what is the standard way of asking user in WFP callout driver?

Hi,
recently I am developing a callout driver acting as firewall replacing TDI so using windows filtering platform. I want to know how can I get some information from user mode in classiftyFn callout function?
Is there standard windwos filtering platform’s api for waiting in kernel mode-callout driver until getting some information from user mode?
thanks,

Pend ALE_AUTH_CONNECT with FwpsPendOperation0

thanks you

ای ول ای ول ای

On Mon, Dec 8, 2014 at 1:06 PM, wrote:

> thanks you
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
>
> OSR is HIRING!! See http://www.osr.com/careers
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

Hi,
I have used fwpspendoperation in ALE_AUTH_Connect 's calssifyFn callback then for sending some information from callout driver to user and waiting for the rule and decision make by user, I called kewaitforsingleobject api then call fwpscompleteoperation. The event set when the rule achieved by IOCTL send from user, But it doe n’t work? It means calling KesetEvent not followed by kewaitforsingleobject and the state is not signaled.
should I queue packets and reinject them again?

Most callbacks (even those at Application Layer) come in at Dispatch Level.
You have to absorb and re-inject the packets. Take a look at the “WFP
inspect sample” or the newer “WFP sampler”:

https://code.msdn.microsoft.com/windowshardware/Windows-Filtering-Platform-27553baa

wrote news:xxxxx@ntdev…

Hi,
I have used fwpspendoperation in ALE_AUTH_Connect 's calssifyFn callback
then for sending some information from callout driver to user and waiting
for the rule and decision make by user, I called kewaitforsingleobject api
then call fwpscompleteoperation. The event set when the rule achieved by
IOCTL send from user, But it doe n’t work? It means calling KesetEvent not
followed by kewaitforsingleobject and the state is not signaled.
should I queue packets and reinject them again?

thanks Frank,
I saw that WFP inspect sample and I omited the part of queuing and reinjecting packets in my code.
So I should add these parts.

:slight_smile: ay val :slight_smile:

On Sat, Dec 13, 2014 at 7:55 PM, wrote:
>
> thanks Frank,
> I saw that WFP inspect sample and I omited the part of queuing and
> reinjecting packets in my code.
> So I should add these parts.
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
>
> OSR is HIRING!! See http://www.osr.com/careers
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>