次の方法で共有


2.2.27 FW_ENFORCEMENT_STATE

This enumeration is part of the metadata information. It provides information about whether or not the policy expressed by an object is currently being enforced by the server.

 typedef  enum _tag_FW_ENFORCEMENT_STA
 {
   FW_ENFORCEMENT_STATE_INVALID = 0,
   FW_ENFORCEMENT_STATE_FULL = 1,
   FW_ENFORCEMENT_STATE_WF_OFF_IN_PROFILE = 2,
   FW_ENFORCEMENT_STATE_CATEGORY_OFF = 3,
   FW_ENFORCEMENT_STATE_DISABLED_OBJECT = 4,
   FW_ENFORCEMENT_STATE_INACTIVE_PROFILE = 5,
   FW_ENFORCEMENT_STATE_LOCAL_ADDRESS_RESOLUTION_EMPTY = 6,
   FW_ENFORCEMENT_STATE_REMOTE_ADDRESS_RESOLUTION_EMPTY = 7,
   FW_ENFORCEMENT_STATE_LOCAL_PORT_RESOLUTION_EMPTY = 8,
   FW_ENFORCEMENT_STATE_REMOTE_PORT_RESOLUTION_EMPTY = 9,
   FW_ENFORCEMENT_STATE_INTERFACE_RESOLUTION_EMPTY = 10,
   FW_ENFORCEMENT_STATE_APPLICATION_RESOLUTION_EMPTY = 12,
   FW_ENFORCEMENT_STATE_REMOTE_MACHINE_EMPTY = 12,
   FW_ENFORCEMENT_STATE_REMOTE_USER_EMPTY = 13,
   FW_ENFORCEMENT_STATE_LOCAL_GLOBAL_OPEN_PORTS_DISALLOWED = 14,
   FW_ENFORCEMENT_STATE_LOCAL_AUTHORIZED_APPLICATIONS_DISALLOWED = 15,
   FW_ENFORCEMENT_STATE_LOCAL_FIREWALL_RULES_DISALLOWED = 16,
   FW_ENFORCEMENT_STATE_LOCAL_CONSEC_RULES_DISALLOWED = 17,
   FW_ENFORCEMENT_STATE_MISMATCHED_PLATFORM = 18,
   FW_ENFORCEMENT_STATE_OPTIMIZED_OUT = 19,
   FW_ENFORCEMENT_STATE_LOCAL_USER_EMPTY = 20,
   FW_ENFORCEMENT_STATE_TRANSPORT_MACHINE_SD_EMPTY = 21,
   FW_ENFORCEMENT_STATE_TRANSPORT_USER_SD_EMPTY = 22,
   FW_ENFORCEMENT_STATE_TUPLE_RESOLUTION_EMPTY = 23,
   FW_ENFORCEMENT_STATE_DUPLICATE = 24,
   FW_ENFORCEMENT_STATE_MAX = 25
 } FW_ENFORCEMENT_STATE;

FW_ENFORCEMENT_STATE_INVALID:  This value is invalid and MUST NOT be used by the server. It is defined for simplicity in writing IDL definitions and code. This symbolic constant has a value of 0.

FW_ENFORCEMENT_STATE_FULL:  The object is being enforced. This symbolic constant has a value of 1.

FW_ENFORCEMENT_STATE_WF_OFF_IN_PROFILE:  The object is not being enforced because the firewall and advanced security component is not active in a profile where the object is meant to be applied. This symbolic constant has a value of 2.

FW_ENFORCEMENT_STATE_CATEGORY_OFF:  The object is not being enforced because a third-party software component registered with the firewall and advanced security component to own the functionality that the object is meant to perform. This symbolic constant has a value of 3.

FW_ENFORCEMENT_STATE_DISABLED_OBJECT:  The object is not being enforced because the object is disabled. This symbolic constant has a value of 4.

FW_ENFORCEMENT_STATE_INACTIVE_PROFILE:  The object is not being enforced because at least one of the profiles that the object is meant to be applied to is not currently active. This symbolic constant has a value of 5.

FW_ENFORCEMENT_STATE_LOCAL_ADDRESS_RESOLUTION_EMPTY:  The object is not being enforced because the local address condition of the object contains a keyword that resolves to an empty set. This symbolic constant has a value of 6.

FW_ENFORCEMENT_STATE_REMOTE_ADDRESS_RESOLUTION_EMPTY:  The object is not being enforced because the remote address condition of the object contains a keyword that resolves to an empty set. This symbolic constant has a value of 7.

FW_ENFORCEMENT_STATE_LOCAL_PORT_RESOLUTION_EMPTY:  The object is not being enforced because the local port condition of the object contains a keyword that resolves to an empty set. This symbolic constant has a value of 8.

