Partager via


FW_LOG_ENTRY (Windows Embedded CE 6.0)

1/6/2010

This structure contains information about logged packets, including the appropriate protocol header. For TCP, ICMP, or UDP packets, this structure contains information about logged packets for a logging DLL.

Syntax

typedef struct _FIREWALL_LOG_ENTRY {
    FW_IP_ADDRESS PrivateHost;
    FW_IP_ADDRESS PublicHost;
    INT Protocol;
    FW_ACTIONS Action;
    FW_DIRECTIONS Direction;
      
    union
    {
        struct 
        {
            ushort tcp_src;
            ushort tcp_dest;
            int    tcp_seq;
            int    tcp_ack;
            ushort tcp_flags;
            ushort tcp_window;
            ushort tcp_xsum;
            ushort tcp_urgent;
        }TCPHeader;
            
        struct
        {
            ushort Source;
            ushort Dest; 
            ushort Length;
            ushort Checksum;
        }UDPHeader;
                
        struct {
            uchar ich_type;
            uchar ich_code;
            ushort ich_xsum; 
            ulong ich_param;
        }ICMPHeader;
                
        struct
        {
            uchar Type; 
            uchar Code;
            ushort Checksum; 
        }ICMPv6Header;
    };
}FW_LOG_ENTRY, *PFW_LOG_ENTRY;

Members

  • PrivateHost
    The address that identifies a host on the private network. For inbound packets, this is the destination address of the packet. For outbound packets, this is the source address of the packet.
  • PublicHost
    The IP address of the host on the public side of the firewall. For inbound packets, this is the source address of the packet. For outbound packets, this is the destination address of the packet.
  • Protocol
    The protocol for the rule. The following list shows some possible protocols:

    TCP          6

    UDP         17

    ICMPv4      1

    ICMPv6       58

    AH (IPSec)    51

    ESP (IPSec)    50

  • Action
    The action specifying whether the packet was allowed or blocked by the firewall. The value is one of the elements in FW_ACTIONS.
  • Direction
    The direction specifying whether the packet was inbound or outbound. The value is one of the elements in FW_DIRECTIONS.
  • TCPHeader
    Member of the union with UDPHeader, ICMPHeader, and ICMPv6Header. If Protocol is 6 for TCP, then this structure is valid and contains the packet's TCP header. The header fields are in network byte order.
  • *TCPHeader.***tcp_src
    TCP source port.
  • **TCPHeader.**tcp_dest
    TCP destination port.
  • **TCPHeader.**tcp_seq
    TCP sequence number of the data being transmitted.
  • **TCPHeader.**tcp_ack
    TCP acknowledgement (ACK) number.
  • **TCPHeader.**tcp_flags
    TCP flags and header length.
  • **TCPHeader.**tcp_window
    TCP window size
  • **TCPHeader.**tcp_xsum
    TCP packet checksum.
  • **TCPHeader.**tcp_urgent
    TCP urgent pointer.
  • UDPHeader
    Member of the union with TCPHeader, ICMPHeader, and ICMPv6Header. If Protocol is 17 for UDP, then this structure is valid and contains the packet's UDP header.

    The header fields are in network byte order.

  • **UDPHeader.**Source
    UDP source port.
  • **UDPHeader.**Dest
    UDP destination port.
  • **UDPHeader.**Length
    UDP packet length, in bits.
  • **UDPHeader.**Checksum
    UDP packet checksum.
  • ICMPHeader
    Member of the union with TCPHeader, UDPHeader, and ICMPv6Header. If Protocol is 1 for ICMPv4, then this structure is valid and contains the packet's ICMP header.
  • **ICMPHeader.**ich_type
    Type of ICMPv4 packet.
  • **ICMPHeader.**ich_code
    ICMPv4 subcode of the type of packet.
  • **ICMPHeader.**ich_xsum
    ICMPv4 packet checksum.
  • **ICMPHeader.**ich_param
    Type-specific parameter. This is used for ICMPv4 packets only.
  • ICMPv6Header
    Member of the union with TCPHeader, UDPHeader, and ICMPHeader. If Protocol is 58 forICMPv6, then this structure is valid and contains the packet's ICMPv6 header.
  • **ICMPv6Header.**Type
    Type of ICMPv6 packet.
  • **ICMPv6Header.**Code
    ICMPv6 subcode of the type of packet.
  • **ICMPv6Header.**Checksum
    ICMPv6 packet checksum.

Requirements

Header fwapi.h
Windows Embedded CE Windows CE .NET 4.2 and later

See Also

Reference

IP Firewall Structures
IP Firewall Logging Reference