Windows Filtering Platform

Overview of the Windows Filtering Platform technology.

To develop Windows Filtering Platform, you need these headers:

For programming guidance for this technology, see:

Enumerations

 
DL_ADDRESS_TYPE

The DL_ADDRESS_TYPE enumeration (netiodef.h) specifies the type of datalink layer address.
DL_ADDRESS_TYPE

The DL_ADDRESS_TYPE enumeration (fwpmtypes.h) specifies the type of datalink layer address.
FWP_AF

The FWP_AF enumerated type.
FWP_CLASSIFY_OPTION_TYPE

The FWP_CLASSIFY_OPTION_TYPE enumerated type is used by callouts and shims during run-time classification.FWP_CLASSIFY_OPTION_TYPE specifies timeout options for unicast, multicast, and loose source mapping states and enables blocking or permission of state creation on outbound multicast and broadcast traffic.
FWP_DATA_TYPE

Data types that can be stored in an FWP_VALUE0 or an FWP_CONDITION_VALUE0structure.
FWP_DIRECTION

Direction of network traffic.
FWP_ETHER_ENCAP_METHOD

Specifies the method of encapsulating Ethernet II and SNAP traffic. Reserved.
FWP_FILTER_ENUM_TYPE

Specifies how the filter enum conditions should be interpreted.
FWP_IP_VERSION

Specifies the IP version. (FWP_IP_VERSION)
FWP_MATCH_TYPE

Different match types allowed in filter conditions.
FWP_NETWORK_CONNECTION_POLICY_SETTING_TYPE

TBD
FWP_VSWITCH_NETWORK_TYPE

Specifies the network type of a vSwitch.
FWPM_APPC_NETWORK_CAPABILITY_TYPE

Specifies the type of app container network capability that is associated with the object or traffic in question.
FWPM_CHANGE_TYPE

Used when dispatching change notifications to subscribers.
FWPM_CONNECTION_EVENT_TYPE

Specifies the type of connection object change event.
FWPM_ENGINE_OPTION

Configurable options for the filter engine.
FWPM_FIELD_TYPE

Provides additional information about how the field's data should be interpreted.
FWPM_NET_EVENT_TYPE

Type of net event.
FWPM_PROVIDER_CONTEXT_TYPE

Types of provider contexts that may be stored in Base Filtering Engine (BFE).
FWPM_SERVICE_STATE

Specifies the current state of the filter engine.
FWPM_SYSTEM_PORT_TYPE

The FWPM_SYSTEM_PORT_TYPE enumerated type.
FWPM_VSWITCH_EVENT_TYPE

Specifies the type of a vSwitch event.
FWPS_BUILTIN_LAYERS

Defines constants that specify built-in run-time filtering layer identifiers. Each is represented by a locally unique identifier (LUID), which is 64 bits in size.
FWPS_FIELDS_ALE_AUTH_CONNECT_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_AUTH_CONNECT_V4 and FWPS_LAYER_ALE_AUTH_CONNECT_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_AUTH_CONNECT_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_AUTH_CONNECT_V6 and FWPS_LAYER_ALE_AUTH_CONNECT_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_AUTH_LISTEN_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_AUTH_LISTEN_V4 and FWPS_LAYER_ALE_AUTH_LISTEN_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_AUTH_LISTEN_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_AUTH_LISTEN_V6 and FWPS_LAYER_ALE_AUTH_LISTEN_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_AUTH_RECV_ACCEPT_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V4 and FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_AUTH_RECV_ACCEPT_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V6 and FWPS_LAYER_ALE_AUTH_RECV_ACCEPT_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_BIND_REDIRECT_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_BIND_REDIRECT_V4 run-time filtering layer.
FWPS_FIELDS_ALE_BIND_REDIRECT_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_BIND_REDIRECT_V6 run-time filtering layer.
FWPS_FIELDS_ALE_CONNECT_REDIRECT_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_CONNECT_REDIRECT_V4 run-time filtering layer.
FWPS_FIELDS_ALE_CONNECT_REDIRECT_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_CONNECT_REDIRECT_V6 run-time filtering layer.
FWPS_FIELDS_ALE_ENDPOINT_CLOSURE_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_ENDPOINT_CLOSURE_V4 run-time filtering layer.
FWPS_FIELDS_ALE_ENDPOINT_CLOSURE_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_ENDPOINT_CLOSURE_V6 run-time filtering layer.
FWPS_FIELDS_ALE_FLOW_ESTABLISHED_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_FLOW_ESTABLISHED_V4 and FWPS_LAYER_ALE_FLOW_ESTABLISHED_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_FLOW_ESTABLISHED_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_FLOW_ESTABLISHED_V6 and FWPS_LAYER_ALE_FLOW_ESTABLISHED_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_RESOURCE_ASSIGNMENT_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V4 and FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_RESOURCE_ASSIGNMENT_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V6 and FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_ALE_RESOURCE_RELEASE_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_RESOURCE_RELEASE_V4 run-time filtering layer.
FWPS_FIELDS_ALE_RESOURCE_RELEASE_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_RESOURCE_RELEASE_V6 run-time filtering layer.
FWPS_FIELDS_DATAGRAM_DATA_V4

Specifies the data field identifiers for the FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V4 and FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_DATAGRAM_DATA_V6

Specifies the data field identifiers for the FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V6 and FWPS_LAYER_ALE_RESOURCE_ASSIGNMENT_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_EGRESS_VSWITCH_ETHERNET

Specifies the data field identifiers for the FWPS_LAYER_EGRESS_VSWITCH_ETHERNET run-time filtering layer.
FWPS_FIELDS_EGRESS_VSWITCH_TRANSPORT_V4

Specifies the data field identifiers for the FWPS_LAYER_EGRESS_VSWITCH_TRANSPORT_V4 run-time filtering layer.
FWPS_FIELDS_EGRESS_VSWITCH_TRANSPORT_V6

Specifies the data field identifiers for the FWPS_LAYER_EGRESS_VSWITCH_TRANSPORT_V6 run-time filtering layer.
FWPS_FIELDS_IKEEXT_V4

Specifies the data field identifiers for the FWPS_LAYER_IKEEXT_V4 run-time filtering layer.
FWPS_FIELDS_IKEEXT_V6

Specifies the data field identifiers for the FWPS_LAYER_IKEEXT_V6 run-time filtering layer.
FWPS_FIELDS_INBOUND_ICMP_ERROR_V4

Specifies the data field identifiers for the FWPS_LAYER_INBOUND_ICMP_ERROR_V4 and FWPS_LAYER_INBOUND_ICMP_ERROR_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_INBOUND_ICMP_ERROR_V6

Specifies the data field identifiers for the FWPS_LAYER_INBOUND_ICMP_ERROR_V6 and FWPS_LAYER_INBOUND_ICMP_ERROR_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_INBOUND_IPPACKET_V4

Specifies the data field identifiers for the FWPS_LAYER_INBOUND_IPPACKET_V4 and FWPS_LAYER_INBOUND_IPPACKET_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_INBOUND_IPPACKET_V6

Specifies the data field identifiers for the FWPS_LAYER_INBOUND_IPPACKET_V6 and FWPS_LAYER_INBOUND_IPPACKET_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_INBOUND_MAC_FRAME_ETHERNET

Specifies the data field identifiers for the FWPS_LAYER_INBOUND_MAC_FRAME_ETHERNET run-time filtering layer.
FWPS_FIELDS_INBOUND_MAC_FRAME_NATIVE

Specifies the data field identifiers for the FWPS_LAYER_INBOUND_MAC_FRAME_ETHERNET run-time filtering layer.
FWPS_FIELDS_INBOUND_MAC_FRAME_NATIVE_FAST

TBD
FWPS_FIELDS_INBOUND_RESERVED2

An enum whose values are reserved for internal use.
FWPS_FIELDS_INBOUND_TRANSPORT_FAST

TBD
FWPS_FIELDS_INBOUND_TRANSPORT_V4

Specifies the data field identifiers for the FWPS_LAYER_INBOUND_TRANSPORT_V4 and FWPS_LAYER_INBOUND_TRANSPORT_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_INBOUND_TRANSPORT_V6

Specifies the data field identifiers for the FWPS_LAYER_INBOUND_TRANSPORT_V6 and FWPS_LAYER_INBOUND_TRANSPORT_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_INGRESS_VSWITCH_ETHERNET

Specifies the data field identifiers for the FWPS_LAYER_INGRESS_VSWITCH_ETHERNET run-time filtering layer.
FWPS_FIELDS_INGRESS_VSWITCH_TRANSPORT_V4

