3.1.4.12 RRPC_FWSetConfig (Opnum 11)
The RRPC_FWSetConfig method modifies the value of a profile configuration option. The client specifies to the server in what store and profile this value MUST be written and what specific configuration option it is interested in modifying.
-
unsigned long RRPC_FWSetConfig( [in] FW_CONN_HANDLE rpcConnHandle, [in] FW_POLICY_STORE_HANDLE hPolicyStore, [in, range(FW_PROFILE_CONFIG_ENABLE_FW, FW_PROFILE_CONFIG_MAX-1)] FW_PROFILE_CONFIG configID, [in] FW_PROFILE_TYPE Profile, [in, switch_is(configID)] FW_PROFILE_CONFIG_VALUE pConfig, [in, range(0, 10*1024)] unsigned long dwBufSize );
rpcConnHandle: This parameter is an RPC binding handle that connects to the RPC interface of the Firewall and Advanced Security Protocol.
hPolicyStore: This input parameter is an FW_POLICY_STORE_HANDLE data type. The data type MUST contain an opened policy store handle, successfully opened with the RRPC_FWOpenPolicyStore (Opnum 0) method. The handle MUST have read/write access rights.
configID: This parameter specifies the specific profile configuration option the client wants to modify.
Profile: This parameter specifies in which specific profile this value MUST be written.
pConfig: This is an input parameter. This parameter is a pointer to the buffer that the client provides containing the value to write on the configuration option specified. If the buffer is NULL, this method deletes the configuration option. The buffer is of type FW_PROFILE_CONFIG_VALUE.
dwBufSize: This parameter is the size of the buffer that the pConfig parameter points to.
Return Values: The method returns 0 if successful; if failed, it returns a nonzero error code. The field can take any specific error code value, as specified in [MS-ERREF]. The following return values are common.
-
Return value/code
Description
0x00000032
ERROR_NOT_SUPPORTED
The method does not support the specified combination of parameters. This can be because:
The store type specified does not support this method.
The Profile parameter contains a combination of profiles (instead of a single profile) or an unknown profile.
0x00000005
ERROR_ACCESS_DENIED
The hPolicyStore handle was not opened with read/write access rights. The error is also returned if the client does not have the required credentials to call the method.
0x00000057
ERROR_INVALID_PARAMETER
One of the parameters of this method is incorrect, or is required and not specified. This error can be returned because:
The specific configuration option is not meant to be available in the specified store.
The specified configuration option is not defined.
The size of the buffer does not match the size of the type of the configuration value.
The buffer is null but dwBufSize says otherwise.
The caller wants to set a FW_PROFILE_CONFIG_LOG_MAX_FILE_SIZE that is not within the valid values [min, max].
The default action configuration value specifies a value that maps to neither allow nor block.
The FW_PROFILE_CONFIG_LOG_FILE_PATH configuration value contains the following invalid characters: /,*,?,",<,>,|.
Exceptions Thrown: No exceptions are thrown beyond those thrown by the underlying RPC protocol, as specified in [MS-RPCE]. If any lower-layer errors are reported by RPC exception, this exception is converted to an error code and reported to higher-layer protocols via the return value.
This method performs a merge operation of the resultant configuration values, as defined in section 3.1.3. It then determines what modifications are necessary on the rule objects (for example, remove rule enforcement if firewall is off) to make sure the policy is enforced.
The server MUST validate that the client is authorized to perform the requested operation (as defined in section 3.1.4) before executing this method.