Hey, guys. I’m currently writing a WFP driver which redirects packets to another address. But there is a problem.
When I try to create a network packet inject handle using FwpsInjectionHandleCreate0 function in classify callout function like below
‘status = FwpsInjectionHandleCreate0(AF_INET, FWPS_INJECTION_TYPE_NETWORK, &InjectHandle);’
the status is always 0xC00000BB, means that the request is not supported. But once I modify the second parameter to FWPS_INJECTION_TYPE_STREAM, make it generate an stream packet inject handle, the status is success. Is there something that I miss for creating a network packet inject handle?
The Windivert driver is good for WFP Driver Development. (https://github.com/basil00/Divert)
From WinDivert Driver sources, FwpsInjectionHandleCreate is called with “FWPS_INJECTION_TYPE_NETWORK | FWPS_INJECTION_TYPE_FORWARD”.
status = FwpsInjectionHandleCreate(AF_INET,
FWPS_INJECTION_TYPE_NETWORK | FWPS_INJECTION_TYPE_FORWARD,
...
And They not create InjectHandle in classify callout but in init function.
1 Like