Specifies the data field identifiers for the FWPS_LAYER_INGRESS_VSWITCH_TRANSPORT_V4 run-time filtering layer.
FWPS_FIELDS_INGRESS_VSWITCH_TRANSPORT_V6

Specifies the data field identifiers for the FWPS_LAYER_INGRESS_VSWITCH_TRANSPORT_V6 run-time filtering layer.
FWPS_FIELDS_IPFORWARD_V4

Specifies the data field identifiers for the FWPS_LAYER_IPFORWARD_V4 and FWPS_LAYER_IPFORWARD_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_IPFORWARD_V6

Specifies the data field identifiers for the FWPS_LAYER_IPFORWARD_V6 and FWPS_LAYER_IPFORWARD_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_IPSEC_KM_DEMUX_V4

Specifies the data field identifiers for the FWPS_LAYER_IPSEC_KM_DEMUX_V4 run-time filtering layer.
FWPS_FIELDS_IPSEC_KM_DEMUX_V6

Specifies the data field identifiers for the FWPS_LAYER_IPSEC_KM_DEMUX_V6 run-time filtering layer.
FWPS_FIELDS_IPSEC_V4

Specifies the data field identifiers for the FWPS_LAYER_IPSEC_V4 run-time filtering layer.
FWPS_FIELDS_IPSEC_V6

Specifies the data field identifiers for the FWPS_LAYER_IPSEC_V6 run-time filtering layer.
FWPS_FIELDS_KM_AUTHORIZATION

Specifies the data field identifiers for the FWPS_LAYER_KM_AUTHORIZATION run-time filtering layer.
FWPS_FIELDS_NAME_RESOLUTION_CACHE_V4

Specifies the data field identifiers for the FWPS_LAYER_NAME_RESOLUTION_CACHE_V4 run-time filtering layer.
FWPS_FIELDS_NAME_RESOLUTION_CACHE_V6

Specifies the data field identifiers for the FWPS_LAYER_NAME_RESOLUTION_CACHE_V6 run-time filtering layer.
FWPS_FIELDS_OUTBOUND_ICMP_ERROR_V4

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_ICMP_ERROR_V4 and FWPS_LAYER_OUTBOUND_ICMP_ERROR_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_OUTBOUND_ICMP_ERROR_V6

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_ICMP_ERROR_V6 and FWPS_LAYER_OUTBOUND_ICMP_ERROR_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_OUTBOUND_IPPACKET_V4

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_IPPACKET_V4 and FWPS_LAYER_OUTBOUND_IPPACKET_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_OUTBOUND_IPPACKET_V6

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_IPPACKET_V6 and FWPS_LAYER_OUTBOUND_IPPACKET_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_OUTBOUND_MAC_FRAME_ETHERNET

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_MAC_FRAME_ETHERNET run-time filtering layer.
FWPS_FIELDS_OUTBOUND_MAC_FRAME_NATIVE

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_MAC_FRAME_NATIVE run-time filtering layer.
FWPS_FIELDS_OUTBOUND_MAC_FRAME_NATIVE_FAST

TBD
FWPS_FIELDS_OUTBOUND_NETWORK_POLICY_V4

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_NETWORK_CONNECTION_POLICY_V4 run-time filtering layer.
FWPS_FIELDS_OUTBOUND_NETWORK_POLICY_V6

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_NETWORK_CONNECTION_POLICY_V6 run-time filtering layer.
FWPS_FIELDS_OUTBOUND_TRANSPORT_FAST

TBD
FWPS_FIELDS_OUTBOUND_TRANSPORT_V4

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_TRANSPORT_V4 and FWPS_LAYER_OUTBOUND_TRANSPORT_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_OUTBOUND_TRANSPORT_V6

Specifies the data field identifiers for the FWPS_LAYER_OUTBOUND_TRANSPORT_V6 and FWPS_LAYER_OUTBOUND_TRANSPORT_V6_DISCARD run-time filtering layers.
FWPS_FIELDS_RPC_EP_ADD

Specifies the data field identifiers for the FWPS_LAYER_RPC_EP_ADD run-time filtering layer.
FWPS_FIELDS_RPC_EPMAP

Specifies the data field identifiers for the FWPS_LAYER_RPC_EPMAP run-time filtering layer.
FWPS_FIELDS_RPC_PROXY_CONN

Specifies the data field identifiers for the FWPS_LAYER_RPC_PROXY_CONN run-time filtering layer.
FWPS_FIELDS_RPC_PROXY_IF_IF

Specifies the data field identifiers for the FWPS_LAYER_RPC_PROXY_IF run-time filtering layer.
FWPS_FIELDS_RPC_UM

Specifies the data field identifiers for the FWPS_LAYER_RPC_UM run-time filtering layer.
FWPS_FIELDS_STREAM_PACKET_V4

Specifies the data field identifiers for the FWPS_LAYER_STREAM_PACKET_V4 run-time filtering layer.
FWPS_FIELDS_STREAM_PACKET_V6

Specifies the data field identifiers for the FWPS_LAYER_STREAM_PACKET_V6 run-time filtering layer.
FWPS_FIELDS_STREAM_V4

Specifies the data field identifiers for the FWPS_LAYER_STREAM_V4 and FWPS_LAYER_STREAM_V4_DISCARD run-time filtering layers.
FWPS_FIELDS_STREAM_V6

Specifies the data field identifiers for the FWPS_LAYER_STREAM_V6 and FWPS_LAYER_STREAM_V6_DISCARD run-time filtering layers.
IKEEXT_AUTHENTICATION_IMPERSONATION_TYPE

Specifies the type of impersonation to perform when Authenticated Internet Protocol (AuthIP) is used for authentication.
IKEEXT_AUTHENTICATION_METHOD_TYPE

Specifies the type of authentication method used by Internet Key Exchange (IKE), Authenticated Internet Protocol (AuthIP), or IKEv2.
IKEEXT_CERT_CONFIG_TYPE

Indicates a type of certificate configuration.
IKEEXT_CERT_CRITERIA_NAME_TYPE

Specifies the type of NAME fields possible for a certificate selection "subject" criteria.
IKEEXT_CIPHER_TYPE

Specifies the type of encryption algorithm used for encrypting the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) messages.
IKEEXT_DH_GROUP

Specifies the type of Diffie Hellman group used for Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) key generation.
IKEEXT_EM_SA_STATE

States for the Extended Mode (EM) negotiation exchanges that are part of the Authenticated Internet Protocol (AuthIP) protocol.
IKEEXT_INTEGRITY_TYPE

Specifies the type of hash algorithm used for integrity protection of Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) messages.
IKEEXT_KEY_MODULE_TYPE

Specifies the type of keying module.
IKEEXT_MM_SA_STATE

States for the Main Mode (MM) negotiation exchanges that are part of the Authenticated Internet Protocol (AuthIP) and Internet Key Exchange (IKE) protocols.
IKEEXT_QM_SA_STATE

States for the Quick Mode (QM) negotiation exchanges that are part of the Authenticated Internet Protocol (AuthIP) and Internet Key Exchange (IKE) protocols.
IKEEXT_SA_ROLE

Security association (SA) role for Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) Main Mode or Quick Mode negotiations.
INET_DISCARD_REASON

Defines the possible reasons that data is discarded by one of the transport layers.
IP_DISCARD_REASON

Defines the possible reasons that data is discarded by one of the network layers.
IPSEC_AUTH_TYPE

Indicates the type of hash algorithm used in an IPsec SA for data origin authentication and integrity protection.
IPSEC_CIPHER_TYPE

Indicates the type of encryption algorithm used in an IPsec SA for data privacy.
IPSEC_FAILURE_POINT

At what point IPsec has failed.
IPSEC_PFS_GROUP

Specifies the Diffie Hellman algorithm that should be used for Quick Mode PFS (Perfect Forward Secrecy).
IPSEC_SA_CONTEXT_EVENT_TYPE0

Specifies the type of IPsec security association (SA) context change event.
IPSEC_TOKEN_MODE

Different IPsec modes in which a token can be obtained.
IPSEC_TOKEN_PRINCIPAL

An access token principal.
IPSEC_TOKEN_TYPE

An IPsec token type.
IPSEC_TRAFFIC_TYPE

Specifies the type of IPsec traffic being described.
IPSEC_TRANSFORM_TYPE

Indicates the type of an IPsec security association (SA) transform.

Functions

 
FWPM_CALLOUT_CHANGE_CALLBACK0

Is used to add custom behavior to the callout change notification process.
FWPM_CONNECTION_CALLBACK0

Is used to add custom behavior to the connection object subscription process.
FWPM_DYNAMIC_KEYWORD_CALLBACK0

A callback function, which you implement, that is invoked with notifications regarding changes to dynamic keyword address (FW_DYNAMIC_KEYWORD_ADDRESS0) objects.
FWPM_FILTER_CHANGE_CALLBACK0

Is used to add custom behavior to the filter change notification process.
FWPM_NET_EVENT_CALLBACK0

Is used to add custom behavior to the net event subscription process. (FWPM_NET_EVENT_CALLBACK0)
FWPM_NET_EVENT_CALLBACK1

Is used to add custom behavior to the net event subscription process. (FWPM_NET_EVENT_CALLBACK1)
FWPM_NET_EVENT_CALLBACK2

Is used to add custom behavior to the net event subscription process. (FWPM_NET_EVENT_CALLBACK2)
FWPM_NET_EVENT_CALLBACK3

A callback function for adding custom behavior to the net event subscription process.
FWPM_NET_EVENT_CALLBACK4

A callback function for adding custom behavior to the net event subscription process.
FWPM_PROVIDER_CHANGE_CALLBACK0

To add custom behavior to the provider change notification process.
FWPM_PROVIDER_CONTEXT_CHANGE_CALLBACK0

Is used to add custom behavior to the provider context change notification process.
FWPM_SUBLAYER_CHANGE_CALLBACK0

Is used to added custom behavior to the sublayer change notification process.
FWPM_SYSTEM_PORTS_CALLBACK0

Is used to add custom behavior to the system port subscription process.
FWPM_VSWITCH_EVENT_CALLBACK0

Is used to add custom behavior to the vSwitch event subscription process.
FwpmCalloutAdd0

Adds a new callout object to the system.
FwpmCalloutCreateEnumHandle0

Creates a handle used to enumerate a set of callout objects.
FwpmCalloutDeleteById0

Removes a callout object from the system. (FwpmCalloutDeleteById0)
FwpmCalloutDeleteByKey0

Removes a callout object from the system. (FwpmCalloutDeleteByKey0)
FwpmCalloutDestroyEnumHandle0

Frees a handle returned by FwpmCalloutCreateEnumHandle0.
FwpmCalloutEnum0

Returns the next page of results from the callout enumerator.
FwpmCalloutGetById0

Retrieves a callout object. (FwpmCalloutGetById0)
FwpmCalloutGetByKey0

Retrieves a callout object. (FwpmCalloutGetByKey0)
FwpmCalloutGetSecurityInfoByKey0

Retrieves a copy of the security descriptor for a callout object.
FwpmCalloutSetSecurityInfoByKey0

Sets specified security information in the security descriptor of a callout object.
FwpmCalloutSubscribeChanges0

Is used to request the delivery of notifications regarding changes in a particular callout.
FwpmCalloutSubscriptionsGet0

Retrieves an array of all the current callout change notification subscriptions.
FwpmCalloutUnsubscribeChanges0

Is used to cancel a callout change subscription and stop receiving change notifications.
FwpmConnectionCreateEnumHandle0

Creates a handle used to enumerate a set of connection objects.
FwpmConnectionDestroyEnumHandle0

Frees a handle returned by FwpmConnectionCreateEnumHandle0.
FwpmConnectionEnum0

Returns the next page of results from the connection object enumerator.
FwpmConnectionGetById0

Retrieves a connection object.
FwpmConnectionGetSecurityInfo0

Retrieves a copy of the security descriptor for a connection object change event.
FwpmConnectionPolicyAdd0

Allows you to configure expressive routing policies for outbound connections.
FwpmConnectionPolicyDeleteByKey0

Removes the Connection Policy that was created with the GUID specified in the FWPM_PROVIDER_CONTEXT::providerContextKey when you called FwpmConnectionPolicyAdd0.
FwpmConnectionSetSecurityInfo0

Sets specified security information in the security descriptor for a connection object change event.
FwpmConnectionSubscribe0

Is used to request the delivery of notifications about changes to a connection object.
FwpmConnectionSubscriptionsGet0

Retrieves an array of all the current connection object change notification subscriptions.
FwpmConnectionUnsubscribe0

Is used to cancel a connection object change event subscription and stop receiving notifications.
FwpmDynamicKeywordSubscribe0

Requests the delivery of notifications regarding changes to particular dynamic keyword address (FW_DYNAMIC_KEYWORD_ADDRESS0) objects.
FwpmDynamicKeywordUnsubscribe0

Cancels the delivery of notifications regarding changes to particular dynamic keyword address (FW_DYNAMIC_KEYWORD_ADDRESS0) objects.
FwpmEngineClose0

Closes a session to a filter engine.
FwpmEngineGetOption0

Retrieves a filter engine option.
FwpmEngineGetSecurityInfo0

Retrieves a copy of the security descriptor for the filter engine.
FwpmEngineOpen0

Opens a session to the filter engine.
FwpmEngineSetOption0

Changes the filter engine settings.
FwpmEngineSetSecurityInfo0

Sets specified security information in the security descriptor of the filter engine.
FwpmFilterAdd0

Adds a new filter object to the system.
FwpmFilterCreateEnumHandle0

Creates a handle used to enumerate a set of filter objects.
FwpmFilterDeleteById0

Removes a filter object from the system. (FwpmFilterDeleteById0)
FwpmFilterDeleteByKey0

Removes a filter object from the system. (FwpmFilterDeleteByKey0)
FwpmFilterDestroyEnumHandle0

Frees a handle returned by FwpmFilterCreateEnumHandle0. (FwpmFilterDestroyEnumHandle0)
FwpmFilterEnum0

Returns the next page of results from the filter enumerator.
FwpmFilterGetById0

Retrieves a filter object. (FwpmFilterGetById0)
FwpmFilterGetByKey0

Retrieves a filter object. (FwpmFilterGetByKey0)
FwpmFilterGetSecurityInfoByKey0

Retrieves a copy of the security descriptor for a filter object.
FwpmFilterSetSecurityInfoByKey0

Sets specified security information in the security descriptor of a filter object.
FwpmFilterSubscribeChanges0

Is used to request the delivery of notifications regarding changes in a particular filter.
FwpmFilterSubscriptionsGet0

Retrieves an array of all the current filter change notification subscriptions.
FwpmFilterUnsubscribeChanges0

Is used to cancel a filter change subscription and stop receiving change notifications.
FwpmFreeMemory0

Is used to release memory resources allocated by the Windows Filtering Platform (WFP) functions.
FwpmGetAppIdFromFileName0

Retrieves an application identifier from a file name.
FwpmIPsecTunnelAdd0

Adds a new Internet Protocol Security (IPsec) tunnel mode policy to the system. (FwpmIpsecTunnelAdd0)
FwpmIPsecTunnelAdd1

Adds a new Internet Protocol Security (IPsec) tunnel mode policy to the system. (FwpmIpsecTunnelAdd1)
FwpmIPsecTunnelAdd2

Adds a new Internet Protocol Security (IPsec) tunnel mode policy to the system. (FwpmIPsecTunnelAdd2)
FwpmIPsecTunnelAdd3

Adds a new Internet Protocol Security (IPsec) tunnel mode policy to the system.
FwpmIPsecTunnelDeleteByKey0

Removes an Internet Protocol Security (IPsec) tunnel mode policy from the system.
FwpmLayerCreateEnumHandle0

Creates a handle used to enumerate a set of layer objects.
FwpmLayerDestroyEnumHandle0

Frees a handle returned by FwpmFilterCreateEnumHandle0. (FwpmLayerDestroyEnumHandle0)
FwpmLayerEnum0

Returns the next page of results from the layer enumerator.
FwpmLayerGetById0

Retrieves a layer object. (FwpmLayerGetById0)
FwpmLayerGetByKey0

Retrieves a layer object. (FwpmLayerGetByKey0)
FwpmLayerGetSecurityInfoByKey0

Retrieves a copy of the security descriptor for a layer object.
FwpmLayerSetSecurityInfoByKey0

Sets specified security information in the security descriptor of a layer object.
FwpmNetEventCreateEnumHandle0

Creates a handle used to enumerate a set of network events.
FwpmNetEventDestroyEnumHandle0

Frees a handle returned by FwpmNetEventCreateEnumHandle0.
FwpmNetEventEnum0

Returns the next page of results from the network event enumerator. (FwpmNetEventEnum0)
FwpmNetEventEnum1

Returns the next page of results from the network event enumerator. (FwpmNetEventEnum1)
FwpmNetEventEnum2

Returns the next page of results from the network event enumerator. (FwpmNetEventEnum2)
FwpmNetEventEnum3

Returns the next page of results from the network event enumerator. (FwpmNetEventEnum3)
FwpmNetEventEnum4

Retrieves the next page of results from the network event enumerator.
FwpmNetEventEnum5

Retrieves the next page of results from the network event enumerator.
FwpmNetEventsGetSecurityInfo0

