次の方法で共有


3.1.4.71 RRPC_FWAddFirewallRule2_24 (Opnum 70)

The RRPC_FWAddFirewallRule2_24 method requests the server to add the specified firewall rule in the policy contained in the policy store that is referenced by the handle specified in the hPolicyStore parameter. The method is only supported for binary version 0x0218.

 DWORD RRPC_FWAddFirewallRule2_24(
   [in] FW_CONN_HANDLE rpcConnHandle,
   [in] FW_POLICY_STORE_HANDLE hPolicyStore,
   [in] PFW_RULE2_24 pRule,
   [out] FW_RULE_STATUS* pStatus
 );

rpcConnHandle: An RPC binding handle that connects to the RPC interface of the Firewall and Advanced Security Protocol.

hPolicyStore: An input parameter that is an FW_POLICY_STORE_HANDLE data type. This parameter MUST contain an opened policy store handle, successfully opened with the RRPC_FWOpenPolicyStore (Opnum 0) method (section 3.1.4.1). The handle MUST have read/write access rights.

pRule: Represents the firewall rule that the client adds to the store. The rule MUST be a valid rule, as specified in the definition of the FW_RULE2_24 data type.

pStatus: An output parameter that is the status code of the rule, as specified by the FW_RULE_STATUS enumeration. This field is filled out on return.

Return Values: The method returns 0 if successful; if it fails, it returns a nonzero error code. The field can take any specific error code value, as specified in [MS-ERREF]. The following return values are common.

Return value/code

Description

0x000000B7

ERROR_ALREADY_EXISTS

The specified rule has a rule ID that already exists in the specified store.

0x00000032

ERROR_NOT_SUPPORTED

The specified store does not support this method; the store might be read-only.

0x00000005

ERROR_ACCESS_DENIED

The hPolicyStore handle was not opened with read/write access rights. This error is also returned if the client does not have the required credentials to call the method.

0x00000057

ERROR_INVALID_PARAMETER

One of the parameters of this method is incorrect, or is required but not specified. This error can be returned in the following cases:

- The pRule object did not pass the firewall rule validations specified in the definition of the FW_RULE data type.

- One of the required values is not specified.

- A policy store does not support rules with profile conditions other than ALL profiles.

- The wszLocalApplication member of the rule contains a string that, at enforcement time, does not represent a valid file path.

Exceptions Thrown: No exceptions are thrown beyond those thrown by the underlying RPC protocol, as specified in [MS-RPCE]. If any lower-layer errors are reported by RPC exception, this exception is converted to an error code and reported to higher-layer protocols via the return value.

This method adds a firewall rule in the firewall linked list of the memory representation of the store being modified. It also writes through and saves the rule on disk. If called on an online store, the firewall rule is also enforced.

The server MUST validate that the client is authorized to perform the requested operation (as defined in section 3.1.4) before executing this method.