IFWXSession::HostAccessCheck method
Applies to: desktop apps only
The HostAccessCheck method checks the permission of the session user to access a specified host, by using the access rules.
Syntax
HRESULT HostAccessCheck(
[in] REFGUID FilterGuid,
[in] REFGUID ProtocolGuid,
[in] LPHOSTENT Hostent,
[in] USHORT SrcPort,
[in] LPCSTR pszPath,
[in] LPCSTR pszMime,
[in, optional] DWORD dwFlags,
[in] IUnknown **ProcessedRulesData
);
Parameters
FilterGuid [in]
Reference to the GUID identifying the filter that the connection is part of.ProtocolGuid [in]
Reference to the GUID that identifies the protocol.Hostent [in]
Pointer to a hostent structure that specifies the host.SrcPort [in]
The source port number.pszPath [in]
Pointer to a null-terminated string containing the path to be checked. This parameter may be NULL if the path is unknown or irrelevant.pszMime [in]
Pointer to a null-terminated string containing the MIME data type (such as "text/html") to be checked. This parameter can be NULL if the MIME type is unknown or irrelevant.dwFlags [in, optional]
HostAccessCheck flags. This parameter can be a bitwise combination of the following values, or 0 if none of the options apply:Value Meaning FWX_FLAG_USE_MIME The pszMime parameter is currently NULL, but may be known later. If this flag is specified, and the pszMime parameter is NULL and the MIME type is required for processing of the rules, FWX_E_MIME_NEEDED will be returned.
FWX_FLAG_USE_EXTENTION Use the extension of the pszPath parameters for content filtering.
FWX_FLAG_CHECK_PUBLISHING Use this parameter to include publishing rules in the permission decision. If this parameter is not set, publishing rules will not be taken into consideration. This flag is typically used with FWX_FLAG_BYPASS_ALLOW_ACCESS. When these parameters are used together, only deny rules and publishing rules will be checked.
FWX_FLAG_BYPASS_ALLOW_ACCESS Use this parameter to instruct the Microsoft Firewall service not to check allow rules. This flag is typically used with FWX_FLAG_CHECK_PUBLISHING. When these parameters are used together, only deny rules and publishing rules will be checked.
ProcessedRulesData [in]
Data regarding the per-rule configuration of the filter. This data is processed by the Firewall service when it starts, or when you change the rules.
Return value
This method can return one of these values.
S_OK
The user is allowed to access the host.S_FALSE
The user is denied access to the host.E_INVALIDARG
More than one host name or IP address was specified in the Hostent parameter.FWX_E_MIME_NEEDED
The FWX_FLAG_USE_MIME flag was specified, but the pszMime parameter was NULL. The MIME type is required to complete the processing of the rules.Error code
The method failed.
Remarks
The hostent structure may contain a host name or an IP address, or both a host name and an IP address, but it may not contain more than one host name or IP address. Access is checked based on the information available in the hostent structure.
Requirements
Minimum supported client |
None supported |
Minimum supported server |
Windows Server 2008 R2, Windows Server 2008 with SP2 (64-bit only) |
Version |
Forefront Threat Management Gateway (TMG) 2010 |
Header |
Wspfwext.idl |
DLL |
Wspsrv.exe |
See also
IFWXFirewall::CreatePrivateSession
Build date: 7/12/2010