The FwpmNetEventsGetSecurityInfo0 function retrieves a copy of the security descriptor for a network event object.
FwpmNetEventsSetSecurityInfo0

Sets specified security information in the security descriptor of a network event object.
FwpmNetEventSubscribe0

Is used to request the delivery of notifications regarding a particular net event. (FwpmNetEventSubscribe0)
FwpmNetEventSubscribe1

Is used to request the delivery of notifications regarding a particular net event. (FwpmNetEventSubscribe1)
FwpmNetEventSubscribe2

Is used to request the delivery of notifications regarding a particular net event. (FwpmNetEventSubscribe2)
FwpmNetEventSubscribe3

Used to request the delivery of notifications regarding a particular net event.
FwpmNetEventSubscribe4

Used to request the delivery of notifications regarding a particular net event.
FwpmNetEventSubscriptionsGet0

Retrieves an array of all the current net event notification subscriptions.
FwpmNetEventUnsubscribe0

Is used to cancel a net event subscription and stop receiving notifications.
FwpmProviderAdd0

Adds a new provider to the system.
FwpmProviderContextAdd0

Adds a new provider context to the system. (FwpmProviderContextAdd0)
FwpmProviderContextAdd1

Adds a new provider context to the system. (FwpmProviderContextAdd1)
FwpmProviderContextAdd2

Adds a new provider context to the system. (FwpmProviderContextAdd2)
FwpmProviderContextAdd3

Adds a new provider context to the system.
FwpmProviderContextCreateEnumHandle0

Creates a handle used to enumerate a set of provider contexts.
FwpmProviderContextDeleteById0

Removes a provider context from the system .
FwpmProviderContextDeleteByKey0

Removes a provider context from the system.
FwpmProviderContextDestroyEnumHandle0

Frees a handle returned by FwpmProviderContextCreateEnumHandle0.
FwpmProviderContextEnum0

Returns the next page of results from the provider context enumerator. (FwpmProviderContextEnum0)
FwpmProviderContextEnum1

Returns the next page of results from the provider context enumerator. (FwpmProviderContextEnum1)
FwpmProviderContextEnum2

Returns the next page of results from the provider context enumerator. (FwpmProviderContextEnum2)
FwpmProviderContextEnum3

Returns the next page of results from the provider context enumerator.
FwpmProviderContextGetById0

Retrieves a provider context. (FwpmProviderContextGetById0)
FwpmProviderContextGetById1

Retrieves a provider context. (FwpmProviderContextGetById1)
FwpmProviderContextGetById2

Retrieves a provider context. (FwpmProviderContextGetById2)
FwpmProviderContextGetById3

Retrieves a provider context.
FwpmProviderContextGetByKey0

Retrieves a provider context. (FwpmProviderContextGetByKey0)
FwpmProviderContextGetByKey1

Retrieves a provider context. (FwpmProviderContextGetByKey1)
FwpmProviderContextGetByKey2

Retrieves a provider context. (FwpmProviderContextGetByKey2)
FwpmProviderContextGetByKey3

Retrieves a provider context.
FwpmProviderContextGetSecurityInfoByKey0

Retrieves a copy of the security descriptor for a provider context object.
FwpmProviderContextSetSecurityInfoByKey0

Sets specified security information in the security descriptor of a provider context object.
FwpmProviderContextSubscribeChanges0

Is used to request the delivery of notifications regarding changes in a particular provider context.
FwpmProviderContextSubscriptionsGet0

Retrieves an array of all the current provider context change notification subscriptions.
FwpmProviderContextUnsubscribeChanges0

Is used to cancel a provider context change subscription and stop receiving change notifications.
FwpmProviderCreateEnumHandle0

Creates a handle used to enumerate a set of providers.
FwpmProviderDeleteByKey0

Removes a provider from the system.
FwpmProviderDestroyEnumHandle0

Frees a handle returned by FwpmProviderCreateEnumHandle0.
FwpmProviderEnum0

Returns the next page of results from the provider enumerator.
FwpmProviderGetByKey0

Retrieves a provider.
FwpmProviderGetSecurityInfoByKey0

Retrieves a copy of the security descriptor for a provider object.
FwpmProviderSetSecurityInfoByKey0

Sets specified security information in the security descriptor of a provider object.
FwpmProviderSubscribeChanges0

Is used to request the delivery of notifications regarding changes in a particular provider.
FwpmProviderSubscriptionsGet0

Retrieves an array of all the current provider change notification subscriptions.
FwpmProviderUnsubscribeChanges0

Is used to cancel a provider change subscription and stop receiving change notifications.
FwpmSessionCreateEnumHandle0

Creates a handle used to enumerate a set of session objects.
FwpmSessionDestroyEnumHandle0

Frees a handle returned by FwpmSessionCreateEnumHandle0.
FwpmSessionEnum0

Returns the next page of results from the session enumerator.
FwpmSubLayerAdd0

Adds a new sublayer to the system.
FwpmSubLayerCreateEnumHandle0

Creates a handle used to enumerate a set of sublayers.
FwpmSubLayerDeleteByKey0

Deletes a sublayer from the system by its key.
FwpmSubLayerDestroyEnumHandle0

Frees a handle returned by FwpmSubLayerCreateEnumHandle0.
FwpmSubLayerEnum0

Returns the next page of results from the sublayer enumerator.
FwpmSubLayerGetByKey0

Retrieves a sublayer by its key.
FwpmSubLayerGetSecurityInfoByKey0

Retrieves a copy of the security descriptor for a sublayer.
FwpmSubLayerSetSecurityInfoByKey0

Sets specified security information in the security descriptor of a sublayer.
FwpmSubLayerSubscribeChanges0

Is used to request the delivery of notifications regarding changes in a particular sublayer.
FwpmSubLayerSubscriptionsGet0

Retrieves an array of all the current sub-layer change notification subscriptions.
FwpmSubLayerUnsubscribeChanges0

Is used to cancel a sublayer change subscription and stop receiving change notifications.
FwpmSystemPortsGet0

Retrieves an array of all of the system port types.
FwpmSystemPortsSubscribe0

Is used to request the delivery of notifications regarding a particular system port.
FwpmSystemPortsUnsubscribe0

Is used to cancel a system port subscription and stop receiving notifications.
FwpmTransactionAbort0

Causes the current transaction within the current session to abort and rollback.
FwpmTransactionBegin0

Begins an explicit transaction within the current session.
FwpmTransactionCommit0

Commits the current transaction within the current session.
FwpmvSwitchEventsGetSecurityInfo0

Retrieves a copy of the security descriptor for a vSwitch event.
FwpmvSwitchEventsSetSecurityInfo0

Sets specified security information in the security descriptor for a vSwitch event.
FwpmvSwitchEventSubscribe0

Is used to request the delivery of notifications regarding a particular vSwitch event.
FwpmvSwitchEventUnsubscribe0

Is used to cancel a vSwitch event subscription and stop receiving notifications.
FWPS_CALLOUT_BOOTTIME_CALLOUT_DELETE_NOTIFY_FN0

TBD
FWPS_CALLOUT_CLASSIFY_FN0

The filter engine calls a callout's classifyFn0 callout function whenever there is data to be processed by the callout.
FWPS_CALLOUT_CLASSIFY_FN1

The filter engine calls a callout's classifyFn1 callout function whenever there is data to be processed by the callout.
FWPS_CALLOUT_CLASSIFY_FN2

The filter engine calls a callout's classifyFn2 callout function whenever there is data to be processed by the callout.
FWPS_CALLOUT_CLASSIFY_FN3

TBD
FWPS_CALLOUT_FLOW_DELETE_NOTIFY_FN0

The filter engine calls a callout's flowDeleteFn callout function to notify the callout that a data flow that is being processed by the callout is being terminated.
FWPS_CALLOUT_NOTIFY_FN0

The filter engine calls a callout's notifyFn0 callout function to notify the callout driver about events that are associated with the callout.
FWPS_CALLOUT_NOTIFY_FN1

The filter engine calls a callout's notifyFn1 callout function to notify the callout driver about events that are associated with the callout.
FWPS_CALLOUT_NOTIFY_FN2

The filter engine calls a callout's notifyFn2 callout function to notify the callout driver about events that are associated with the callout.
FWPS_CALLOUT_NOTIFY_FN3

TBD
FWPS_IS_L2_METADATA_FIELD_PRESENT

TBD
FWPS_IS_METADATA_FIELD_PRESENT

TBD
FwpsAleEndpointCreateEnumHandle0

Creates a handle that can be used with other application layer enforcement (ALE) endpoint functions to enumerate endpoint data.
FwpsAleEndpointDestroyEnumHandle0

