in network/trans/WFPSampler/exe/HelperFunctions_CommandLine.cpp [1747:6721]
UINT32 HlprCommandLineParseForFilterConditions(_In_reads_(stringCount) PCWSTR* ppCLPStrings,
_In_ UINT32 stringCount,
_Inout_ FWPM_FILTER* pFilter,
_In_ BOOLEAN forEnum) /* FALSE */
{
ASSERT(ppCLPStrings);
ASSERT(stringCount);
ASSERT(pFilter);
UINT32 status = NO_ERROR;
FWPM_FILTER_CONDITION* pTempFilterConditions = 0;
const UINT32 MAX_CONDITIONS = 50;
UINT32 tempConditionIndex = 0;
HLPR_NEW_ARRAY(pTempFilterConditions,
FWPM_FILTER_CONDITION,
MAX_CONDITIONS);
HLPR_BAIL_ON_ALLOC_FAILURE_WITH_LABEL(pTempFilterConditions,
status,
HLPR_BAIL_LABEL_2);
#pragma warning(push)
#pragma warning(disable: 6385) /// careful validation of stringIndex (and advancement) against stringCount prevents read overrun
for(UINT32 stringIndex = 0;
(stringIndex + 1) < stringCount;
stringIndex++)
{
#if(NTDDI_VERSION >= NTDDI_WIN8)
/// FWPM_CONDITION_INTERFACE_MAC_ADDRESS
/// -ima <MATCH_TYPE> <INTERFACE_MAC_ADDRESS>
/// -ima == 01:02:03:04:05:06
if(HlprStringsAreEqual(L"-ima",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_INTERFACE_MAC_ADDRESS;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY6_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
FWP_BYTE_ARRAY6);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
status);
status = HlprEthernetMACAddressStringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6->byteArray6);
HLPR_BAIL_ON_FAILURE(status);
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_MAC_LOCAL_ADDRESS
/// -mla <MATCH_TYPE> <MAC_LOCAL_ADDRESS>
/// -mla == 01:02:03:04:05:06
if(HlprStringsAreEqual(L"-mla",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_MAC_LOCAL_ADDRESS;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY6_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
FWP_BYTE_ARRAY6);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
status);
status = HlprEthernetMACAddressStringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6->byteArray6);
HLPR_BAIL_ON_FAILURE(status);
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_MAC_REMOTE_ADDRESS
/// -mra <MATCH_TYPE> <MAC_REMOTE_ADDRESS>
/// -mra == 01:02:03:04:05:06
if(HlprStringsAreEqual(L"-mra",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_MAC_REMOTE_ADDRESS;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY6_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
FWP_BYTE_ARRAY6);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
status);
status = HlprEthernetMACAddressStringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6->byteArray6);
HLPR_BAIL_ON_FAILURE(status);
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ETHER_TYPE
/// -et <MATCH_TYPE> <ETHER_TYPE>
/// -et == ARP
if(HlprStringsAreEqual(L"-et",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 etherType = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ETHER_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
etherType = wcstol(pString,
0,
0);
else
etherType = PrvHlprEtherTypeParse(pString);
if(etherType <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)etherType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VLAN_ID
/// -vlid <MATCH_TYPE> <VLAN_ID>
/// -vlid == 100
if(HlprStringsAreEqual(L"-vlid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 vlanID = 0xFFFFFFFF;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VLAN_ID;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
vlanID = wcstol(pString,
0,
0);
if(vlanID <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)vlanID;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VSWITCH_TENANT_NETWORK_ID
/// -vstnid <MATCH_TYPE> <NETWORK_ID>
/// -vstnid == 100
if(HlprStringsAreEqual(L"-vstnid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 networkID = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VSWITCH_TENANT_NETWORK_ID;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
networkID = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = networkID;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_NDIS_PORT
/// -np <MATCH_TYPE> <NDIS_PORT>
/// -np == 0
if(HlprStringsAreEqual(L"-np",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 ndisPort = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_NDIS_PORT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
ndisPort = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = ndisPort;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_NDIS_MEDIA_TYPE
/// -nmt <MATCH_TYPE> <NDIS_MEDIA_TYPE>
/// -nmt == NdisMedium802_3
if(HlprStringsAreEqual(L"-nmt",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 ndisMediumType = NdisMediumMax;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_NDIS_MEDIA_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
ndisMediumType = wcstol(pString,
0,
0);
else
ndisMediumType = PrvHlprNDISMediumTypeParse(pString);
if(ndisMediumType < NdisMediumMax)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = ndisMediumType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_NDIS_PHYSICAL_MEDIA_TYPE
/// -npmt <MATCH_TYPE> <NDIS_PHYSICAL_MEDIA_TYPE>
if(HlprStringsAreEqual(L"-npmt",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 ndisPhysicalMediumType = NdisPhysicalMediumMax;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_NDIS_PHYSICAL_MEDIA_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
ndisPhysicalMediumType = wcstol(pString,
0,
0);
else
ndisPhysicalMediumType = PrvHlprNDISPhysicalMediumTypeParse(pString);
if(ndisPhysicalMediumType < NdisPhysicalMediumMax)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = ndisPhysicalMediumType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_L2_FLAGS
/// -l2f <MATCH_TYPE> <L2_FLAGS>
/// -l2f == FWP_CONDITION_L2_IS_NATIVE_ETHERNET
if(HlprStringsAreEqual(L"-l2f",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 l2Flags = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_L2_FLAGS;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
l2Flags = wcstol(pString,
0,
0);
else
l2Flags = PrvHlprFwpConditionL2FlagParse(pString);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = l2Flags;
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_EQUAL)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_FLAGS_ALL_SET;
else if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_NOT_EQUAL)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_FLAGS_NONE_SET;
else
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_FLAGS_ANY_SET;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_MAC_LOCAL_ADDRESS_TYPE
/// -mlat <MATCH_TYPE> <MAC_LOCAL_ADDRESS_TYPE>
/// -mlat == DlUnicast
if(HlprStringsAreEqual(L"-mlat",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 macAddressType = 0xFFFFFFFF;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_MAC_LOCAL_ADDRESS_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
macAddressType = wcstol(pString,
0,
0);
else
macAddressType = PrvHlprDataLinkAddressTypeParse(pString);
if(macAddressType <= DlBroadcast)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)macAddressType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_MAC_REMOTE_ADDRESS_TYPE
/// -mrat <MATCH_TYPE> <MAC_REMOTE_ADDRESS_TYPE>
/// -mrat == DlUnicast
if(HlprStringsAreEqual(L"-mrat",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 macAddressType = 0xFFFFFFFF;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_MAC_REMOTE_ADDRESS_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
macAddressType = wcstol(pString,
0,
0);
else
macAddressType = PrvHlprDataLinkAddressTypeParse(pString);
if(macAddressType <= DlBroadcast)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)macAddressType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ALE_PACKAGE_ID
/// -apid <MATCH_TYPE> <PACKAGE_ID>
/// -apid == WinNullSid
if(HlprStringsAreEqual(L"-apid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 sidSize = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ALE_PACKAGE_ID;
if(HlprStringsAreEqual(L"WinNullSid",
pString) ||
HlprStringsAreEqual(L"NullSid",
pString) ||
HlprStringsAreEqual(L"Default",
pString))
{
status = HlprSIDGetWellKnown(WinNullSid,
&(pTempFilterConditions[tempConditionIndex].conditionValue.sid),
&sidSize);
HLPR_BAIL_ON_FAILURE(status);
}
else
{
PSID pSID = 0;
if(ConvertStringSidToSid(pString,
&pSID) == 0)
{
status = GetLastError();
HlprLogInfo(L"FWPM_CONDITION_ALE_PACKAGE_ID: Invalid SID [%s]",
pString);
HLPR_BAIL;
}
if(IsValidSid(pSID))
{
PSID pData = 0;
