FWPM_NET_EVENT_ENUM_TEMPLATE0 (Compact 2013)
3/26/2014
This structure is used for enumerating net events.
Syntax
typedef struct FWPM_NET_EVENT_ENUM_TEMPLATE0_ {
FILETIME startTime;
FILETIME endTime;
UINT32 numFilterConditions;
FWPM_FILTER_CONDITION0* filterCondition;
} FWPM_NET_EVENT_ENUM_TEMPLATE0;
Members
- startTime
A FILETIME structure that specifies the start time of the period to be checked for net events.
- endTime
A FILETIME structure that specifies the end time of the period to be checked for net events. It must be greater than or equal to startTime.
- numFilterConditions
Indicates the number of filter conditions in the filterCondition member. If this field is 0, all events will be returned.
filterCondition
An array of FWPM_FILTER_CONDITION0 structures that contain distinct filter conditions (duplicated filter conditions will generate an error). All conditions must be true for the action to be performed. In other words, the conditions are AND'd together. If no conditions are specified, the action is always performed.Supported filtering conditions are listed in the Remarks section below.
Remarks
The following is a list of the possible values for the filterCondition data member:
Value |
Meaning |
|---|---|
FWPM_CONDITION_IP_PROTOCOL |
The IP protocol number, as specified in RFC 1700. |
FWPM_CONDITION_IP_LOCAL_ADDRESS |
The local IP address. |
FWPM_CONDITION_IP_REMOTE_ADDRESS |
The remote IP address. |
FWPM_CONDITION_IP_LOCAL_PORT |
The local transport protocol port number. For ICMP, the message type. |
FWPM_CONDITION_IP_REMOTE_PORT |
The remote transport protocol port number. For ICMP, the message code. |
FWPM_CONDITION_SCOPE_ID |
The interface IPv6 scope identifier. Reserved for internal use. |
FWPM_CONDITION_ALE_APP_ID |
The full path of the application. |
FWPM_CONDITION_ALE_USER_ID |
The identification of the local user. |
Requirements
Header |
fwpmu.h |