Destroys an endpoint enumeration handle that was created by calling FwpsAleEndpointCreateEnumHandle0.
FwpsAleEndpointEnum0

Enumerates application layer enforcement (ALE) endpoints.
FwpsAleEndpointGetById0

Retrieves information about an application layer enforcement (ALE) endpoint.
FwpsAleEndpointGetSecurityInfo0

Retrieves security information about the application layer enforcement (ALE) endpoint enumeration session.
FwpsAleEndpointSetSecurityInfo0

Sets security information about the application layer enforcement (ALE) endpoint enumeration session.
FwpsOpenToken0

Opens an access token.
IkeextGetStatistics0

Retrieves Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) statistics. (IkeextGetStatistics0)
IkeextGetStatistics1

Retrieves Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) statistics. (IkeextGetStatistics1)
IkeextSaCreateEnumHandle0

Creates a handle used to enumerate a set of Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) security association (SA) objects.
IkeextSaDbGetSecurityInfo0

The IkeextSaDbGetSecurityInfo0 function retrieves a copy of the security descriptor for a security association (SA) database.
IkeextSaDbSetSecurityInfo0

The IkeextSaDbSetSecurityInfo0 function sets specified security information in the security descriptor of the IKE/AuthIP security association database.
IkeextSaDeleteById0

The IkeextSaDeleteById0 function removes a security association (SA) from the database.
IkeextSaDestroyEnumHandle0

Frees a handle returned by IkeextSaCreateEnumHandle0.
IkeextSaEnum0

Returns the next page of results from the IKE/AuthIP security association (SA) enumerator. (IkeextSaEnum0)
IkeextSaEnum1

Returns the next page of results from the IKE/AuthIP security association (SA) enumerator. (IkeextSaEnum1)
IkeextSaEnum2

Returns the next page of results from the IKE/AuthIP security association (SA) enumerator. (IkeextSaEnum2)
IkeextSaGetById0

Retrieves an IKE/AuthIP security association (SA) from the database. (IkeextSaGetById0)
IkeextSaGetById1

Retrieves an IKE/AuthIP security association (SA) from the database. (IkeextSaGetById1)
IkeextSaGetById2

Retrieves an IKE/AuthIP security association (SA) from the database. (IkeextSaGetById2)
IPSEC_KEY_MANAGER_DICTATE_KEY0

Used by the Trusted Intermediary Agent (TIA) to dictate keys for the SA being negotiated.
IPSEC_KEY_MANAGER_KEY_DICTATION_CHECK0

Indicates whether the Trusted Intermediary Agent (TIA) will dictate the keys for the SA being negotiated.
IPSEC_KEY_MANAGER_NOTIFY_KEY0

Is used to notify Trusted Intermediary Agents (TIAs) of the keys for the SA being negotiated.
IPSEC_SA_CONTEXT_CALLBACK0

Is used to add custom behavior to the IPsec security association (SA) context subscription process.
IPsecDospGetSecurityInfo0

Retrieves a copy of the security descriptor for the IPsec DoS Protection database.
IPsecDospGetStatistics0

The IPsecDospGetStatistics0 function retrieves Internet Protocol Security (IPsec) DoS Protection statistics.
IPsecDospSetSecurityInfo0

The IPsecDospSetSecurityInfo0 function sets specified security information in the security descriptor of the IPsec DoS Protection database.
IPsecDospStateCreateEnumHandle0

Creates a handle used to enumerate a set of IPsec DoS Protection objects.
IPsecDospStateDestroyEnumHandle0

Frees a handle returned by IPsecDospStateCreateEnumHandle0.
IPsecDospStateEnum0

Returns the next page of results from the IPsec DoS Protection state enumerator. Each IPsec DoS Protection state entry corresponds to a flow that has successfully passed the IPsec DoS Protection authentication checks.
IPsecGetStatistics0

Retrieves Internet Protocol Security (IPsec) statistics. (IPsecGetStatistics0)
IPsecGetStatistics1

Retrieves Internet Protocol Security (IPsec) statistics. (IPsecGetStatistics1)
IPsecKeyManagerAddAndRegister0

Registers a Trusted Intermediary Agent (TIA) with IPsec.
IPsecKeyManagerGetSecurityInfoByKey0

Retrieves a copy of the security descriptor that controls access to the key manager.
IPsecKeyManagerSetSecurityInfoByKey0

Sets specified security information in the security descriptor that controls access to the key manager.
IPsecKeyManagersGet0

Returns a list of current Trusted Intermediary Agents (TIAs).
IPsecKeyManagerUnregisterAndDelete0

Unregisters a Trusted Intermediary Agent (TIA) which had previously been registered with IPsec.
IPsecSaContextAddInbound0

The IPsecSaContextAddInbound0 function adds an inbound IPsec security association (SA) bundle to an existing SA context.Note  IPsecSaContextAddInbound0 is the specific implementation of IPsecSaContextAddInbound used in Windows Vista.
IPsecSaContextAddInbound1

The IPsecSaContextAddInbound1 function adds an inbound IPsec security association (SA) bundle to an existing SA context.Note  IPsecSaContextAddInbound1 is the specific implementation of IPsecSaContextAddInbound used in Windows 7 and later.
IPsecSaContextAddOutbound0

The IPsecSaContextAddOutbound0 function adds an outbound IPsec security association (SA) bundle to an existing SA context.Note  IPsecSaContextAddOutbound0 is the specific implementation of IPsecSaContextAddOutbound used in Windows Vista.
IPsecSaContextAddOutbound1

The IPsecSaContextAddOutbound1 function adds an outbound IPsec security association (SA) bundle to an existing SA context.Note  IPsecSaContextAddOutbound1 is the specific implementation of IPsecSaContextAddOutbound used in Windows 7 and later.
IPsecSaContextCreate0

Creates an IPsec security association (SA) context. (IPsecSaContextCreate0)
IPsecSaContextCreate1

Creates an IPsec security association (SA) context. (IPsecSaContextCreate1)
IPsecSaContextCreateEnumHandle0

Creates a handle used to enumerate a set of IPsec security association (SA) context objects.
IPsecSaContextDeleteById0

Deletes an IPsec security association (SA) context.
IPsecSaContextDestroyEnumHandle0

Frees a handle returned by IPsecSaContextCreateEnumHandle0.
IPsecSaContextEnum0

Returns the next page of results from the IPsec security association (SA) context enumerator. (IPsecSaContextEnum0)
IPsecSaContextEnum1

Returns the next page of results from the IPsec security association (SA) context enumerator. (IPsecSaContextEnum1)
IPsecSaContextExpire0

Indicates that an IPsec security association (SA) context should be expired.
IPsecSaContextGetById0

Retrieves an IPsec security association (SA) context. (IPsecSaContextGetById0)
IPsecSaContextGetById1

Retrieves an IPsec security association (SA) context. (IPsecSaContextGetById1)
IPsecSaContextGetSpi0

Retrieves the security parameters index (SPI) for a security association (SA) context. (IPsecSaContextGetSpi0)
IPsecSaContextGetSpi1

Retrieves the security parameters index (SPI) for a security association (SA) context. (IPsecSaContextGetSpi1)
IPsecSaContextSetSpi0

Sets the security parameters index (SPI) for a security association (SA) context.
IPsecSaContextSubscribe0

Is used to request the delivery of notifications regarding a particular IPsec security association (SA) context.
IPsecSaContextSubscriptionsGet0

Retrieves an array of all the current IPsec security association (SA) change notification subscriptions.
IPsecSaContextUnsubscribe0

Is used to cancel an IPsec security association (SA) change subscription and stop receiving change notifications.
IPsecSaContextUpdate0

Updates an IPsec security association (SA) context.
IPsecSaCreateEnumHandle0

Creates a handle used to enumerate a set of Internet Protocol Security (IPsec) security association (SA) objects.
IPsecSaDbGetSecurityInfo0

Retrieves a copy of the security descriptor for the IPsec security association (SA) database.
IPsecSaDbSetSecurityInfo0

Sets specified security information in the security descriptor of the IPsec security association database.
IPsecSaDestroyEnumHandle0

Frees a handle returned by IPsecSaCreateEnumHandle0.
IPsecSaEnum0

Returns the next page of results from the IPsec security association (SA) enumerator. (IPsecSaEnum0)
IPsecSaEnum1

Returns the next page of results from the IPsec security association (SA) enumerator. (IPsecSaEnum1)

Structures

 
FWP_BYTE_ARRAY16

Stores an array of exactly 16 bytes.
FWP_BYTE_ARRAY6

Stores an array of exactly 6 bytes. Reserved.
FWP_BYTE_BLOB

Stores an array containing a variable number of bytes.
FWP_CONDITION_VALUE0

Contains values that are used in filter conditions when testing for matching filters.
FWP_RANGE0

