共用方式為


3.1.4.45 RRPC_FWGetConfig2_10 (Opnum 45)

The RRPC_FWGetConfig2_10 (Opnum 45) method retrieves the value of a profile configuration option. The client specifies to the server from which store and profile this value MUST be retrieved and in which specific configuration option it is interested. The method is only supported for binary versions 0x020A and 0x0214.

 unsigned long RRPC_FWGetConfig2_10(
   [in] FW_CONN_HANDLE rpcConnHandle,
   [in] FW_POLICY_STORE_HANDLE hPolicyStore,
   [in, range(FW_GLOBAL_CONFIG_INVALID+1, FW_GLOBAL_CONFIG_MAX-1)] 
     FW_GLOBAL_CONFIG configID,
   [in] FW_PROFILE_TYPE Profile,
   [in] unsigned long dwFlags,
   [in, out, unique, size_is(cbData), length_is(*pcbTransmittedLen)] 
     BYTE* pBuffer,
   [in] unsigned long cbData,
   [in, out] unsigned long* pcbTransmittedLen,
   [out] unsigned long* pcbRequired,
   [out] FW_RULE_ORIGIN_TYPE* pOrigin
 );

rpcConnHandle: This parameter is an RPC binding handle that connects to the RPC interface of the Firewall and Advanced Security Protocol.

hPolicyStore: This input parameter is an FW_POLICY_STORE_HANDLE data type. The data type MUST contain an opened policy store handle, successfully opened with the RRPC_FWOpenPolicyStore (Opnum 0) method. The handle MUST have read/write access rights.

configID: This parameter specifies the specific global policy configuration option that the client is interested in retrieving.

Profile: This parameter specifies from which specific profile this value MUST be retrieved.

dwFlags: This parameter is a combination of flags from the FW_CONFIG_FLAGS enumeration, which modifies the behavior of this method, as specified in the definition of the enumeration.

pBuffer: This is an input/output parameter. This parameter is a pointer to the buffer that the client provides to contain the value of the profile configuration option being requested.

cbData: This parameter is the size of the buffer to which the pBuffer parameter points.

pcbTransmittedLen: This is a pointer to an input and output parameter that specifies the length of the transmitted data within the buffer.

pcbRequired: This is a pointer to an output parameter that specifies the required minimum buffer size, in octets, for the method to be able to return the configuration value. This output parameter is nonzero only if the buffer (pointed to by pBuffer and whose size is cbData) was not big enough to contain the value.

pOrigin: This field is the origin of the configuration option, as specified in the FW_RULE_ORIGIN_TYPE enumeration. On success, it MUST be filled.

Return Values: The method returns 0 if successful; if it fails, it returns a nonzero error code. The field can take any specific error code value, as specified in [MS-ERREF]. The following return values are common.

Return value/code

Description

0x00000005

ERROR_ACCESS_DENIED

The client does not have the required credentials to call the method.

0x00000002

ERROR_FILE_NOT_FOUND

The specific configuration option is not found within the policy. This means that it is not configured. If the option is not configured in any other store, the firewall uses a default value.

0x00000032

ERROR_NOT_SUPPORTED

The store type specified does not support this method.

0x000000EA

ERROR_MORE_DATA

The buffer is not big enough to hold the configuration option value.

0x00000057

ERROR_INVALID_PARAMETER

One of the parameters of this method either is incorrect, or is required and not specified. This error can be returned because:

  • The specific configuration option is not meant to be available in the specified store.

  • The specified configuration option is not defined.

  • One of the required values is not specified.

  • The buffer is not big enough to hold the specific value.

Exceptions Thrown: No exceptions are thrown beyond those thrown by the underlying RPC protocol, as specified in [MS-RPCE]. If any lower-layer errors are reported by RPC exception, this exception is converted to an error code and reported to higher-layer protocols via the return value.

The server MUST validate that the client is authorized to perform the requested operation (as defined in section 3.1.4) before executing this method.