sidSize = GetLengthSid(pSID);
HLPR_NEW_CASTED_ARRAY(pData,
SID,
BYTE,
sidSize);
if(pData == 0)
{
LocalFree(pSID);
status = (UINT32)STATUS_NO_MEMORY;
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].conditionValue.sid = (SID*)pData;
RtlCopyMemory(pTempFilterConditions[tempConditionIndex].conditionValue.sid,
pSID,
sidSize);
}
LocalFree(pSID);
}
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_SID;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_MAC_SOURCE_ADDRESS
/// -msa <MATCH_TYPE> <MAC_SOURCE_ADDRESS>
/// -msa == 01:02:03:04:05:06
if(HlprStringsAreEqual(L"-msa",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_MAC_SOURCE_ADDRESS;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY6_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
FWP_BYTE_ARRAY6);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
status);
status = HlprEthernetMACAddressStringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6->byteArray6);
HLPR_BAIL_ON_FAILURE(status);
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_MAC_DESTINATION_ADDRESS
/// -mda <MATCH_TYPE> <DESTINATION_MAC_ADDRESS>
/// -mda == 01:02:03:04:05:06
if(HlprStringsAreEqual(L"-mda",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_MAC_DESTINATION_ADDRESS;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY6_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
FWP_BYTE_ARRAY6);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6,
status);
status = HlprEthernetMACAddressStringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray6->byteArray6);
HLPR_BAIL_ON_FAILURE(status);
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_MAC_SOURCE_ADDRESS_TYPE
/// -msat <MATCH_TYPE> <MAC_SOURCE_ADDRESS_TYPE>
/// -msat == DlUnicast
if(HlprStringsAreEqual(L"-msat",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 macAddressType = 0xFFFFFFFF;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_MAC_SOURCE_ADDRESS_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
macAddressType = wcstol(pString,
0,
0);
else
macAddressType = PrvHlprDataLinkAddressTypeParse(pString);
if(macAddressType <= DlBroadcast)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)macAddressType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_MAC_DESTINATION_ADDRESS_TYPE
/// -mdat <MATCH_TYPE> <MAC_DESTINATION_ADDRESS_TYPE>
/// -mdat == DlUnicast
if(HlprStringsAreEqual(L"-mdat",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 macAddressType = 0xFFFFFFFF;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_MAC_DESTINATION_ADDRESS_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
macAddressType = wcstol(pString,
0,
0);
else
macAddressType = PrvHlprDataLinkAddressTypeParse(pString);
if(macAddressType <= DlBroadcast)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)macAddressType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_SOURCE_PORT \ FWPM_CONDITION_VSWITCH_ICMP_TYPE
/// -ipsp <MATCH_TYPE> <IP_SOURCE_PORT> \ -vsicmpt <MATCH_TYPE> <ICMP_TYPE>
/// -ipsp == 80
if(HlprStringsAreEqual(L"-ipsp",
ppCLPStrings[stringIndex]) ||
HlprStringsAreEqual(L"-vsicmpt",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 port = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_SOURCE_PORT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
port = wcstol(pString,
0,
0);
if(port <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)port;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_DESTINATION_PORT \ FWPM_CONDITION_VSWITCH_ICMP_CODE
/// -ipdp <MATCH_TYPE> <DESTINATION_PORT> \ -vsicmpc <MATCH_TYPE> <ICMP_CODE>
/// -ipdp == 80
if(HlprStringsAreEqual(L"-ipdp",
ppCLPStrings[stringIndex]) ||
HlprStringsAreEqual(L"-vsicmpc",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 port = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_DESTINATION_PORT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
port = wcstol(pString,
0,
0);
if(port <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)port;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VSWITCH_ID
/// -vsid <MATCH_TYPE> <ID>
/// -vsid == 12345678-1234-1234-1234-123456789012
if(HlprStringsAreEqual(L"-vsid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
FWP_BYTE_BLOB* pByteBlob = 0;
size_t size = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VSWITCH_ID;
HLPR_NEW(pByteBlob,
FWP_BYTE_BLOB);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob,
status);
status = StringCbLength(pString,
STRSAFE_MAX_CCH * sizeof(WCHAR),
&size);
if(FAILED(status) ||
size != (36 * sizeof(WCHAR))) /// size of a GUID without braces
{
HLPR_DELETE(pByteBlob);
if(size != (36 * sizeof(WCHAR)))
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
HLPR_NEW_ARRAY(pByteBlob->data,
BYTE,
size);
if(pByteBlob->data == 0)
{
HLPR_DELETE(pByteBlob);
status = ERROR_OUTOFMEMORY;
HLPR_BAIL;
}
pByteBlob->size = (UINT32)size;
RtlCopyMemory(pByteBlob->data,
pString,
pByteBlob->size);
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_BLOB_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.byteBlob = pByteBlob;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VSWITCH_NETWORK_TYPE
/// -vsnt <MATCH_TYPE> <NETWORK_TYPE>
/// -vsnt == 1
if(HlprStringsAreEqual(L"-vsnt",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 networkType = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VSWITCH_NETWORK_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
networkType = wcstol(pString,
0,
0);
else
networkType = PrvHlprVSwitchNetworkTypeParse(pString);
if(networkType <= FWP_VSWITCH_NETWORK_TYPE_EXTERNAL)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)networkType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VSWITCH_SOURCE_INTERFACE_ID
/// -vssiid <MATCH_TYPE> <INTERFACE_ID>
/// -vssiid == 12345678-9ABC-DEF0-1234-56784ABCDEF0--12345678-9ABC-DEF0-1234-56784ABCDEF0
if(HlprStringsAreEqual(L"-vssiid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
FWP_BYTE_BLOB* pByteBlob = 0;
size_t size = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VSWITCH_SOURCE_INTERFACE_ID;
HLPR_NEW(pByteBlob,
FWP_BYTE_BLOB);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob,
status);
status = StringCbLength(pString,
STRSAFE_MAX_CCH * sizeof(WCHAR),
&size);
if(FAILED(status) ||
size < (36 * sizeof(WCHAR)) || /// size of a GUID with braces
size > (74 * sizeof(WCHAR))) /// size of 2 GUIDs + 2 hyphen separators
{
HLPR_DELETE(pByteBlob);
if(SUCCEEDED(status))
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
HLPR_NEW_ARRAY(pByteBlob->data,
BYTE,
size);
if(pByteBlob->data == 0)
{
HLPR_DELETE(pByteBlob);
status = ERROR_OUTOFMEMORY;
HLPR_BAIL;
}
pByteBlob->size = (UINT32)size;
RtlCopyMemory(pByteBlob->data,
pString,
pByteBlob->size);
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_BLOB_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.byteBlob = pByteBlob;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VSWITCH_DESTINATION_INTERFACE_ID
/// -vsdiid <MATCH_TYPE> <INTERFACE_ID>
/// -vsdiid == 12345678-9ABC-DEF0-1234-56784ABCDEF0--12345678-9ABC-DEF0-1234-56784ABCDEF0
if(HlprStringsAreEqual(L"-vsdiid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
FWP_BYTE_BLOB* pByteBlob = 0;
size_t size = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VSWITCH_DESTINATION_INTERFACE_ID;
HLPR_NEW(pByteBlob,
FWP_BYTE_BLOB);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob,
status);
status = StringCbLength(pString,
STRSAFE_MAX_CCH * sizeof(WCHAR),
&size);
if(FAILED(status) ||
size < (36 * sizeof(WCHAR)) || /// size of a GUID with braces
size > (74 * sizeof(WCHAR)))
{
HLPR_DELETE(pByteBlob);
if(SUCCEEDED(status))
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
HLPR_NEW_ARRAY(pByteBlob->data,
BYTE,
size);
if(pByteBlob->data == 0)
{
HLPR_DELETE(pByteBlob);
status = ERROR_OUTOFMEMORY;
HLPR_BAIL;
}
pByteBlob->size = (UINT32)size;
RtlCopyMemory(pByteBlob->data,
pString,
pByteBlob->size);
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_BLOB_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.byteBlob = pByteBlob;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VSWITCH_SOURCE_VM_ID
/// -vssvmid <MATCH_TYPE> <VM_ID>
/// -vssvmid == 12345678-1234-1234-1234-123456789012
if(HlprStringsAreEqual(L"-vssvmid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
FWP_BYTE_BLOB* pByteBlob = 0;
size_t size = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VSWITCH_SOURCE_VM_ID;
HLPR_NEW(pByteBlob,
FWP_BYTE_BLOB);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob,
