UID | title | description | ms.date | tech.root | targetos | req.construct-type | req.ddi-compliance | req.header | req.include-header | req.kmdf-ver | req.max-support | req.target-min-winverclnt | req.target-min-winversvr | req.target-type | req.typenames | typedef_isUnnamed | req.umdf-ver | topic_type | api_type | api_location | api_name | f1_keywords | dev_langs | helpviewer_keywords | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
NE:fwpsu.FWPS_BUILTIN_LAYERS_ |
FWPS_BUILTIN_LAYERS |
Defines constants that specify built-in run-time filtering layer identifiers. Each is represented by a locally unique identifier (LUID), which is 64 bits in size. |
05/28/2024 |
fwp |
Windows |
enumeration |
fwpsu.h |
Windows |
FWPS_BUILTIN_LAYERS_, FWPS_BUILTIN_LAYERS |
false |
|
|
|
|
|
|
|
Defines constants that specify built-in run-time filtering layer identifiers. Each is represented by a locally unique identifier (LUID), which is 64 bits in size.
Note
The V4 and V6 suffixes at the end of the run-time layer identifiers indicate whether the layer is located in the IPv4 network stack or in the IPv6 network stack.
This filtering layer is located in the receive path just after the IP header of a received packet has been parsed but before any IP header processing takes place. No IPsec decryption or reassembly has occurred.
This filtering layer is located in the receive path for processing any received packets that have been discarded at the network layer.
This filtering layer is located in the receive path just after the IP header of a received packet has been parsed but before any IP header processing takes place. No IPsec decryption or reassembly has occurred.
This filtering layer is located in the receive path for processing any received packets that have been discarded at the network layer.
This filtering layer is located in the send path just before the sent packet is evaluated for fragmentation. All IP header processing is complete and all extension headers are in place. Any IPsec authentication and encryption has already occurred.
This filtering layer is located in the send path for processing any sent packets that have been discarded at the network layer.
This filtering layer is located in the send path just before the sent packet is evaluated for fragmentation. All IP header processing is complete and all extension headers are in place. Any IPsec authentication and encryption has already occurred.
This filtering layer is located in the send path for processing any sent packets that have been discarded at the network layer.
This filtering layer is located in the forwarding path at the point where a received packet is forwarded.
This filtering layer is located in the forwarding path for processing any forwarded packets that have been discarded at the forward layer.
This filtering layer is located in the forwarding path at the point where a received packet is forwarded.
This filtering layer is located in the forwarding path for processing any forwarded packets that have been discarded at the forward layer.
This filtering layer is located in the receive path just after a received packet's header has been parsed by the network stack at the transport layer, but before any transport layer processing takes place.
This filtering layer is located in the receive path for processing any received packets that have been discarded at the transport layer.
This filtering layer is located in the receive path just after a received packet's header has been parsed by the network stack at the transport layer, but before any transport layer processing takes place.
This filtering layer is located in the receive path for processing any received packets that have been discarded at the transport layer.
This filtering layer is located in the send path just after a sent packet has been passed to the network layer for processing but before any network layer processing takes place. This filtering layer is located at the top of the network layer instead of at the bottom of the transport layer so that any packets that are sent by third-party transports or as raw packets are filtered at this layer.
This filtering layer is located in the send path for processing any sent packets that have been discarded at the transport layer.
This filtering layer is located in the send path just after a sent packet has been passed to the network layer for processing but before any network layer processing takes place. This filtering layer is located at the top of the network layer instead of at the bottom of the transport layer so that any packets that are sent by third-party transports or as raw packets are filtered at this layer.
This filtering layer is located in the send path for processing any sent packets that have been discarded at the transport layer.
This filtering layer is located in the stream data path. This layer allows for processing network data on a per stream basis. At the stream layer, the network data is bidirectional.
This filtering layer is reserved for future use.
This filtering layer is located in the stream data path. This layer allows for processing network data on a per stream basis. At the stream layer, the network data is bidirectional.
This filtering layer is reserved for future use.
This filtering layer is located in the datagram data path. This layer allows for processing network data on a per datagram basis. At the datagram layer, the network data is bidirectional.
This filtering layer is located in the datagram data path for processing any datagrams that have been discarded.
This filtering layer is located in the datagram data path. This layer allows for processing network data on a per datagram basis. At the datagram layer, the network data is bidirectional.