FW_ENFORCEMENT_STATE_REMOTE_PORT_RESOLUTION_EMPTY:  The object is not being enforced because the remote port condition of the object contains a keyword that resolves to an empty set. This symbolic constant has a value of 9.

FW_ENFORCEMENT_STATE_INTERFACE_RESOLUTION_EMPTY:  The object is not being enforced because the interface condition of the object contains a keyword that resolves to an empty set. This symbolic constant has a value of 10.

FW_ENFORCEMENT_STATE_APPLICATION_RESOLUTION_EMPTY:  The object is not being enforced because the application condition of the object contains a path that could not resolve to a valid file system path. This symbolic constant has a value of 11.

FW_ENFORCEMENT_STATE_REMOTE_MACHINE_EMPTY:  The object is not being enforced because the remote machine condition of the object contains an SDDL with a security identifier (SID) that is not currently available on the host. This symbolic constant has a value of 12.

FW_ENFORCEMENT_STATE_REMOTE_USER_EMPTY:  The object is not being enforced because the remote user condition of the object contains an SDDL with a SID that is not currently available on the host. This symbolic constant has a value of 13.

FW_ENFORCEMENT_STATE_LOCAL_GLOBAL_OPEN_PORTS_DISALLOWED:  The object is not being enforced because the FW_PROFILE_CONFIG_AUTH_APPS_ALLOW_USER_PREF_MERGE configuration option (see section 2.2.38 for more details) from a profile that the object applied to, disallowed its use. This symbolic constant has a value of 14.

FW_ENFORCEMENT_STATE_LOCAL_AUTHORIZED_APPLICATIONS_DISALLOWED:  The object is not being enforced because the FW_PROFILE_CONFIG_GLOBAL_PORTS_ALLOW_USER_PREF_MERGE configuration option (see section 2.2.38 for more details) from a profile that the object applied to, disallowed its use. This symbolic constant has a value of 15.

FW_ENFORCEMENT_STATE_LOCAL_FIREWALL_RULES_DISALLOWED:  The object is not being enforced because the FW_PROFILE_CONFIG_ALLOW_LOCAL_POLICY_MERGE configuration option (see section 2.2.38 for more details) from a profile that the object applied to, disallowed its use. This symbolic constant has a value of 16.

FW_ENFORCEMENT_STATE_LOCAL_CONSEC_RULES_DISALLOWED:  The object is not being enforced because the FW_PROFILE_CONFIG_ALLOW_LOCAL_IPSEC_POLICY_MERGE configuration option (see section 2.2.38 for more details) from a profile that the object applied to, disallowed its use. This symbolic constant has a value of 17.

FW_ENFORCEMENT_STATE_MISMATCHED_PLATFORM:  The object is not being enforced because the platform validity condition does not match the current platform of the host. This symbolic constant has a value of 18.

FW_ENFORCEMENT_STATE_OPTIMIZED_OUT:  The object is not being enforced because the firewall and advanced security component determined that the object-implemented functionality is irrelevant (would not change or affect what traffic is allowed or permitted) at the current time. Therefore, the component optimized out the irrelevant functionality and ignored it. This is a pure optimization. This symbolic constant has a value of 19.

FW_ENFORCEMENT_STATE_LOCAL_USER_EMPTY:  The object is not being enforced, because the local user condition of the object contains an SDDL with a SID that is not currently available on the host. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. This symbolic constant has a value of 20.

FW_ENFORCEMENT_STATE_TRANSPORT_MACHINE_SD_EMPTY:  The object is not being enforced because the IPsec transport mode machine authorization list contains an SDDL with a SID that is not currently available on the host. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. This symbolic constant has a value of 21.

FW_ENFORCEMENT_STATE_TRANSPORT_USER_SD_EMPTY:  The object is not being enforced, because the IPsec transport mode user authorization list contains an SDDL with a SID that is not currently available on the host. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. This symbolic constant has a value of 22.

FW_ENFORCEMENT_STATE_TUPLE_RESOLUTION_EMPTY:  The object is not being enforced, because the trust tuple keywords resolve to an empty set. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. This symbolic constant has a value of 23.

FW_ENFORCEMENT_STATE_DUPLICATE: This object is not enforced because the Firewall and Advanced Security component determined that the object is a duplicate of an already enforced object and is therefore irrelevant, as it would not change or affect traffic that is otherwise allowed or permitted. Therefore, the component essentially optimized-out the irrelevant functionality by ignoring it. This is a pure optimization. This symbolic constant has a value of 24.

FW_ENFORCEMENT_STATE_MAX:  This value and values that exceed this value are not valid and MUST NOT be used. It is defined for simplicity in writing IDL definitions and code. This symbolic constant has a value of 25.