status);
status = StringCbLength(pString,
STRSAFE_MAX_CCH * sizeof(WCHAR),
&size);
if(FAILED(status) ||
size != (36 * sizeof(WCHAR))) /// size of a GUID without braces
{
HLPR_DELETE(pByteBlob);
if(size != (36 * sizeof(WCHAR)))
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
HLPR_NEW_ARRAY(pByteBlob->data,
BYTE,
size);
if(pByteBlob->data == 0)
{
HLPR_DELETE(pByteBlob);
status = ERROR_OUTOFMEMORY;
HLPR_BAIL;
}
pByteBlob->size = (UINT32)size;
RtlCopyMemory(pByteBlob->data,
pString,
pByteBlob->size);
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_BLOB_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.byteBlob = pByteBlob;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VSWITCH_DESTINATION_VM_ID
/// -vsdvmid <MATCH_TYPE> <VM_ID>
/// -vsdvmid == 12345678-1234-1234-1234-123456789012
if(HlprStringsAreEqual(L"-vsdvmid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
FWP_BYTE_BLOB* pByteBlob = 0;
size_t size = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VSWITCH_DESTINATION_VM_ID;
HLPR_NEW(pByteBlob,
FWP_BYTE_BLOB);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob,
status);
status = StringCbLength(pString,
STRSAFE_MAX_CCH * sizeof(WCHAR),
&size);
if(FAILED(status) ||
size != (36 * sizeof(WCHAR))) /// size of a GUID without braces
{
HLPR_DELETE(pByteBlob);
if(size != (36 * sizeof(WCHAR)))
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
HLPR_NEW_ARRAY(pByteBlob->data,
BYTE,
size);
if(pByteBlob->data == 0)
{
HLPR_DELETE(pByteBlob);
status = ERROR_OUTOFMEMORY;
HLPR_BAIL;
}
pByteBlob->size = (UINT32)size;
RtlCopyMemory(pByteBlob->data,
pString,
pByteBlob->size);
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_BLOB_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.byteBlob = pByteBlob;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VSWITCH_SOURCE_INTERFACE_TYPE
/// -vssit <MATCH_TYPE> <INTERFACE_TYPE>
/// -vssit == 0
if(HlprStringsAreEqual(L"-vssit",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = NdisSwitchNicTypeInternal + 1;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VSWITCH_SOURCE_INTERFACE_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
type = wcstol(pString,
0,
0);
else
type = PrvHlprVSwitchNICTypeParse(pString);
if(type <= NdisSwitchNicTypeInternal)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_VSWITCH_DESTINATION_INTERFACE_TYPE
/// -vsdit <MATCH_TYPE> <INTERFACE_TYPE>
/// -vsdit == 0
if(HlprStringsAreEqual(L"-vsdit",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = NdisSwitchNicTypeInternal + 1;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_VSWITCH_DESTINATION_INTERFACE_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
type = wcstol(pString,
0,
0);
else
type = PrvHlprVSwitchNICTypeParse(pString);
if(type <= NdisSwitchNicTypeInternal)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ALE_ORIGINAL_APP_ID
/// -aoaid <MATCH_TYPE> <APPLICATION_NAME>
/// -aoaid == IExplore.exe
if(HlprStringsAreEqual(L"-aoaid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
FWP_BYTE_BLOB* pAppID = 0;
FWP_BYTE_BLOB* pByteBlob = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ALE_ORIGINAL_APP_ID;
status = FwpmGetAppIdFromFileName(pString,
&pAppID);
if(status != NO_ERROR)
{
HLPR_DELETE(pByteBlob);
HLPR_BAIL;
}
else
{
HLPR_NEW(pByteBlob,
FWP_BYTE_BLOB);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob,
status);
HLPR_NEW_ARRAY(pByteBlob->data,
BYTE,
pAppID->size);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob->data,
status);
RtlCopyMemory(pByteBlob->data,
pAppID->data,
pAppID->size);
pByteBlob->size = pAppID->size;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_BLOB_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.byteBlob = pByteBlob;
FwpmFreeMemory((VOID**)&pAppID);
pAppID = 0;
}
tempConditionIndex++;
continue;
}
#endif /// (NTDDI_VERSION >= NTDDI_WIN8)
#if(NTDDI_VERSION >= NTDDI_WIN7)
/// FWPM_CONDITION_IP_NEXTHOP_ADDRESS
/// -ipnha <MATCH_TYPE> <IP_NEXTHOP_ADRESS>
/// -ipnha == 1.2.3.4
if(HlprStringsAreEqual(L"-ipnha",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_NEXTHOP_ADDRESS;
if(HlprIPAddressV6StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY16_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
FWP_BYTE_ARRAY16);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
status);
status = HlprIPAddressV6StringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16->byteArray16);
HLPR_BAIL_ON_FAILURE(status);
}
else
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
status = HlprIPAddressV4StringToValue(pString,
&(pTempFilterConditions[tempConditionIndex].conditionValue.uint32));
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_NEXTHOP_SUB_INTERFACE_INDEX
/// -nhsii <MATCH_TYPE> <INDEX>
/// -nhsii == 0
if(HlprStringsAreEqual(L"-nhsii",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 index = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_NEXTHOP_SUB_INTERFACE_INDEX;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
index = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = index;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_NEXTHOP_INTERFACE
/// -ipnhi <MATCH_TYPE> <INTERFACE>
/// -ipnhi ==
if(HlprStringsAreEqual(L"-ipnhi",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT64 nexthopInterface = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_NEXTHOP_INTERFACE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT64;
if(iswdigit((wint_t)pString[0]))
nexthopInterface = _wcstoui64(pString,
0,
0);
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
UINT64);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
status);
*(pTempFilterConditions[tempConditionIndex].conditionValue.uint64) = nexthopInterface;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_NEXTHOP_INTERFACE_TYPE
/// -nhit <MATCH_TYPE> <TYPE>
/// -nhit == 0
if(HlprStringsAreEqual(L"-nhit",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = MAX_IF_TYPE;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_NEXTHOP_INTERFACE_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
type = wcstol(pString,
0,
0);
else
type = PrvHlprInterfaceTypeParse(pString);
if(type < MAX_IF_TYPE)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_NEXTHOP_TUNNEL_TYPE
/// -nhtt <MATCH_TYPE> <TYPE>
/// -nhtt == 14
if(HlprStringsAreEqual(L"-nhtt",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_NEXTHOP_TUNNEL_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
type = wcstol(pString,
0,
0);
else
type = PrvHlprTunnelTypeParse(pString);
if(type <= TUNNEL_TYPE_IPHTTPS)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_NEXTHOP_INTERFACE_INDEX
/// -nhii <MATCH_TYPE> <INDEX>
/// -nhii == 0
if(HlprStringsAreEqual(L"-nhii",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 index = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_NEXTHOP_INTERFACE_INDEX;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
index = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = index;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ORIGINAL_PROFILE_ID
/// -opid <MATCH_TYPE> <PROFILE_ID>
/// -opid == 1
if(HlprStringsAreEqual(L"-opid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 profileID = NlincCategoryStateMax;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ORIGINAL_PROFILE_ID;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
profileID = wcstol(pString,
0,
0);
else
profileID = PrvHlprProfileIDParse(pString);
if(profileID < NlincCategoryStateMax)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = profileID;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_CURRENT_PROFILE_ID
/// -cpid <MATCH_TYPE> <PROFILE_ID>
/// -cpid == 1
if(HlprStringsAreEqual(L"-cpid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 profileID = NlincCategoryStateMax;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_CURRENT_PROFILE_ID;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
profileID = wcstol(pString,
0,
0);
else
profileID = PrvHlprProfileIDParse(pString);
if(profileID < NlincCategoryStateMax)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = profileID;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_LOCAL_INTERFACE_PROFILE_ID
/// -lipid <MATCH_TYPE> <PROFILE_ID>
/// -lipid == 1
if(HlprStringsAreEqual(L"-lipid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 profileID = NlincCategoryStateMax;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_LOCAL_INTERFACE_PROFILE_ID;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