This filtering layer is located in the datagram data path for processing any datagrams that have been discarded.
This filtering layer is located in the receive path for processing received ICMP messages for the transport protocol.
This filtering layer is located in the receive path for processing received ICMP messages that have been discarded.
This filtering layer is located in the receive path for processing received ICMP messages for the transport protocol.
This filtering layer is located in the receive path for processing received ICMP messages that have been discarded.
This filtering layer is located in the send path for processing sent ICMP messages for the transport protocol.
This filtering layer is located in the send path for processing sent ICMP messages that have been discarded.
This filtering layer is located in the send path for processing sent ICMP messages for the transport protocol.
This filtering layer is located in the send path for processing sent ICMP messages that have been discarded.
This filtering layer allows for authorizing transport port assignments, bind requests, promiscuous mode requests, and raw mode requests.
This filtering layer allows for processing the following discarded items: transport port assignments, bind requests, promiscuous mode requests, and raw mode requests.
This filtering layer allows for authorizing transport port assignments, bind requests, promiscuous mode requests, and raw mode requests.
This filtering layer allows for processing the following discarded items: transport port assignments, bind requests, promiscuous mode requests, and raw mode requests.
This filtering layer allows for authorizing TCP listen requests.
This filtering layer allows for processing TCP listen requests that have been discarded.
This filtering layer allows for authorizing TCP listen requests.
This filtering layer allows for processing TCP listen requests that have been discarded.
This filtering layer allows for authorizing accept requests for incoming TCP connections, as well as authorizing incoming non-TCP traffic based on the first packet received.
This filtering layer allows for processing accept requests for incoming TCP connections that have been discarded, as well as processing authorizations for incoming non-TCP traffic that have been discarded.
This filtering layer allows for authorizing accept requests for incoming TCP connections, as well as authorizing incoming non-TCP traffic based on the first packet received.
This filtering layer allows for processing accept requests for incoming TCP connections that have been discarded, as well as processing authorizations for incoming non-TCP traffic that have been discarded.
This filtering layer allows for authorizing connect requests for outgoing TCP connections, as well as authorizing outgoing non-TCP traffic based on the first packet sent.
This filtering layer allows for processing connect requests for outgoing TCP connections that have been discarded, as well as processing authorizations for outgoing non-TCP traffic that have been discarded.
This filtering layer allows for authorizing connect requests for outgoing TCP connections, as well as authorizing outgoing non-TCP traffic based on the first packet sent.
This filtering layer allows for processing connect requests for outgoing TCP connections that have been discarded, as well as processing authorizations for outgoing non-TCP traffic that have been discarded.
This filtering layer allows for notification of when a TCP connection has been established, or when non-TCP traffic has been authorized.
This filtering layer allows for processing when an established TCP connection has been discarded at the flow established layer, as well as when authorized non-TCP traffic has been discarded at the flow established layer.
This filtering layer allows for notification of when a TCP connection has been established, or when non-TCP traffic has been authorized.
This filtering layer allows for processing when an established TCP connection has been discarded at the flow established layer, as well as when authorized non-TCP traffic has been discarded at the flow established layer.
This filtering layer allows for inspecting the MAC frame data at the inbound lower (to the NDIS protocol driver) layer. Note: Available only on Windows 8 and later.
This filtering layer allows for inspecting the MAC frame data at the outbound upper (to the NDIS protocol driver) layer. Note: Available only on Windows 8 and later.
This filtering layer is not supported.
This filtering layer is not supported.
This filtering layer allows for querying the names recently resolved by the system.
This filtering layer allows for querying the names recently resolved by the system.
This filtering layer is used as an opportunity to reclaim resources allocated by the callout driver in any of the ALE_RESOURCE_ASSIGNMENT layers.
This filtering layer is used as an opportunity to reclaim resources allocated by the callout driver in any of the ALE_RESOURCE_ASSIGNMENT layers.
This filtering layer is used as an opportunity to reclaim resources allocated by the callout driver in any of the ALE_AUTH_CONNECT or ALE_AUTH_RECV_ACCEPT layers.
This filtering layer is used as an opportunity to reclaim resources allocated by the callout driver in any of the ALE_AUTH_CONNECT or ALE_AUTH_RECV_ACCEPT layers.
