Share via

IFWXSession::EmulateClientBind method

  • Article

Applies to: desktop apps only

The EmulateClientBound method allows a client that did not create a remote bind to receive a primary inbound connection.

Syntax

HRESULT EmulateClientBind(
  [in]   LPSOCKADDR ClientAddress,
  [in]   DWORD ClientAddressLength,
  [in]   LPSOCKADDR ProxyAddress,
  [in]   DWORD ProxyAddressLength,
  [in]   INT Protocol,
  [in]   REFGUID ProtocolGuid,
  [out]  IFWXConnection **piConnection,
  [in]   BOOL fInternalAddressTranslation
);

Parameters

  • ClientAddress [in]
    Pointer to a sockaddr structure that contains the address that the client used.

  • ClientAddressLength [in]
    Length, in bytes, of the ClientAddress parameter.

  • ProxyAddress [in]
    Pointer to a sockaddr structure that contains the address to which the filter is to emulate a bind. This is usually an external IP address of the Forefront TMG computer and a specific port number. The EmulateClientBind method does not actually bind to that address. The address is used for the bind event generated.

  • ProxyAddressLength [in]
    Length, in bytes, of the ProxyAddress parameter.

  • Protocol [in]
    Protocol flag. This parameter can have the following flag values:

    Value Meaning
    FWX_PROTOCOL_TCP

    The request is for a TCP socket.
    FWX_PROTOCOL_UDP

    The request is for a UDP socket.

     

  • ProtocolGuid [in]
    GUID identifying the protocol that the connection is part of.

  • piConnection [out]
    Address of an interface pointer that on return points to the resulting IFWXConnection interface.

  • fInternalAddressTranslation [in]
    Boolean value that indicates whether the translation of external addresses to internal addresses is to be enabled for the inbound connection.

Return value

This method returns S_OK if the call is successful; otherwise, it returns an error code.

Remarks

This method should be called by a filter whose purpose is to enable a specific protocol. The filter uses this method when it needs to forward a primary connection made from an external source to a local computer that did not make a remote bind through the Microsoft Firewall service. For example, this could be a local computer that does not have Forefront TMG Client or Firewall Client installed and enabled.

This method will usually be called by a filter that is listening on some well-known port when it receives a connection. The filter decides (based on the source address, data exchange with the caller, a hard-coded address, and so on) that this call should be forwarded to some internal client.

The filter cannot use the BindForClient method because the well-known port is already in use and the connection was already made.

This method creates a connection object on which the caller can call the IFWXConnection::EmulateConnection method and forward the connection to the client.

Like other bind requests, any filter registered for the fwx_Bind_* events is notified about this bind and has an opportunity to deny it. It may also install a data filter. Other filters cannot emulate this bind because the caller is already emulating it.

Requirements

Minimum supported client

 None supported

Minimum supported server

 Windows Server 2008 R2, Windows Server 2008 with SP2 (64-bit only)

Version

 Forefront Threat Management Gateway (TMG) 2010

Header

 Wspfwext.idl

DLL

 Wspsrv.exe

See also

IFWXSession

IFWXConnection::EmulateConnection

IFWXSession::BindForClient

 

 

Build date: 7/12/2010