profileID = wcstol(pString,
0,
0);
else
profileID = PrvHlprProfileIDParse(pString);
if(profileID < NlincCategoryStateMax)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = profileID;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ARRIVAL_INTERFACE_PROFILE_ID
/// -aipid <MATCH_TYPE> <PROFILE_ID>
/// -aipid == 1
if(HlprStringsAreEqual(L"-aipid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 profileID = NlincCategoryStateMax;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ARRIVAL_INTERFACE_PROFILE_ID;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
profileID = wcstol(pString,
0,
0);
else
profileID = PrvHlprProfileIDParse(pString);
if(profileID < NlincCategoryStateMax)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = profileID;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_NEXTHOP_INTERFACE_PROFILE_ID
/// -nhipid <MATCH_TYPE> <PROFILE_ID>
/// -nhipid == 1
if(HlprStringsAreEqual(L"-nhipid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 profileID = NlincCategoryStateMax;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_NEXTHOP_INTERFACE_PROFILE_ID;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
profileID = wcstol(pString,
0,
0);
else
profileID = PrvHlprProfileIDParse(pString);
if(profileID < NlincCategoryStateMax)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = profileID;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_REAUTHORIZE_REASON
/// -rr <MATCH_TYPE> <FLAGS>
/// -rr == FWP_CONDITION_REAUTHORIZE_REASON_CLASSIFY_COMPLETION
if(HlprStringsAreEqual(L"-rr",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 flags = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_REAUTHORIZE_REASON;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
flags = wcstol(pString,
0,
0);
else
flags = PrvHlprFwpConditionReauthorizeReasonParse(pString);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = flags;
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_EQUAL)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_FLAGS_ALL_SET;
else if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_NOT_EQUAL)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_FLAGS_NONE_SET;
else
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_FLAGS_ANY_SET;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ORIGINAL_ICMP_TYPE
/// -oicmpt <MATCH_TYPE> <ICMP_TYPE>
/// -oicmpt == 0
if(HlprStringsAreEqual(L"-oicmpt",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 port = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ORIGINAL_ICMP_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
port = wcstol(pString,
0,
0);
if(port <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)port;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_PHYSICAL_ARRIVAL_INTERFACE
/// -ippai <MATCH_TYPE> <INTERFACE>
/// -ippai ==
if(HlprStringsAreEqual(L"-ippai",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT64 arrivalInterface = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_PHYSICAL_ARRIVAL_INTERFACE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT64;
if(iswdigit((wint_t)pString[0]))
arrivalInterface = _wcstoui64(pString,
0,
0);
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
UINT64);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
status);
*(pTempFilterConditions[tempConditionIndex].conditionValue.uint64) = arrivalInterface;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_PHYSICAL_NEXTHOP_INTERFACE
/// -ippnhi <MATCH_TYPE> <INTERFACE>
/// -ippnhi ==
if(HlprStringsAreEqual(L"-ippnhi",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT64 nexthopInterface = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_PHYSICAL_NEXTHOP_INTERFACE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT64;
if(iswdigit((wint_t)pString[0]))
nexthopInterface = _wcstoui64(pString,
0,
0);
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
UINT64);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
status);
*(pTempFilterConditions[tempConditionIndex].conditionValue.uint64) = nexthopInterface;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_INTERFACE_QUARANTINE_EPOCH
/// -iqe <MATCH_TYPE> <EPOCH>
/// -iqe == 68719476721
if(HlprStringsAreEqual(L"-iqe",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT64 epoch = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_INTERFACE_QUARANTINE_EPOCH;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT64;
if(iswdigit((wint_t)pString[0]))
epoch = _wcstoui64(pString,
0,
0);
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
UINT64);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
status);
*(pTempFilterConditions[tempConditionIndex].conditionValue.uint64) = epoch;
tempConditionIndex++;
continue;
}
#endif /// (NTDDI_VERSION >= NTDDI_WIN7)
/// FWPM_CONDITION_IP_LOCAL_ADDRESS
/// -ipla <MATCH_TYPE> <IP_LOCAL_ADRESS>
/// -ipla == 1.2.3.4
if(HlprStringsAreEqual(L"-ipla",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_LOCAL_ADDRESS;
if(HlprIPAddressV6StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY16_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
FWP_BYTE_ARRAY16);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
status);
status = HlprIPAddressV6StringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16->byteArray16);
HLPR_BAIL_ON_FAILURE(status);
}
else
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
status = HlprIPAddressV4StringToValue(pString,
&(pTempFilterConditions[tempConditionIndex].conditionValue.uint32));
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_REMOTE_ADDRESS
/// -ipra <MATCH_TYPE> <IP_REMOTE_ADRESS>
/// -ipra == 1.2.3.4
if(HlprStringsAreEqual(L"-ipra",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_REMOTE_ADDRESS;
if(HlprIPAddressV6StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY16_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
FWP_BYTE_ARRAY16);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
status);
status = HlprIPAddressV6StringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16->byteArray16);
HLPR_BAIL_ON_FAILURE(status);
}
else
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
status = HlprIPAddressV4StringToValue(pString,
&(pTempFilterConditions[tempConditionIndex].conditionValue.uint32));
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_SOURCE_ADDRESS
/// -ipsa <MATCH_TYPE> <IP_SOURCE_ADRESS>
/// -ipsa == 1.2.3.4
if(HlprStringsAreEqual(L"-ipsa",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_SOURCE_ADDRESS;
if(HlprIPAddressV6StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY16_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
FWP_BYTE_ARRAY16);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
status);
status = HlprIPAddressV6StringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16->byteArray16);
HLPR_BAIL_ON_FAILURE(status);
}
else
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
status = HlprIPAddressV4StringToValue(pString,
&(pTempFilterConditions[tempConditionIndex].conditionValue.uint32));
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_DESTINATION_ADDRESS
/// -ipda <MATCH_TYPE> <IP_DESTINATION_ADRESS>
/// -ipda == 1.2.3.4
if(HlprStringsAreEqual(L"-ipda",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_DESTINATION_ADDRESS;
if(HlprIPAddressV6StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY16_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
FWP_BYTE_ARRAY16);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
status);
status = HlprIPAddressV6StringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16->byteArray16);
HLPR_BAIL_ON_FAILURE(status);
}
else
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
status = HlprIPAddressV4StringToValue(pString,
&(pTempFilterConditions[tempConditionIndex].conditionValue.uint32));
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_LOCAL_ADDRESS_TYPE
/// -iplat <MATCH_TYPE> <IP_LOCAL_ADDRESS_TYPE>
/// -iplat == NlatUnicast
if(HlprStringsAreEqual(L"-iplat",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 ipAddressType = IPPROTO_MAX;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_LOCAL_ADDRESS_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
ipAddressType = wcstol(pString,
0,
0);
else
ipAddressType = PrvHlprIPAddressTypeParse(pString);
if(ipAddressType < IPPROTO_MAX)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)ipAddressType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_DESTINATION_ADDRESS_TYPE
/// -ipdat <MATCH_TYPE> <IP_DESTINATION_ADDRESS_TYPE>
