This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 44%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Trying to add filter rules ( this works when it is dynamic , i.e. flags=0 ) but causes error for trying to do PERSISTENT rules.
All of this from user mode
FWP_E_LIFETIME_MISMATCH
0x80320016
The call tried to associate two objects with incompatible lifetimes.
TIA
prokash
Could you please show a minimal, reproducible sample?
Code given below
As a side note --
I was looking at WFPSampler , and was able to build from Windows driver sample ~\network\trans\
But when I try to debug using MSVC 15 update 3, I get a signature problem of the binary ( exe ), using Windows 10 .
The example does have something for Persistent Addition of rules ( But a stand alone example would be better to understand tho )...
Example I'm trying to follow ( Any help on this )
_enter code here
Success(return == NO_ERROR)
UINT32 PrvScenarioBasicActionAddFwpmObjects(In const FWPM_FILTER* pFilter,
In FWP_ACTION_TYPE actionType = 0,
_In_opt_ const PC_BASIC_ACTION_DATA* pPCBasicActionData = 0)
According to the issue, It is more related to Windows Driver Kit, I will help you add the windows-hardware-wdk tag, and there will be more professional engineers to help you.
Not clear why it is related to driver...
The exe can not be loaded. Not the device open. Also it's not linked with driver, so why u saying this ?
Not sure why ?
Trying to execute the exe. Its not linked with driver ?
fwpFilter.action.type = (permitOrBlock ? FWP_ACTION_PERMIT : FWP_ACTION_BLOCK);
if (isIpV4)
fwpFilter.layerKey = (directionInOrOut ? FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4 : FWPM_LAYER_ALE_AUTH_CONNECT_V4);
else
fwpFilter.layerKey = (directionInOrOut ? FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6 : FWPM_LAYER_ALE_AUTH_CONNECT_V6);
fwpFilter.subLayerKey = CT_SUBLAYER_GUID;
//fwpFilter.providerKey = (LPGUID)&GUID_WfpProvider;
fwpFilter.weight.type = FWP_EMPTY; // auto-weight.
fwpFilter.numFilterConditions = numConds;
if (numConds > 0)
fwpFilter.filterCondition = conds;
fwpFilter.displayData.name = const_cast <wchar_t *>(wstrRuleName.c_str() );
fwpFilter.displayData.description = const_cast <wchar_t *>(wstrRuleDescription.c_str());
LGMLOG(INFO, "fwpFilter settings OK ... ");
switch (type)
{
case RuleType::Boottime: //only for kernel mode
LGMLOG(INFO, "CFirewallOpWFP::ConfigureWfp() fwpFilter.flags Boottime ");
fwpFilter.flags |= FWPM_FILTER_FLAG_BOOTTIME;
break;
case RuleType::Persistent: // too many such rules make BFE instable
LGMLOG(INFO, "CFirewallOpWFP::ConfigureWfp() fwpFilter.flags Persistent ");
fwpFilter.flags |= FWPM_FILTER_FLAG_PERSISTENT;
break;
case RuleType::Static: // This is what we will have
LGMLOG(INFO, "CFirewallOpWFP::ConfigureWfp() fwpFilter.flags Static ");
//fwpFilter.flags = (FWPM_FILTER_FLAG_NONE | FWPM_FILTER_FLAG_INDEXED);
fwpFilter.flags |= FWPM_FILTER_FLAG_NONE;
break;
}
LGMLOG(INFO, "CFirewallOpWFP::ConfigureWfp() Before FwpmFilterAdd0() ");
try {
result = FwpmFilterAdd0(mEngineHandle, &fwpFilter, NULL, &o_ruleLuid);
}
catch (...) {
LGMLOG(INFO, " CFirewallOpWFP::ConfigureWfp() FwpmFilterAdd0() raising exceptions...");
}