Specifies a range of values.
FWP_TOKEN_INFORMATION

The FWP_TOKEN_INFORMATION structure defines a set of security identifiers that are used for user-mode classification.
FWP_V4_ADDR_AND_MASK

Specifies IPv4 address and mask in host order.
FWP_V6_ADDR_AND_MASK

Specifies an IPv6 address and mask.
FWP_VALUE0

Defines a data value that can be one of a number of different data types.
FWPM_ACTION0

Specifies the action taken if all the filter conditions are true.
FWPM_CALLOUT_CHANGE0

Specifies a change notification dispatched to subscribers.
FWPM_CALLOUT_ENUM_TEMPLATE0

Used for limiting callout enumerations.
FWPM_CALLOUT_SUBSCRIPTION0

Used to subscribe for change notifications. (FWPM_CALLOUT_SUBSCRIPTION0)
FWPM_CALLOUT0

Stores the state associated with a callout.
FWPM_CLASSIFY_OPTION0

The FWPM_CLASSIFY_OPTION0 structure.
FWPM_CLASSIFY_OPTIONS0

The FWPM_CLASSIFY_OPTIONS0 structure is used to store FWPM_CLASSIFY_OPTION0 structures.
FWPM_CONNECTION_ENUM_TEMPLATE0

Used for limiting connection object enumerations.
FWPM_CONNECTION_SUBSCRIPTION0

Stores information used to subscribe to notifications about a connection object.
FWPM_CONNECTION0

Stores the state associated with a connection object.
FWPM_DISPLAY_DATA0

Stores an optional friendly name and an optional description for an object.
FWPM_FIELD0

Specifies schema information for a field.
FWPM_FILTER_CHANGE0

Stores change notification dispatched to subscribers.
FWPM_FILTER_CONDITION0

Expresses a filter condition that must be true for the action to be taken.
FWPM_FILTER_ENUM_TEMPLATE0

Is used for enumerating filters.
FWPM_FILTER_SUBSCRIPTION0

Is used to subscribe for change notifications.
FWPM_FILTER0

Stores the state associated with a filter.
FWPM_LAYER_ENUM_TEMPLATE0

Used for enumerating layers.
FWPM_LAYER_STATISTICS0

Stores statistics related to a layer.
FWPM_LAYER0

Schema information for a layer.
FWPM_NET_EVENT_CAPABILITY_ALLOW0

Contains information about network traffic allowed in relation to an app container network capability.
FWPM_NET_EVENT_CAPABILITY_DROP0

Contains information about network traffic dropped in relation to an app container network capability.
FWPM_NET_EVENT_CLASSIFY_ALLOW0

Contains information that describes allowed traffic as enforced by the WFP classify engine.
FWPM_NET_EVENT_CLASSIFY_DROP_MAC0

Contains information that describes a MAC layer drop failure.
FWPM_NET_EVENT_CLASSIFY_DROP0

Contains information that describes a layer drop failure. (FWPM_NET_EVENT_CLASSIFY_DROP0)
FWPM_NET_EVENT_CLASSIFY_DROP1

Contains information that describes a layer drop failure. (FWPM_NET_EVENT_CLASSIFY_DROP1)
FWPM_NET_EVENT_CLASSIFY_DROP2

Contains information that describes a layer drop failure. (FWPM_NET_EVENT_CLASSIFY_DROP2)
FWPM_NET_EVENT_ENUM_TEMPLATE0

Used for enumerating net events.
FWPM_NET_EVENT_HEADER0

Information common to all events.
FWPM_NET_EVENT_HEADER1

Information common to all events. Reserved.
FWPM_NET_EVENT_HEADER2

Contains information common to all events. (FWPM_NET_EVENT_HEADER2)
FWPM_NET_EVENT_HEADER3

Contains information common to all events. (FWPM_NET_EVENT_HEADER3)
FWPM_NET_EVENT_IKEEXT_EM_FAILURE0

The FWPM_NET_EVENT_IKEEXT_EM_FAILURE0 structure contains information that describes an IKE Extended Mode (EM) failure.Note  FWPM_NET_EVENT_IKEEXT_EM_FAILURE0 is the specific implementation of FWPM_NET_EVENT_IKEEXT_EM_FAILURE used in Windows Vista.
FWPM_NET_EVENT_IKEEXT_EM_FAILURE1

The FWPM_NET_EVENT_IKEEXT_EM_FAILURE1 structure contains information that describes an IKE Extended mode (EM) failure.Note  FWPM_NET_EVENT_IKEEXT_EM_FAILURE1 is the specific implementation of FWPM_NET_EVENT_IKEEXT_EM_FAILURE used in Windows 7 and later.
FWPM_NET_EVENT_IKEEXT_MM_FAILURE0

Contains information that describes an IKE/AuthIP Main Mode (MM) failure. (FWPM_NET_EVENT_IKEEXT_MM_FAILURE0)
FWPM_NET_EVENT_IKEEXT_MM_FAILURE1

Contains information that describes an IKE/AuthIP Main Mode (MM) failure. (FWPM_NET_EVENT_IKEEXT_MM_FAILURE1)
FWPM_NET_EVENT_IKEEXT_QM_FAILURE0

Contains information that describes an IKE/AuthIP Quick Mode (QM) failure.
FWPM_NET_EVENT_IKEEXT_QM_FAILURE1

Contains information that describes an IKE/AuthIP Quick Mode (QM) failure. FWPM_NET_EVENT_IKEEXT_QM_FAILURE0 is also available.
FWPM_NET_EVENT_IPSEC_DOSP_DROP0

Contains information that describes an IPsec DoS Protection drop event.
FWPM_NET_EVENT_IPSEC_KERNEL_DROP0

Contains information that describes an IPsec kernel drop event.
FWPM_NET_EVENT_LPM_PACKET_ARRIVAL0

Contains information that describes the IPSec Security Parameter Index (SPI) value.
FWPM_NET_EVENT_SUBSCRIPTION0

Stores information used to subscribe to notifications about a network event.
FWPM_NET_EVENT0

Contains information about all event types. (FWPM_NET_EVENT0)
FWPM_NET_EVENT1

Contains information about all event types. (FWPM_NET_EVENT1)
FWPM_NET_EVENT2

Contains information about all event types. (FWPM_NET_EVENT2)
FWPM_NET_EVENT3

Contains information about all event types. (FWPM_NET_EVENT3)
FWPM_NET_EVENT4

Contains information about all event types. FWPM_NET_EVENT3 and FWPM_NET_EVENT2 are available. For Windows 7, FWPM_NET_EVENT1 is available. For Windows Vista, FWPM_NET_EVENT0 is available.
FWPM_NET_EVENT5

Contains information about all event types. FWPM_NET_EVENT4, FWPM_NET_EVENT3, and FWPM_NET_EVENT2 are available. For Windows 7, FWPM_NET_EVENT1 is available. For Windows Vista, FWPM_NET_EVENT0 is available.
FWPM_NETWORK_CONNECTION_POLICY_SETTING0

Stores a type and value pair for a connection policy setting.
FWPM_NETWORK_CONNECTION_POLICY_SETTINGS0

Stores an array of FWPM_NETWORK_CONNECTION_POLICY_SETTING0 values, together with the number of elements in that array.
FWPM_PROVIDER_CHANGE0

Change notification dispatched to subscribers. (FWPM_PROVIDER_CHANGE0)
FWPM_PROVIDER_CONTEXT_CHANGE0

Change notification dispatched to subscribers. (FWPM_PROVIDER_CONTEXT_CHANGE0)
FWPM_PROVIDER_CONTEXT_ENUM_TEMPLATE0

Used for enumerating provider contexts.
FWPM_PROVIDER_CONTEXT_SUBSCRIPTION0

Used to subscribe for change notifications. (FWPM_PROVIDER_CONTEXT_SUBSCRIPTION0)
FWPM_PROVIDER_CONTEXT0

Stores the state associated with a provider context. (FWPM_PROVIDER_CONTEXT0)
FWPM_PROVIDER_CONTEXT1

Stores the state associated with a provider context. (FWPM_PROVIDER_CONTEXT1)
FWPM_PROVIDER_CONTEXT2

Stores the state associated with a provider context. (FWPM_PROVIDER_CONTEXT2)
FWPM_PROVIDER_CONTEXT3

Stores the state associated with a provider context. FWPM_PROVIDER_CONTEXT0, FWPM_PROVIDER_CONTEXT1, and FWPM_PROVIDER_CONTEXT2 are available.
FWPM_PROVIDER_ENUM_TEMPLATE0