/// -ipdat == NlatUnicast
if(HlprStringsAreEqual(L"-ipdat",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 ipAddressType = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_DESTINATION_ADDRESS_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
ipAddressType = wcstol(pString,
0,
0);
else
ipAddressType = PrvHlprIPAddressTypeParse(pString);
if(ipAddressType < IPPROTO_MAX)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)ipAddressType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_LOCAL_INTERFACE \ FWPM_CONDITION_INTERFACE
/// -ipli <MATCH_TYPE> <INTERFACE> \ -ipi <MATCH_TYPE> <INTERFACE>
/// -ipli ==
if(HlprStringsAreEqual(L"-ipli",
ppCLPStrings[stringIndex]) ||
HlprStringsAreEqual(L"-ipi",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT64 localInterface = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_LOCAL_INTERFACE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT64;
if(iswdigit((wint_t)pString[0]))
localInterface = _wcstoui64(pString,
0,
0);
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
UINT64);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
status);
*(pTempFilterConditions[tempConditionIndex].conditionValue.uint64) = localInterface;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_ARRIVAL_INTERFACE
/// -ipai <MATCH_TYPE> <INTERFACE>
/// -ipai ==
if(HlprStringsAreEqual(L"-ipai",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT64 arrivalInterface = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_ARRIVAL_INTERFACE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT64;
if(iswdigit((wint_t)pString[0]))
arrivalInterface = _wcstoui64(pString,
0,
0);
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
UINT64);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
status);
*(pTempFilterConditions[tempConditionIndex].conditionValue.uint64) = arrivalInterface;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ARRIVAL_INTERFACE_TYPE
/// -ait <MATCH_TYPE> <TYPE>
/// -ait == 0
if(HlprStringsAreEqual(L"-ait",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = MAX_IF_TYPE;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ARRIVAL_INTERFACE_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
type = wcstol(pString,
0,
0);
else
type = PrvHlprInterfaceTypeParse(pString);
if(type < MAX_IF_TYPE)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ARRIVAL_TUNNEL_TYPE
/// -att <MATCH_TYPE> <TYPE>
/// -att == 14
if(HlprStringsAreEqual(L"-att",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ARRIVAL_TUNNEL_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
type = wcstol(pString,
0,
0);
else
type = PrvHlprTunnelTypeParse(pString);
if(type <= TUNNEL_TYPE_IPHTTPS)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ARRIVAL_INTERFACE_INDEX
/// -aii <MATCH_TYPE> <INDEX>
/// -aii == 0
if(HlprStringsAreEqual(L"-aii",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 index = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ARRIVAL_INTERFACE_INDEX;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
index = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = index;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_INTERFACE_TYPE \ FWPM_CONDITION_LOCAL_INTERFACE_TYPE
/// -it <MATCH_TYPE> <TYPE> \ -lit <MATCH_TYPE> <TYPE>
/// -it == 0 \ -lit == 0
if(HlprStringsAreEqual(L"-it",
ppCLPStrings[stringIndex]) ||
HlprStringsAreEqual(L"-lit",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = MAX_IF_TYPE;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_INTERFACE_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
type = wcstol(pString,
0,
0);
else
type = PrvHlprInterfaceTypeParse(pString);
if(type < MAX_IF_TYPE)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_TUNNEL_TYPE \ FWPM_CONDITION_LOCAL_TUNNEL_TYPE
/// -tt <MATCH_TYPE> <TYPE> \ -ltt <MATCH_TYPE> <TYPE>
/// -tt == 14 \ -ltt == 14
if(HlprStringsAreEqual(L"-tt",
ppCLPStrings[stringIndex]) ||
HlprStringsAreEqual(L"-ltt",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_TUNNEL_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
type = wcstol(pString,
0,
0);
else
type = PrvHlprTunnelTypeParse(pString);
if(type <= TUNNEL_TYPE_IPHTTPS)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_FORWARD_INTERFACE
/// -ipfi <MATCH_TYPE> <INTERFACE>
/// -ipfi ==
if(HlprStringsAreEqual(L"-ipfi",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT64 forwardInterface = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_FORWARD_INTERFACE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT64;
if(iswdigit((wint_t)pString[0]))
forwardInterface = _wcstoui64(pString,
0,
0);
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
UINT64);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.uint64,
status);
*(pTempFilterConditions[tempConditionIndex].conditionValue.uint64) = forwardInterface;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_PROTOCOL
/// -ipp <MATCH_TYPE> <PROTOCOL>
/// -ipp == TCP
if(HlprStringsAreEqual(L"-ipp",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 protocol = IPPROTO_MAX;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_PROTOCOL;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
protocol = wcstol(pString,
0,
0);
else
protocol = PrvHlprProtocolParse(pString);
if(protocol <= 0xFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)protocol;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_LOCAL_PORT \ FWPM_CONDITION_ICMP_TYPE
/// -iplp <MATCH_TYPE> <IP_LOCAL_PORT> \ -icmpt <MATCH_TYPE> <ICMP_TYPE>
/// -iplp == 80
if(HlprStringsAreEqual(L"-iplp",
ppCLPStrings[stringIndex]) ||
HlprStringsAreEqual(L"-icmpt",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 port = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_LOCAL_PORT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
port = wcstol(pString,
0,
0);
if(port <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)(port & 0xFFFF);
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_REMOTE_PORT \ FWPM_CONDITION_ICMP_CODE
/// -iprp <MATCH_TYPE> <IP_REMOTE_PORT> \ -icmpc <MATCH_TYPE> <ICMP_CODE>
/// -iprp == 80
if(HlprStringsAreEqual(L"-iprp",
ppCLPStrings[stringIndex]) ||
HlprStringsAreEqual(L"-icmpc",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 port = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_REMOTE_PORT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
port = wcstol(pString,
0,
0);
if(port <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)port;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_EMBEDDED_LOCAL_ADDRESS_TYPE
/// -elat <MATCH_TYPE> <EMBEDDED_LOCAL_ADDRESS_TYPE>
/// -elat == NlatUnicast
if(HlprStringsAreEqual(L"-elat",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 ipAddressType = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_EMBEDDED_LOCAL_ADDRESS_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
ipAddressType = wcstol(pString,
0,
0);
else
ipAddressType = PrvHlprIPAddressTypeParse(pString);
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)ipAddressType;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_EMBEDDED_REMOTE_ADDRESS
/// -era <MATCH_TYPE> <EMBEDDED_REMOTE_ADRESS>
/// -era == 1.2.3.4
if(HlprStringsAreEqual(L"-era",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_EMBEDDED_REMOTE_ADDRESS;
if(HlprIPAddressV6StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY16_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
FWP_BYTE_ARRAY16);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
status);
status = HlprIPAddressV6StringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16->byteArray16);
HLPR_BAIL_ON_FAILURE(status);
}
else
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
status = HlprIPAddressV4StringToValue(pString,
&(pTempFilterConditions[tempConditionIndex].conditionValue.uint32));
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_EMBEDDED_PROTOCOL
/// -ep <MATCH_TYPE> <PROTOCOL>
/// -ep == TCP
if(HlprStringsAreEqual(L"-ep",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 protocol = IPPROTO_MAX;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_EMBEDDED_PROTOCOL;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
protocol = wcstol(pString,
0,
0);
else
protocol = PrvHlprProtocolParse(pString);
if(protocol <= 0xFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)(protocol & 0xFF);
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_EMBEDDED_LOCAL_PORT
/// -elp <MATCH_TYPE> <EMBEDDED_LOCAL_PORT>
