_LAYER_DATAGRAM_DATA_V6 (when incoming direction is specified with FWP_DIRECTION_INBOUND)
  • FWPS_LAYER_INBOUND_ICMP_ERROR_V4
  • FWPS_LAYER_INBOUND_ICMP_ERROR_V6

Otherwise this function should be called from the following Application Layer Enforcement (ALE) layers after a pended ALE operation was initiated with a call to FwpsPendOperation0 and has completed with a call to FwpsCompleteOperation0:

  • FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V4
  • FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V6

A net buffer list to be injected must be passed to the FwpsCompleteOperation0 function as the netBufferList argument.

The injected packet can be indicated to the callout driver again. To prevent infinite looping, the driver should first call the FwpsQueryPacketInjectionState0 function before it continues with a call to the classifyFn callout function, and the driver should allow packets that have the injection state FWPS_PACKET_INJECTION_STATE set to FWPS_PACKET_INJECTED_BY_SELF or FWPS_PACKET_PREVIOUSLY_INJECTED_BY_SELF to pass through unaltered.

Requirements

Header

fwpsk.h

See Also

Reference

Functions Called by Callout Drivers
FWPS_FILTER_CONDITION0
classifyFn
NET_BUFFER_LIST
completionFn
FWPS_FILTER0
FWPS_INCOMING_METADATA_VALUES0
FWPS_PACKET_INJECTION_STATE
FWPS_PACKET_LIST_INBOUND_IPSEC_INFORMATION0
FwpsAllocateCloneNetBufferList0
FwpsAllocateNetBufferAndNetBufferList0
FwpsCompleteOperation0
FwpsFreeNetBufferList0
FwpsFreeCloneNetBufferList0
FwpsGetPacketListSecurityInformation0
FwpsInjectionHandleCreate0
FwpsInjectionHandleDestroy0
FwpsInjectNetworkSendAsync0
FwpsPendOperation0
FwpsQueryPacketInjectionState0
WFP Callout Driver Functions