Used for enumerating providers.
FWPM_PROVIDER_SUBSCRIPTION0

Used to subscribe for change notifications. (FWPM_PROVIDER_SUBSCRIPTION0)
FWPM_PROVIDER0

Stores the state associated with a policy provider.
FWPM_SESSION_ENUM_TEMPLATE0

Used for enumerating sessions.
FWPM_SESSION0

Stores the state associated with a client session.
FWPM_STATISTICS0

Stores statistics related to connections at specific layers.
FWPM_SUBLAYER_CHANGE0

Change notification dispatched to subscribers. (FWPM_SUBLAYER_CHANGE0)
FWPM_SUBLAYER_ENUM_TEMPLATE0

Is used for enumerating sublayers.
FWPM_SUBLAYER_SUBSCRIPTION0

Used to subscribe for change notifications. (FWPM_SUBLAYER_SUBSCRIPTION0)
FWPM_SUBLAYER0

Stores the state associated with a sublayer.
FWPM_SYSTEM_PORTS_BY_TYPE0

The FWPM_SYSTEM_PORTS_BY_TYPE0 structure.
FWPM_SYSTEM_PORTS0

The FWPM_SYSTEM_PORTS0 structure.
FWPM_VSWITCH_EVENT_SUBSCRIPTION0

Stores information used to subscribe to notifications about a vSwitch event.
FWPM_VSWITCH_EVENT0

Contains information about a vSwitch event.
FWPS_INCOMING_METADATA_VALUES0

Defines metadata values that the filter engine passes to a callout's classifyFn callout function.
IKEEXT_AUTHENTICATION_METHOD0

Specifies various parameters for IKE/AuthIP authentication.
IKEEXT_AUTHENTICATION_METHOD1

Specifies various parameters for IKE/Authip authentication. (IKEEXT_AUTHENTICATION_METHOD1)
IKEEXT_AUTHENTICATION_METHOD2

Specifies various parameters for IKE/Authip authentication. (IKEEXT_AUTHENTICATION_METHOD2)
IKEEXT_CERT_EKUS0

Contains information about the extended key usage (EKU) properties of a certificate.
IKEEXT_CERT_NAME0

Specifies certificate selection "subject" criteria for an authentication method.
IKEEXT_CERT_ROOT_CONFIG0

Stores the IKE, AuthIP, or IKEv2 certificate root configuration.
IKEEXT_CERTIFICATE_AUTHENTICATION0

Is used to specify various parameters for authentication with certificates. (IKEEXT_CERTIFICATE_AUTHENTICATION0)
IKEEXT_CERTIFICATE_AUTHENTICATION1

Is used to specify various parameters for authentication with certificates. (IKEEXT_CERTIFICATE_AUTHENTICATION1)
IKEEXT_CERTIFICATE_AUTHENTICATION2

Is used to specify various parameters for authentication with certificates. (IKEEXT_CERTIFICATE_AUTHENTICATION2)
IKEEXT_CERTIFICATE_CREDENTIAL0

Is used to store credential information specific to certificate authentication. (IKEEXT_CERTIFICATE_CREDENTIAL0)
IKEEXT_CERTIFICATE_CREDENTIAL1

Is used to store credential information specific to certificate authentication. (IKEEXT_CERTIFICATE_CREDENTIAL1)
IKEEXT_CERTIFICATE_CRITERIA0

Contains a set of criteria to applied to an authentication method.
IKEEXT_CIPHER_ALGORITHM0

Stores information about the IKE/AuthIP encryption algorithm.
IKEEXT_COMMON_STATISTICS0

Various statistics common to IKE and Authip. (IKEEXT_COMMON_STATISTICS0)
IKEEXT_COMMON_STATISTICS1

Various statistics common to IKE, Authip, and IKEv2.
IKEEXT_COOKIE_PAIR0

Used to store a pair of IKE/Authip cookies.
IKEEXT_CREDENTIAL_PAIR0

Is used to store credential information used for the authentication. (IKEEXT_CREDENTIAL_PAIR0)
IKEEXT_CREDENTIAL_PAIR1

Is used to store credential information used for the authentication. (IKEEXT_CREDENTIAL_PAIR1)
IKEEXT_CREDENTIAL_PAIR2

Is used to store credential information used for the authentication. (IKEEXT_CREDENTIAL_PAIR2)
IKEEXT_CREDENTIAL0

Is used to store credential information used for the authentication. (IKEEXT_CREDENTIAL0)
IKEEXT_CREDENTIAL1

Is used to store credential information used for the authentication. (IKEEXT_CREDENTIAL1)
IKEEXT_CREDENTIAL2

Is used to store credential information used for the authentication. (IKEEXT_CREDENTIAL2)
IKEEXT_CREDENTIALS0

Is used to store multiple credential pairs. (IKEEXT_CREDENTIALS0)
IKEEXT_CREDENTIALS1

Is used to store multiple credential pairs. (IKEEXT_CREDENTIALS1)
IKEEXT_CREDENTIALS2

Is used to store multiple credential pairs. (IKEEXT_CREDENTIALS2)
IKEEXT_EAP_AUTHENTICATION0

Stores information needed for Extensible Authentication Protocol (EAP) authentication.
IKEEXT_EM_POLICY0

Is used to store AuthIP's extended mode negotiation policy. (IKEEXT_EM_POLICY0)
IKEEXT_EM_POLICY1

Is used to store AuthIP's extended mode negotiation policy. (IKEEXT_EM_POLICY1)
IKEEXT_EM_POLICY2

Is used to store AuthIP's extended mode negotiation policy. (IKEEXT_EM_POLICY2)
IKEEXT_INTEGRITY_ALGORITHM0

Stores the IKE/AuthIP hash algorithm.
IKEEXT_IP_VERSION_SPECIFIC_COMMON_STATISTICS0

Various statistics common to IKE and Authip. (IKEEXT_IP_VERSION_SPECIFIC_COMMON_STATISTICS0)
IKEEXT_IP_VERSION_SPECIFIC_COMMON_STATISTICS1

Various statistics common to the keying module (IKE, Authip, and IKEv2).
IKEEXT_IP_VERSION_SPECIFIC_KEYMODULE_STATISTICS0

Various statistics specific to the keying module and IP version.
IKEEXT_IP_VERSION_SPECIFIC_KEYMODULE_STATISTICS1

Various statistics specific to the keying module (IKE, Authip, and IKEv2) and IP version.
IKEEXT_IPV6_CGA_AUTHENTICATION0

Is used to specify various parameters for IPV6 cryptographically generated address (CGA) authentication.
IKEEXT_KERBEROS_AUTHENTICATION0

Contains information needed for preshared key authentication. (IKEEXT_KERBEROS_AUTHENTICATION0)
IKEEXT_KERBEROS_AUTHENTICATION1

Contains information needed for preshared key authentication. (IKEEXT_KERBEROS_AUTHENTICATION1)
IKEEXT_KEYMODULE_STATISTICS0

Contains various statistics specific to the keying module. (IKEEXT_KEYMODULE_STATISTICS0)
IKEEXT_KEYMODULE_STATISTICS1

Contains various statistics specific to the keying module. (IKEEXT_KEYMODULE_STATISTICS1)
IKEEXT_NAME_CREDENTIAL0

Is used to store credential name information.
IKEEXT_NTLM_V2_AUTHENTICATION0

Contains information needed for Microsoft Windows NT LAN Manager (NTLM) V2 authentication.
IKEEXT_POLICY0

Is used to store the IKE/AuthIP main mode negotiation policy. (IKEEXT_POLICY0)
IKEEXT_POLICY1

Is used to store the IKE/AuthIP main mode negotiation policy. (IKEEXT_POLICY1)
IKEEXT_POLICY2

Is used to store the IKE/AuthIP main mode negotiation policy. (IKEEXT_POLICY2)
IKEEXT_PRESHARED_KEY_AUTHENTICATION0

Stores information needed for pre-shared key authentication. (IKEEXT_PRESHARED_KEY_AUTHENTICATION0)
IKEEXT_PRESHARED_KEY_AUTHENTICATION1

Stores information needed for pre-shared key authentication. (IKEEXT_PRESHARED_KEY_AUTHENTICATION1)
IKEEXT_PROPOSAL0

Is used to store an IKE/AuthIP main mode proposal.
IKEEXT_RESERVED_AUTHENTICATION0

Reserved for internal use.
IKEEXT_SA_DETAILS0

Is used to store information returned when enumerating IKE, AuthIP, or IKEv2 security associations (SAs).
IKEEXT_SA_DETAILS1

Is used to store information returned when enumerating IKE, AuthIP, and IKEv2 security associations (SAs). (IKEEXT_SA_DETAILS1)
IKEEXT_SA_DETAILS2