/// -elp == 80
if(HlprStringsAreEqual(L"-elp",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 port = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_EMBEDDED_LOCAL_PORT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
port = wcstol(pString,
0,
0);
if(port <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)port;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_EMBEDDED_REMOTE_PORT
/// -erp <MATCH_TYPE> <EMBEDDED_REMOTE_PORT>
/// -erp == 80
if(HlprStringsAreEqual(L"-erp",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 port = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_EMBEDDED_REMOTE_PORT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
port = wcstol(pString,
0,
0);
if(port <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)port;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_FLAGS
/// -f <MATCH_TYPE> <FLAGS>
/// -f == FWP_CONDITION_FLAG_IS_LOOPBACK
if(HlprStringsAreEqual(L"-f",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 flags = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_FLAGS;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
flags = wcstol(pString,
0,
0);
else
flags = PrvHlprFwpConditionFlagParse(pString);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = flags;
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_EQUAL)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_FLAGS_ALL_SET;
else if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_NOT_EQUAL)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_FLAGS_NONE_SET;
else
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_FLAGS_ANY_SET;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_DIRECTION
/// -d <MATCH_TYPE> <DIRECTION>
/// -d == 0
if(HlprStringsAreEqual(L"-d",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 direction = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_DIRECTION;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
direction = wcstol(pString,
0,
0);
else
direction = PrvHlprFwpDirectionParse(pString);
if(direction < FWP_DIRECTION_MAX)
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = direction;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_INTERFACE_INDEX \ FWPM_CONDITION_LOCAL_INTERFACE_INDEX
/// -ii <MATCH_TYPE> <INDEX> \ -lii <MATCH_TYPE> <INDEX>
/// -ii == 0 \ -lii == 0
if(HlprStringsAreEqual(L"-ii",
ppCLPStrings[stringIndex]) ||
HlprStringsAreEqual(L"-lii",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 index = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_INTERFACE_INDEX;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
index = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = index;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_SUB_INTERFACE_INDEX \ FWPM_CONDITION_ARRIVAL_SUB_INTERFACE_INDEX
/// -sii <MATCH_TYPE> <INDEX> \ -asii <MATCH_TYPE> <INDEX>
/// -sii == 0 \ -asii == 0
if(HlprStringsAreEqual(L"-sii",
ppCLPStrings[stringIndex]) ||
HlprStringsAreEqual(L"-asii",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 index = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_SUB_INTERFACE_INDEX;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
index = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = index;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_SOURCE_INTERFACE_INDEX
/// -sii <MATCH_TYPE> <INDEX>
/// -sii == 0
if(HlprStringsAreEqual(L"-sii",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 index = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_SOURCE_INTERFACE_INDEX;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
index = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = index;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_SOURCE_SUB_INTERFACE_INDEX
/// -ssii <MATCH_TYPE> <INDEX>
/// -ssii == 0
if(HlprStringsAreEqual(L"-ssii",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 index = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_SOURCE_SUB_INTERFACE_INDEX;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
index = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = index;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_DESTINATION_INTERFACE_INDEX
/// -dii <MATCH_TYPE> <INDEX>
/// -dii == 0
if(HlprStringsAreEqual(L"-dii",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 index = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_DESTINATION_INTERFACE_INDEX;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
index = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = index;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_DESTINATION_SUB_INTERFACE_INDEX
/// -dsii <MATCH_TYPE> <INDEX>
/// -dsii == 0
if(HlprStringsAreEqual(L"-dsii",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 index = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_DESTINATION_SUB_INTERFACE_INDEX;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
index = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = index;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ALE_APP_ID
/// -aaid <MATCH_TYPE> <APPLICATION_NAME>
/// -aaid == IExplore.exe
if(HlprStringsAreEqual(L"-aaid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
FWP_BYTE_BLOB* pAppID = 0;
FWP_BYTE_BLOB* pByteBlob = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ALE_APP_ID;
status = FwpmGetAppIdFromFileName(pString,
&pAppID);
if(status != NO_ERROR)
{
HLPR_DELETE(pByteBlob);
HLPR_BAIL;
}
else
{
HLPR_NEW(pByteBlob,
FWP_BYTE_BLOB);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob,
status);
HLPR_NEW_ARRAY(pByteBlob->data,
BYTE,
pAppID->size);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob->data,
status);
RtlCopyMemory(pByteBlob->data,
pAppID->data,
pAppID->size);
pByteBlob->size = pAppID->size;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_BLOB_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.byteBlob = pByteBlob;
FwpmFreeMemory((VOID**)&pAppID);
pAppID = 0;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ALE_USER_ID
/// -auid <MATCH_TYPE> <USER>
/// -auid == Domain\UserName
if(HlprStringsAreEqual(L"-auid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ALE_USER_ID;
if(forEnum)
{
PSID pSID = 0;
status = PrvHlprSIDGet(pString,
&pSID);
HLPR_BAIL_ON_FAILURE(status);
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_SID;
pTempFilterConditions[tempConditionIndex].conditionValue.sid = (SID*)pSID;
}
else
{
UINT32 length = 0;
PSECURITY_DESCRIPTOR pAppContainerSecurityDescriptor = 0;
PSECURITY_DESCRIPTOR pSecurityDescriptor = 0;
EXPLICIT_ACCESS explicitAccess = {0};
BuildExplicitAccessWithName(&explicitAccess,
(LPWSTR)pString,
FWP_ACTRL_MATCH_FILTER,
GRANT_ACCESS,
0);
#if(NTDDI_VERSION >= NTDDI_WIN8)
if(AppliesToAppContainers(ppCLPStrings,
stringCount))
pAppContainerSecurityDescriptor = PrvHlprCreateAppContainerSecurityDescriptor();
#endif /// (NTDDI_VERSION >= NTDDI_WIN8)
/// Returns the self-relative security descriptor
status = BuildSecurityDescriptor(0,
0,
1,
&explicitAccess,
0,
0,
pAppContainerSecurityDescriptor,
(PULONG)&length,
&pSecurityDescriptor);
HLPR_DELETE_ARRAY(pAppContainerSecurityDescriptor)
if(status != NO_ERROR)
{
if(status == ERROR_NONE_MAPPED)
HlprLogInfo(L"FWPM_CONDITION_ALE_USER_ID: UserName %s Not Found",
pString);
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.sd,
FWP_BYTE_BLOB);
if(pTempFilterConditions[tempConditionIndex].conditionValue.sd == 0)
{
LocalFree(pSecurityDescriptor);
HLPR_BAIL;
}
HLPR_NEW_ARRAY(pTempFilterConditions[tempConditionIndex].conditionValue.sd->data,
BYTE,
length);
if(pTempFilterConditions[tempConditionIndex].conditionValue.sd->data == 0)
{
LocalFree(pSecurityDescriptor);
HLPR_DELETE(pTempFilterConditions[tempConditionIndex].conditionValue.sd);
HLPR_BAIL;
}
RtlCopyMemory(pTempFilterConditions[tempConditionIndex].conditionValue.sd->data,
pSecurityDescriptor,
length);
LocalFree(pSecurityDescriptor);
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_SECURITY_DESCRIPTOR_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.sd->size = length;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ALE_REMOTE_USER_ID
/// -aruid <MATCH_ID> <USER>
/// -aruid == Domain\UserName
if(HlprStringsAreEqual(L"-aruid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 length = 0;
PSECURITY_DESCRIPTOR pSecurityDescriptor = 0;
EXPLICIT_ACCESS explicitAccess = {0};
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ALE_REMOTE_USER_ID;
if(forEnum)
{
PSID pSID = 0;
status = PrvHlprSIDGet(pString,
&pSID);
HLPR_BAIL_ON_FAILURE(status);
