Share via

WFP duplicate rules

Prokash Sinha 81 Reputation points
2022-02-09T15:30:23.35+00:00

Does the BFE engine or ( overall firewall engine) handles duplicate rules by throwing replications, if accidentally add a specific rule multiple times ?

Thanks,
Prokash

Windows API - Win32
Windows API - Win32
A core set of Windows application programming interfaces (APIs) for desktop and server applications. Previously known as Win32 API.
2,523 questions
0 comments
Accepted answer
  1. Jeanine Zhang-MSFT 9,431 Reputation points Microsoft Vendor
    2022-02-10T02:02:00.93+00:00

    Hi,

    Welcome to Microsoft Q&A!

    For more details about the logic built into the Windows Filtering Platform (WFP), I suggest you could refer to the Doc: Filter Arbitration

    Does the BFE engine or ( overall firewall engine) handles duplicate rules by throwing replications, if accidentally add a specific rule multiple times ?

    Every filter in the Windows Filtering Platform (WFP) has an associated weight, which is used during filter arbitration. For example: The filter weight used by the Base Filtering Engine (BFE) is of type FWP_UINT64.

    When two or more callouts are registered at the same sublayer, problems may occur when the same weight is assigned to the filters. This issue can be prevented by having callouts create their own sublayer by using FwpmSubLayerAdd0.

    For more details, I suggest you could refer to the Doc: Filter Weight Assignment

    Regarding duplication , As far as I'm concerned that's ok as long as the filter weights in the sublayer are not duplicated.

    Best Regards,

    Jeanine

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest