次の方法で共有


3.1.4.33 RRPC_FWAddMainModeRule (Opnum 32)

The RRPC_FWAddMainModeRule (Opnum 32) method requests the server to add the main mode rule in the policy contained in the policy store referenced by the specified opened policy store handle. The only method supported is binary version 0x020A.

 unsigned long RRPC_FWAddMainModeRule(
   [in] FW_CONN_HANDLE rpcConnHandle,
   [in] FW_POLICY_STORE_HANDLE hPolicy,
   [in] PFW_MM_RULE pMMRule,
   [out] FW_RULE_STATUS* pStatus
 );

rpcConnHandle: This parameter is an RPC binding handle that connects to the RPC interface of the Firewall and Advanced Security Protocol.

hPolicy: This input parameter is an FW_POLICY_STORE_HANDLE data type. The data type MUST contain an opened policy store handle, successfully opened with the RRPC_FWOpenPolicyStore (Opnum 0) method. This handle MUST be of the FW_STORE_TYPE_DYNAMIC store.

pMMRule: This parameter represents the main mode rule that the client adds in the store. The rule MUST be valid, as specified in the definition of the FW_MM_RULE data type.

pStatus: This is an output parameter that on return will have the status code of the rule.

Return Values: The method returns 0 if successful; if failed, it returns a nonzero error code. The field can take any specific error code value, as specified in [MS-ERREF]. The following return values are common.

Return value/code

Description

0x00000005

ERROR_ACCESS_DENIED

The client does not have the required credentials to call the method.

0x000000B7

ERROR_ALREADY_EXISTS

The specified rule has a rule ID that already exists in the specified store.

0x00000057

ERROR_INVALID_PARAMETER

One of the parameters of this method either is incorrect, or is required and not specified.

Exceptions Thrown: No exceptions are thrown beyond those thrown by the underlying RPC protocol, as specified in [MS-RPCE]. If any lower-layer errors are reported by RPC exception, this exception is converted to an error code and reported to higher-layer protocols via the return value.

The server MUST validate that the client is authorized to perform the requested operation (as defined in section 3.1.4) before executing this method.