Hi,
I am trying to port existing firewall to Windows Vista. It is using PF_SET_EXTENSION_HOOK_INFO callback registration provided by IpFilterdriver. However, I have found that this approach is not working in Vista. Registration request IOCTL_PF_SET_EXTENSION_POINTER returns OK, but specified callback function is never called. If this is not possible in Windows Vista, what is purpose of ipfltdrv.sys in Windows Vista?
Lubos Hnanicek
The filter hook extension interface is not supported on Vista. Vista
provides the Windows Filtering Platform (WFP) which replaces this hook as
well as the firewall hook - it is well documented in the WDK. As for why the
driver is still loaded, I am not sure.
Ross
On 11/9/07, xxxxx@gmail.com wrote:
>
> Hi,
>
> I am trying to port existing firewall to Windows Vista. It is using
> PF_SET_EXTENSION_HOOK_INFO callback registration provided by IpFilterdriver.
> However, I have found that this approach is not working in Vista.
> Registration request IOCTL_PF_SET_EXTENSION_POINTER returns OK, but
> specified callback function is never called. If this is not possible in
> Windows Vista, what is purpose of ipfltdrv.sys in Windows Vista?
>
> Lubos Hnanicek
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
IpFilterDriver Hook can not be using in vista.
You can using NdisFilter inside.
The sample’s path in WDK is \WinDDK\6000\src\network\ndis\filter\
The sample codes does not show how to drop outbound or inbound packet.
But you can find the method in WDK’s help document.
On Nov 9, 2007 9:50 PM, Ross Philipson wrote:
> The filter hook extension interface is not supported on Vista. Vista
> provides the Windows Filtering Platform (WFP) which replaces this hook as
> well as the firewall hook - it is well documented in the WDK. As for why the
> driver is still loaded, I am not sure.
>
> Ross
>
>
> On 11/9/07, xxxxx@gmail.com wrote:
> >
> > Hi,
> >
> > I am trying to port existing firewall to Windows Vista. It is using
> > PF_SET_EXTENSION_HOOK_INFO callback registration provided by IpFilterdriver.
> > However, I have found that this approach is not working in Vista.
> > Registration request IOCTL_PF_SET_EXTENSION_POINTER returns OK, but
> > specified callback function is never called. If this is not possible in
> > Windows Vista, what is purpose of ipfltdrv.sys in Windows Vista?
> >
> > Lubos Hnanicek
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
> >
>
> — NTDEV is sponsored by OSR For our schedule of WDF, WDM, debugging and
> other seminars visit: http://www.osr.com/seminars To unsubscribe, visit
> the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
–
-----------------------------------------------------
Best regards,
Leo Jiang
MSN: xxxxx@live.com
http://www.shamuma.net/