This filtering layer allows for the redirecting of connect requests to a different IPV4/ IPV6 address and TCP/UDP port.
This filtering layer allows for the redirecting of connect requests to a different IPV4/ IPV6 address and TCP/UDP port.
This filtering layer allows for the redirecting of bind requests to a different local IPV4/ IPV6 address and/or local TCP/UDP port.
This filtering layer allows for the redirecting of bind requests to a different local IPV4/ IPV6 address and/or local TCP/UDP port.
This filtering layer allows for inspection of network data on a per-TCP packet basis, including handshake and flow control exchanges. At the stream packet layer, the network data is bidirectional.
This filtering layer allows for inspection of network data on a per-TCP packet basis, including handshake and flow control exchanges. At the stream packet layer, the network data is bidirectional.
This filtering layer allows for inspecting the ingress 802.3 data of the Hyper-V extensible switch. Note: Available only on Windows 8 and later.
This filtering layer allows for inspecting the egress 802.3 data of the Hyper-V extensible switch. Note: Available only on Windows 8 and later.
This filtering layer allows for inspecting the ingress transport data of the Hyper-V extensible switch. Note: Available only on Windows 8 and later.
This filtering layer allows for inspecting the ingress transport data of the Hyper-V extensible switch. Note: Available only on Windows 8 and later.
This filtering layer allows for inspecting the egress transport data of the Hyper-V extensible switch. Note: Available only on Windows 8 and later.
This filtering layer allows for inspecting the egress transport data of the Hyper-V extensible switch. Note: Available only on Windows 8 and later.
TBD
TBD
This filtering layer allows for inspecting the MAC frame data at the inbound lower (to the NDIS miniport driver) layer. Note: Available only on Windows 8 and later.
This filtering layer allows for inspecting the MAC frame data at the outbound lower (to the NDIS miniport driver) layer. Note: Available only on Windows 8 and later.
Reserved for system use.
Reserved for system use.
Reserved for system use.
This filtering layer is where a WFP filter driver can inspect an outgoing IPv4 connection, and read/write the routing policy that was configured for this connection. See FwpmConnectionPolicyAdd0.
This filtering layer is where a WFP filter driver can inspect an outgoing IPv6 connection, and read/write the routing policy that was configured for this connection. See FwpmConnectionPolicyAdd0.
This filtering layer is used to determine which keying modules are invoked when the local system is the initiator. This is a user-mode filtering layer.
This filtering layer is used to determine which keying modules are invoked when the local system is the initiator. This is a user-mode filtering layer.
This filtering layer allows the keying module to look up quick-mode policy information when negotiating quick-mode security associations. This is a user-mode filtering layer.
This filtering layer allows the keying module to look up quick-mode policy information when negotiating quick-mode security associations. This is a user-mode filtering layer.
This filtering layer allows the IKE and authenticated IP modules to look up main-mode policy information when negotiating main-mode security associations. This is a user-mode filtering layer.
This filtering layer allows the IKE and authenticated IP modules to look up main-mode policy information when negotiating main-mode security associations. This is a user-mode filtering layer.
This filtering layer allows for inspecting the RPC data fields that are available in user mode. This is a user-mode filtering layer.
This filtering layer allows for inspecting the RPC data fields that are available in user mode during endpoint resolution. This is a user-mode filtering layer.
This filtering layer allows for inspecting the RPC data fields that are available in user mode when a new endpoint is added. This is a user-mode filtering layer.
This filtering layer allows for inspecting RpcProxy connection requests. This is a user-mode filtering layer.
This filtering layer allows for inspecting the interface used for RpcProxy connections. This is a user-mode filtering layer.
This filtering layer allows for authorizing security association establishment.
Maximum range value for testing purposes.
Each run-time layer identifier has an associated run-time data field identifier that represents a set of constant values. These data field identifiers are declared as FWPS_FIELDS_XXX enumerations in fwpsu.h
. For more info, see Data field identifiers.
The constants FWPS_LAYER_INBOUND_IPPACKET_V4 through FWPS_LAYER_ALE_FLOW_ESTABLISHED_V6 are for kernel-mode layers.
The types FWPS_LAYER_KM_DEMUX_V4 through FWPS_LAYER_RPC_EPMAP are for user-mode layers.