windows filtering platform wfp established rule

mikle shild 1 Reputation point
2022-09-26T13:59:06.517+00:00

Hi.
I'm new in WFP (Windows filtering platform) and I have some questions. Any body can help me?

  1. I want to block all packets and permit established connection which permit every packet related to established connection. but i didn't know which filters make this rule?
    for example I create two filters with layer: FWPM_LAYER_OUTBOUND_TRANSPORT_V4 and FWPM_LAYER_INBOUND_TRANSPORT_V4 which Block packets and create 3rd filter with layer: FWPM_LAYER_ALE_AUTH_CONNECT_V4 and FWPM_LAYER_ALE_AUTH_RECV_V4 with Permit action! but all packets blocked.
    any body know how to create this rule?
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,264 questions
Windows API - Win32
Windows API - Win32
A core set of Windows application programming interfaces (APIs) for desktop and server applications. Previously known as Win32 API.
2,446 questions
Windows Network
Windows Network
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Network: A group of devices that communicate either wirelessly or via a physical connection.
664 questions
{count} votes