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_SID;
pTempFilterConditions[tempConditionIndex].conditionValue.sid = (SID*)pSID;
}
else
{
BuildExplicitAccessWithName(&explicitAccess,
(LPWSTR)pString,
FWP_ACTRL_MATCH_FILTER,
GRANT_ACCESS,
0);
/// Returns the self-relative security descriptor
status = BuildSecurityDescriptor(0,
0,
1,
&explicitAccess,
0,
0,
0,
(PULONG)&length,
&pSecurityDescriptor);
if(status != NO_ERROR)
{
if(status == ERROR_NONE_MAPPED)
HlprLogInfo(L"FWPM_CONDITION_ALE_REMOTE_USER_ID: UserName %s Not Found",
pString);
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.sd,
FWP_BYTE_BLOB);
if(pTempFilterConditions[tempConditionIndex].conditionValue.sd == 0)
{
LocalFree(pSecurityDescriptor);
HLPR_BAIL;
}
HLPR_NEW_ARRAY(pTempFilterConditions[tempConditionIndex].conditionValue.sd->data,
BYTE,
length);
if(pTempFilterConditions[tempConditionIndex].conditionValue.sd->data == 0)
{
LocalFree(pSecurityDescriptor);
HLPR_DELETE(pTempFilterConditions[tempConditionIndex].conditionValue.sd);
HLPR_BAIL;
}
RtlCopyMemory(pTempFilterConditions[tempConditionIndex].conditionValue.sd->data,
pSecurityDescriptor,
length);
LocalFree(pSecurityDescriptor);
pTempFilterConditions[tempConditionIndex].conditionValue.type = forEnum ? FWP_SID : FWP_SECURITY_DESCRIPTOR_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.sd->size = length;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ALE_REMOTE_MACHINE_ID
/// -armid <MATCH_TYPE> <MACHINE>
/// -armid == MachineName
if(HlprStringsAreEqual(L"-armid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 length = 0;
PSECURITY_DESCRIPTOR pSecurityDescriptor = 0;
EXPLICIT_ACCESS explicitAccess = {0};
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ALE_REMOTE_MACHINE_ID;
if(forEnum)
{
PSID pSID = 0;
status = PrvHlprSIDGet(pString,
&pSID);
HLPR_BAIL_ON_FAILURE(status);
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_SID;
pTempFilterConditions[tempConditionIndex].conditionValue.sid = (SID*)pSID;
}
else
{
BuildExplicitAccessWithName(&explicitAccess,
(LPWSTR)pString,
FWP_ACTRL_MATCH_FILTER,
GRANT_ACCESS,
0);
/// Returns the self-relative security descriptor
status = BuildSecurityDescriptor(0,
0,
1,
&explicitAccess,
0,
0,
0,
(PULONG)&length,
&pSecurityDescriptor);
if(status != NO_ERROR)
{
if(status == ERROR_NONE_MAPPED)
HlprLogInfo(L"FWPM_CONDITION_ALE_REMOTE_MACHINE_ID: MachineName %s Not Found",
pString);
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.sd,
FWP_BYTE_BLOB);
if(pTempFilterConditions[tempConditionIndex].conditionValue.sd == 0)
{
LocalFree(pSecurityDescriptor);
HLPR_BAIL;
}
HLPR_NEW_ARRAY(pTempFilterConditions[tempConditionIndex].conditionValue.sd->data,
BYTE,
length);
if(pTempFilterConditions[tempConditionIndex].conditionValue.sd->data == 0)
{
LocalFree(pSecurityDescriptor);
HLPR_DELETE(pTempFilterConditions[tempConditionIndex].conditionValue.sd);
HLPR_BAIL;
}
RtlCopyMemory(pTempFilterConditions[tempConditionIndex].conditionValue.sd->data,
pSecurityDescriptor,
length);
LocalFree(pSecurityDescriptor);
pTempFilterConditions[tempConditionIndex].conditionValue.type = forEnum ? FWP_SID : FWP_SECURITY_DESCRIPTOR_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.sd->size = length;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ALE_PROMISCUOUS_MODE
/// -apm <MATCH_TYPE> <CONTEXT>
/// -apm == 0
if(HlprStringsAreEqual(L"-apm",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 context = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ALE_PROMISCUOUS_MODE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
context = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = context;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ALE_SIO_FIREWALL_SYSTEM_PORT \ FWPM_CONDITION_ALE_SIO_FIREWALL_SOCKET_PROPERTY
/// -asfsp <MATCH_TYPE> <PORT>
/// -asfsp == 0
if(HlprStringsAreEqual(L"-asfsp",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 context = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ALE_SIO_FIREWALL_SYSTEM_PORT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
context = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = context;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_ALE_NAP_CONTEXT
/// -anc <MATCH_TYPE> <CONTEXT>
/// -anc == 0
if(HlprStringsAreEqual(L"-anc",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 context = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_ALE_NAP_CONTEXT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
context = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = context;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// These can be implemented later as they apply only to UM layers and none of these are demo'd yet
/// FWPM_CONDITION_REMOTE_USER_TOKEN
/// FWPM_CONDITION_RPC_IF_UUID
/// FWPM_CONDITION_RPC_IF_VERSION
/// -riv <MATCH_TYPE> <VERSION>
/// -riv == 1
if(HlprStringsAreEqual(L"-riv",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 version = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_RPC_IF_VERSION;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
version = wcstol(pString,
0,
0);
else
HLPR_BAIL;
if(version <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)version;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_RPC_IF_FLAG
/// -rif <MATCH_TYPE> <FLAGS>
/// -rif == 1
if(HlprStringsAreEqual(L"-rif",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 flag = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_RPC_IF_FLAG;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
flag = wcstol(pString,
0,
0);
else
flag = PrvHlprRPCIFFlagParse(pString);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = flag;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_DCOM_APP_ID
/// FWPM_CONDITION_IMAGE_NAME
/// FWPM_CONDITION_RPC_PROTOCOL
/// -rp <MATCH_TYPE> <RPC_PROTOCOL>
/// -rp == NCACN_IP_TCP
if(HlprStringsAreEqual(L"-rp",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 protocol = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_RPC_PROTOCOL;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
protocol = wcstol(pString,
0,
0);
else
protocol = PrvHlprRPCProtocolParse(pString);
if(protocol <= 0xFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)protocol;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_RPC_AUTH_TYPE
/// -rat <MATCH_TYPE> <RPC_AUTH_TYPE>
/// -rat == WinNT
if(HlprStringsAreEqual(L"-rat",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 authType = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_RPC_AUTH_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
authType = wcstol(pString,
0,
0);
else
authType = PrvHlprRPCAuthTypeParse(pString);
if(authType <= 0xFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)authType;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_RPC_AUTH_LEVEL
/// -ral <MATCH_TYPE> <RPC_AUTH_LEVEL>
/// -ral == Default
if(HlprStringsAreEqual(L"-ral",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 authLevel = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_RPC_AUTH_LEVEL;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT8;
if(iswdigit((wint_t)pString[0]))
authLevel = wcstol(pString,
0,
0);
else
authLevel = PrvHlprRPCAuthLevelParse(pString);
if(authLevel <= 0xFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint8 = (UINT8)authLevel;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_SEC_ENCRYPT_ALGORITHM
/// -sea <MATCH_TYPE> <ALGORITHM>
/// -sea == 1
if(HlprStringsAreEqual(L"-sea",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 algorithm = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_SEC_ENCRYPT_ALGORITHM;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
algorithm = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = algorithm;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_SEC_KEY_SIZE
/// -sks <MATCH_TYPE> <SIZE>
/// -sks == 128
if(HlprStringsAreEqual(L"-sks",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 keySize = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_SEC_KEY_SIZE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
keySize = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = keySize;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_LOCAL_ADDRESS_V4
/// -iplav4 <MATCH_TYPE> <IP_LOCAL_ADRESS>
/// -iplav4 == 1.2.3.4
if(HlprStringsAreEqual(L"-iplav4",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_LOCAL_ADDRESS_V4;
if(HlprIPAddressV4StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
status = HlprIPAddressV4StringToValue(pString,
