FW_LOG_ENTRY (Windows Embedded CE 6.0)
1/6/2010
This structure contains information about logged packets, including the appropriate protocol header. For TCP, ICMP, or UDP packets, this structure contains information about logged packets for a logging DLL.
Syntax
typedef struct _FIREWALL_LOG_ENTRY {
FW_IP_ADDRESS PrivateHost;
FW_IP_ADDRESS PublicHost;
INT Protocol;
FW_ACTIONS Action;
FW_DIRECTIONS Direction;
union
{
struct
{
ushort tcp_src;
ushort tcp_dest;
int tcp_seq;
int tcp_ack;
ushort tcp_flags;
ushort tcp_window;
ushort tcp_xsum;
ushort tcp_urgent;
}TCPHeader;
struct
{
ushort Source;
ushort Dest;
ushort Length;
ushort Checksum;
}UDPHeader;
struct {
uchar ich_type;
uchar ich_code;
ushort ich_xsum;
ulong ich_param;
}ICMPHeader;
struct
{
uchar Type;
uchar Code;
ushort Checksum;
}ICMPv6Header;
};
}FW_LOG_ENTRY, *PFW_LOG_ENTRY;
Members
- PrivateHost
The address that identifies a host on the private network. For inbound packets, this is the destination address of the packet. For outbound packets, this is the source address of the packet.
- PublicHost
The IP address of the host on the public side of the firewall. For inbound packets, this is the source address of the packet. For outbound packets, this is the destination address of the packet.
Protocol
The protocol for the rule. The following list shows some possible protocols:TCP 6
UDP 17
ICMPv4 1
ICMPv6 58
AH (IPSec) 51
ESP (IPSec) 50
- Action
The action specifying whether the packet was allowed or blocked by the firewall. The value is one of the elements in FW_ACTIONS.
- Direction
The direction specifying whether the packet was inbound or outbound. The value is one of the elements in FW_DIRECTIONS.
- TCPHeader
Member of the union with UDPHeader, ICMPHeader, and ICMPv6Header. If Protocol is 6 for TCP, then this structure is valid and contains the packet's TCP header. The header fields are in network byte order.
- *TCPHeader.***tcp_src
TCP source port.
- **TCPHeader.**tcp_dest
TCP destination port.
- **TCPHeader.**tcp_seq
TCP sequence number of the data being transmitted.
- **TCPHeader.**tcp_ack
TCP acknowledgement (ACK) number.
- **TCPHeader.**tcp_flags
TCP flags and header length.
- **TCPHeader.**tcp_window
TCP window size
- **TCPHeader.**tcp_xsum
TCP packet checksum.
- **TCPHeader.**tcp_urgent
TCP urgent pointer.
UDPHeader
Member of the union with TCPHeader, ICMPHeader, and ICMPv6Header. If Protocol is 17 for UDP, then this structure is valid and contains the packet's UDP header.The header fields are in network byte order.
- **UDPHeader.**Source
UDP source port.
- **UDPHeader.**Dest
UDP destination port.
- **UDPHeader.**Length
UDP packet length, in bits.
- **UDPHeader.**Checksum
UDP packet checksum.
- ICMPHeader
Member of the union with TCPHeader, UDPHeader, and ICMPv6Header. If Protocol is 1 for ICMPv4, then this structure is valid and contains the packet's ICMP header.
- **ICMPHeader.**ich_type
Type of ICMPv4 packet.
- **ICMPHeader.**ich_code
ICMPv4 subcode of the type of packet.
- **ICMPHeader.**ich_xsum
ICMPv4 packet checksum.
- **ICMPHeader.**ich_param
Type-specific parameter. This is used for ICMPv4 packets only.
- ICMPv6Header
Member of the union with TCPHeader, UDPHeader, and ICMPHeader. If Protocol is 58 forICMPv6, then this structure is valid and contains the packet's ICMPv6 header.
- **ICMPv6Header.**Type
Type of ICMPv6 packet.
- **ICMPv6Header.**Code
ICMPv6 subcode of the type of packet.
- **ICMPv6Header.**Checksum
ICMPv6 packet checksum.
Requirements
Header | fwapi.h |
Windows Embedded CE | Windows CE .NET 4.2 and later |