Is used to store information returned when enumerating IKE, AuthIP, and IKEv2 security associations (SAs). (IKEEXT_SA_DETAILS2)
IKEEXT_SA_ENUM_TEMPLATE0

Is an enumeration template used for enumerating IKE/AuthIP security associations (SAs).
IKEEXT_STATISTICS0

Stores various IKE/AuthIP statistics.
IKEEXT_STATISTICS1

Stores various IKE, AuthIP, and IKEv2 statistics.
IKEEXT_TRAFFIC0

Specifies the IKE/Authip traffic.
IPSEC_ADDRESS_INFO0

Is used to store mobile additional address information.
IPSEC_AGGREGATE_DROP_PACKET_STATISTICS0

Stores aggregate IPsec kernel packet drop statistics.Note  IPSEC_AGGREGATE_DROP_PACKET_STATISTICS0 is the specific implementation of IPSEC_AGGREGATE_DROP_PACKET_STATISTICS used in Windows Vista.
IPSEC_AGGREGATE_DROP_PACKET_STATISTICS1

Stores aggregate IPsec kernel packet drop statistics.
IPSEC_AGGREGATE_SA_STATISTICS0

Stores aggregate IPsec kernel security association (SA) statistics.
IPSEC_AH_DROP_PACKET_STATISTICS0

Stores IPsec AH drop packet statistics.
IPSEC_AUTH_AND_CIPHER_TRANSFORM0

Is used to store hash and encryption specific information together for an SA transform in an IPsec quick mode policy.
IPSEC_AUTH_TRANSFORM_ID0

Is used to uniquely identify the hash algorithm used in an IPsec security association (SA).
IPSEC_AUTH_TRANSFORM0

Specifies hash specific information for an SA transform.
IPSEC_CIPHER_TRANSFORM_ID0

Specifies information used to uniquely identify the encryption algorithm used in an IPsec SA.
IPSEC_CIPHER_TRANSFORM0

Is used to store encryption specific information for an SA transform in an IPsec quick mode policy.
IPSEC_DOSP_OPTIONS0

Used to store configuration parameters for IPsec DoS Protection.
IPSEC_DOSP_STATE_ENUM_TEMPLATE0

The IPSEC_DOSP_STATE_ENUM_TEMPLATE0 structure.
IPSEC_DOSP_STATE0

Used to store state information for IPsec DoS Protection.
IPSEC_DOSP_STATISTICS0

The IPSEC_DOSP_STATISTICS0 structure.
IPSEC_ESP_DROP_PACKET_STATISTICS0

Stores ESP drop packet statistics.
IPSEC_GETSPI0

The IPSEC_GETSPI0 structure contains information that must be supplied when requesting a security parameter index (SPI) from the IPsec driver.Note  IPSEC_GETSPI0 is the specific implementation of IPSEC_GETSPI used in Windows Vista.
IPSEC_GETSPI1

The IPSEC_GETSPI1 structure contains information that must be supplied when requesting a security parameter index (SPI) from the IPsec driver.Note  IPSEC_GETSPI1 is the specific implementation of IPSEC_GETSPI used in Windows 7 and later.
IPSEC_ID0

Contains information corresponding to identities that are authenticated by IPsec.
IPSEC_KEY_MANAGER_CALLBACKS0

Specifies the set of callbacks which should be invoked by IPsec at various stages of SA negotiation.
IPSEC_KEY_MANAGER0

Used to register key management callbacks with IPsec.
IPSEC_KEYING_POLICY0

Defines an unordered set of keying modules that will be tried for IPsec. (IPSEC_KEYING_POLICY0)
IPSEC_KEYING_POLICY1

Defines an unordered set of keying modules that will be tried for IPsec. (IPSEC_KEYING_POLICY1)
IPSEC_KEYMODULE_STATE0

Stores Internet Protocol Security (IPsec) keying module specific information.
IPSEC_PROPOSAL0

Used to store an IPsec quick mode proposal.
IPSEC_SA_AUTH_AND_CIPHER_INFORMATION0

Stores information about the authentication and encryption algorithms of an IPsec security association (SA).
IPSEC_SA_AUTH_INFORMATION0

Stores information about the authentication algorithm of an IPsec security association (SA).
IPSEC_SA_BUNDLE0

Is used to store information about an IPsec security association (SA) bundle. (IPSEC_SA_BUNDLE0)
IPSEC_SA_BUNDLE1

Is used to store information about an IPsec security association (SA) bundle. (IPSEC_SA_BUNDLE1)
IPSEC_SA_CIPHER_INFORMATION0

Stores information about the encryption algorithm of an IPsec security association (SA).
IPSEC_SA_CONTEXT_CHANGE0

Contains information about an IPsec security association (SA) context change.
IPSEC_SA_CONTEXT_ENUM_TEMPLATE0

Enumeration template used to enumerate security association (SA) contexts.
IPSEC_SA_CONTEXT_SUBSCRIPTION0

Stores information used to subscribe to notifications about a particular IPsec security association (SA) context.
IPSEC_SA_CONTEXT0

Encapsulates an inbound and outbound SA pair.
IPSEC_SA_CONTEXT1

Encapsulates an inbound and outbound security association (SA) pair.
IPSEC_SA_DETAILS0

Is used to store information returned when enumerating IPsec security associations (SAs). (IPSEC_SA_DETAILS0)
IPSEC_SA_DETAILS1

Is used to store information returned when enumerating IPsec security associations (SAs). (IPSEC_SA_DETAILS1)
IPSEC_SA_ENUM_TEMPLATE0

Specifies a template used for restricting the enumeration of IPsec security associations (SAs).
IPSEC_SA_IDLE_TIMEOUT0

The security association (SA) idle timeout in IPsec policy.
IPSEC_SA_LIFETIME0

Stores the lifetime in seconds/kilobytes/packets for an IPsec security association (SA).
IPSEC_SA_TRANSFORM0

Is used to store an IPsec security association (SA) transform in an IPsec quick mode policy.
IPSEC_SA0

Is used to store information about an IPsec security association (SA).
IPSEC_STATISTICS0

Is the top-level of the IPsec statistics structures. (IPSEC_STATISTICS0)
IPSEC_STATISTICS1

Is the top-level of the IPsec statistics structures. (IPSEC_STATISTICS1)
IPSEC_TOKEN0

Various information about an IPsec-specific access token.
IPSEC_TRAFFIC_STATISTICS0

Stores IPsec traffic statistics. (IPSEC_TRAFFIC_STATISTICS0)
IPSEC_TRAFFIC_STATISTICS1

Stores IPsec traffic statistics. (IPSEC_TRAFFIC_STATISTICS1)
IPSEC_TRAFFIC0

Specifies parameters to describe IPsec traffic. (IPSEC_TRAFFIC0)
IPSEC_TRAFFIC1

Specifies parameters to describe IPsec traffic. (IPSEC_TRAFFIC1)
IPSEC_TRANSPORT_POLICY0

Stores the quick mode negotiation policy for transport mode IPsec. (IPSEC_TRANSPORT_POLICY0)
IPSEC_TRANSPORT_POLICY1

Stores the quick mode negotiation policy for transport mode IPsec. (IPSEC_TRANSPORT_POLICY1)
IPSEC_TRANSPORT_POLICY2

Stores the quick mode negotiation policy for transport mode IPsec. (IPSEC_TRANSPORT_POLICY2)
IPSEC_TUNNEL_ENDPOINT0

Used to store address information for an end point of a tunnel mode SA.
IPSEC_TUNNEL_ENDPOINTS0

Is used to store end points of a tunnel mode SA. (IPSEC_TUNNEL_ENDPOINTS0)
IPSEC_TUNNEL_ENDPOINTS1

Is used to store end points of a tunnel mode SA. (IPSEC_TUNNEL_ENDPOINTS1)
IPSEC_TUNNEL_ENDPOINTS2

Is used to store end points of a tunnel mode SA. (IPSEC_TUNNEL_ENDPOINTS2)
IPSEC_TUNNEL_POLICY0

Stores the quick mode negotiation policy for tunnel mode IPsec. (IPSEC_TUNNEL_POLICY0)
IPSEC_TUNNEL_POLICY1

Stores the quick mode negotiation policy for tunnel mode IPsec. (IPSEC_TUNNEL_POLICY1)
IPSEC_TUNNEL_POLICY2

Stores the quick mode negotiation policy for tunnel mode IPsec. (IPSEC_TUNNEL_POLICY2)
IPSEC_V4_UDP_ENCAPSULATION0

Stores the User Datagram Protocol (UDP) encapsulation ports for Encapsulating Security Payload (ESP) encapsulation.
IPSEC_VIRTUAL_IF_TUNNEL_INFO0

Is used to store information specific to virtual interface tunneling.