&(pTempFilterConditions[tempConditionIndex].conditionValue.uint32));
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_LOCAL_ADDRESS_V6
/// -iplav6 <MATCH_TYPE> <IP_LOCAL_ADRESS_V6>
/// -iplav6 == 1:2:3:4:5:6:7:8
if(HlprStringsAreEqual(L"-iplav6",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_LOCAL_ADDRESS_V6;
if(HlprIPAddressV6StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY16_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
FWP_BYTE_ARRAY16);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
status);
status = HlprIPAddressV6StringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16->byteArray16);
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_PIPE
/// FWPM_CONDITION_IP_REMOTE_ADDRESS_V4
/// -iprav4 <MATCH_TYPE> <IP_REMOTE_ADRESS_V4>
/// -iprav4 == 127.0.0.1
if(HlprStringsAreEqual(L"-iprav4",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_REMOTE_ADDRESS_V4;
if(HlprIPAddressV4StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
status = HlprIPAddressV4StringToValue(pString,
&(pTempFilterConditions[tempConditionIndex].conditionValue.uint32));
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IP_REMOTE_ADDRESS_V6
/// -iprav6 <MATCH_TYPE> <IP_REMOTE_ADRESS_V6>
/// -iprav6 == 1:2:3:4:5:6:7:8
if(HlprStringsAreEqual(L"-iprav6",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IP_REMOTE_ADDRESS_V6;
if(HlprIPAddressV6StringIsValidFormat(pString))
{
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_ARRAY16_TYPE;
HLPR_NEW(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
FWP_BYTE_ARRAY16);
HLPR_BAIL_ON_ALLOC_FAILURE(pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16,
status);
status = HlprIPAddressV6StringToValue(pString,
pTempFilterConditions[tempConditionIndex].conditionValue.byteArray16->byteArray16);
HLPR_BAIL_ON_FAILURE(status);
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_PROCESS_WITH_RPC_IF_UUID
/// FWPM_CONDITION_RPC_EP_VALUE
/// FWPM_CONDITION_RPC_EP_FLAGS
/// -ref <MATCH_TYPE> <FLAGS>
/// -ref == 1
if(HlprStringsAreEqual(L"-ref",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 flag = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_RPC_EP_FLAGS;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
flag = wcstol(pString,
0,
0);
else
flag = PrvHlprRPCIFFlagParse(pString);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = flag;
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_CLIENT_TOKEN
/// FWPM_CONDITION_RPC_SERVER_NAME
/// FWPM_CONDITION_RPC_SERVER_PORT
/// -rsp <MATCH_TYPE> <PORT>
/// -rsp == 1
if(HlprStringsAreEqual(L"-rsp",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 port = 0xFFFFFFFF;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_RPC_SERVER_PORT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT16;
if(iswdigit((wint_t)pString[0]))
port = wcstol(pString,
0,
0);
if(port <= 0xFFFF)
pTempFilterConditions[tempConditionIndex].conditionValue.uint16 = (UINT16)port;
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_RPC_PROXY_AUTH_TYPE
/// FWPM_CONDITION_CLIENT_CERT_KEY_LENGTH
/// -cckl <MATCH_TYPE> <LENGTH>
/// -cckl == 1
if(HlprStringsAreEqual(L"-cckl",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 keyLength = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_CLIENT_CERT_KEY_LENGTH;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
keyLength = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = keyLength;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_CLIENT_CERT_OID
/// FWPM_CONDITION_NET_EVENT_TYPE
#if(NTDDI_VERSION >= NTDDI_WIN7)
/// FWPM_CONDITION_KM_AUTH_NAP_CONTEXT
/// -kanc <MATCH_TYPE> <CONTEXT>
/// -kanc == 1
if(HlprStringsAreEqual(L"-kanc",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 context = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_KM_AUTH_NAP_CONTEXT;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
context = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = context;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_PEER_NAME
/// FWPM_CONDITION_REMOTE_ID
/// FWPM_CONDITION_AUTHENTICATION_TYPE
/// -at <MATCH_TYPE> <TYPE>
/// -at == 1
if(HlprStringsAreEqual(L"-at",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_AUTHENTICATION_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
type = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_KM_TYPE
/// -kt <MATCH_TYPE> <TYPE>
/// -kt == 1
if(HlprStringsAreEqual(L"-kt",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 type = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_KM_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
type = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = type;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_KM_MODE
/// -km <MATCH_TYPE> <MODE>
/// -km == 1
if(HlprStringsAreEqual(L"-km",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 mode = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_KM_MODE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
mode = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = mode;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IPSEC_POLICY_KEY
#if(NTDDI_VERSION >= NTDDI_WIN8)
/// FWPM_CONDITION_QM_MODE
/// -qm <MATCH_TYPE> <MODE>
/// -qm == 1
if(HlprStringsAreEqual(L"-qm",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
UINT32 mode = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_QM_MODE;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_UINT32;
if(iswdigit((wint_t)pString[0]))
{
mode = wcstol(pString,
0,
0);
pTempFilterConditions[tempConditionIndex].conditionValue.uint32 = mode;
}
else
{
status = ERROR_INVALID_PARAMETER;
HLPR_BAIL;
}
tempConditionIndex++;
continue;
}
#if(NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
/// FWPM_CONDITION_ALE_SECURITY_ATTRIBUTE_FQBN_VALUE
/// -asfv <MATCH_TYPE> <APPLICATION_NAME>
/// -asfv == "CN="
if(HlprStringsAreEqual(L"-asafv",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
FWP_BYTE_BLOB* pByteBlob = 0;
size_t stringSize = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IPSEC_SECURITY_REALM_ID;
status = StringCbLength(pString,
STRSAFE_MAX_CCH * sizeof(WCHAR),
&stringSize);
if(FAILED(status))
HLPR_BAIL;
else
{
HLPR_NEW(pByteBlob,
FWP_BYTE_BLOB);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob,
status);
HLPR_NEW_ARRAY(pByteBlob->data,
BYTE,
stringSize);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob->data,
status);
RtlCopyMemory(pByteBlob->data,
pString,
stringSize);
pByteBlob->size = (UINT32)stringSize;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_BLOB_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.byteBlob = pByteBlob;
}
tempConditionIndex++;
continue;
}
/// FWPM_CONDITION_IPSEC_SECURITY_REALM_ID
/// -isrid <MATCH_TYPE> <APPLICATION_NAME>
/// -isrid == MyRealm
if(HlprStringsAreEqual(L"-isrid",
ppCLPStrings[stringIndex]))
{
PCWSTR pString = ppCLPStrings[++stringIndex];
FWP_BYTE_BLOB* pByteBlob = 0;
size_t stringSize = 0;
pTempFilterConditions[tempConditionIndex].matchType = PrvHlprCommandLineStringToFwpMatchType(pString);
if(pTempFilterConditions[tempConditionIndex].matchType == FWP_MATCH_TYPE_MAX)
pTempFilterConditions[tempConditionIndex].matchType = FWP_MATCH_EQUAL;
else
{
if((stringIndex + 1) < stringCount)
pString = ppCLPStrings[++stringIndex];
else
HLPR_BAIL;
}
pTempFilterConditions[tempConditionIndex].fieldKey = FWPM_CONDITION_IPSEC_SECURITY_REALM_ID;
status = StringCbLength(pString,
STRSAFE_MAX_CCH * sizeof(WCHAR),
&stringSize);
if(FAILED(status))
HLPR_BAIL;
else
{
HLPR_NEW(pByteBlob,
FWP_BYTE_BLOB);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob,
status);
HLPR_NEW_ARRAY(pByteBlob->data,
BYTE,
stringSize);
HLPR_BAIL_ON_ALLOC_FAILURE(pByteBlob->data,
status);
RtlCopyMemory(pByteBlob->data,
pString,
stringSize);
pByteBlob->size = (UINT32)stringSize;
pTempFilterConditions[tempConditionIndex].conditionValue.type = FWP_BYTE_BLOB_TYPE;
pTempFilterConditions[tempConditionIndex].conditionValue.byteBlob = pByteBlob;
}
tempConditionIndex++;
continue;
}
#endif /// (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#endif /// (NTDDI_VERSION >= NTDDI_WIN8)
#endif /// (NTDDI_VERSION >= NTDDI_WIN7)
HLPR_BAIL_LABEL:
if(status != NO_ERROR)
HlprFwpmFilterConditionPurge(&(pTempFilterConditions[tempConditionIndex]));
}
#pragma warning(pop)
if(tempConditionIndex)
status = PrvHlprFwpmFilterConditionsSort(pTempFilterConditions,
tempConditionIndex,
pFilter);
HLPR_BAIL_LABEL_2:
HLPR_DELETE_ARRAY(pTempFilterConditions);
return status;
}