FwpmEngineGetOption0 function (fwpmu.h)
The FwpmEngineGetOption0 function retrieves a filter engine option.
Syntax
DWORD FwpmEngineGetOption0(
[in] HANDLE engineHandle,
[in] FWPM_ENGINE_OPTION option,
[out] FWP_VALUE0 **value
);
Parameters
[in] engineHandle
Type: HANDLE
Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine.
[in] option
Type: FWPM_ENGINE_OPTION
The option to be retrieved.
[out] value
Type: FWP_VALUE0**
The option value. The data type contained in the value parameter will be FWP_UINT32.
If option is FWPM_ENGINE_COLLECT_NET_EVENTS, value will be one of the following.
| Value | Meaning |
|---|---|
|
Network events are not being collected. |
|
Network events are being collected. |
If option is FWPM_ENGINE_NET_EVENT_MATCH_ANY_KEYWORDS, value will be a bitwise combination of the following values.
If option is FWPM_ENGINE_PACKET_QUEUING (available only in Windows 8 and Windows Server 2012), value will be one of the following.
If option is FWPM_ENGINE_MONITOR_IPSEC_CONNECTIONS (available only in Windows 8 and Windows Server 2012), value will be one of the following.
| Value | Meaning |
|---|---|
|
The IPsec Connection Monitoring feature is disabled. No IPsec connection events or notifications are being logged. |
|
The IPsec Connection Monitoring feature is enabled. New IPsec connection events and notifications are being logged. |
If option is FWPM_ENGINE_TXN_WATCHDOG_TIMEOUT_IN_MSEC (available only in Windows 8 and Windows Server 2012), value will be the time in milliseconds that specifies the maximum duration for a single WFP transaction. Transactions taking longer than this duration will trigger a watchdog event.
The FWPM_ENGINE_NAME_CACHE option is reserved for internal use.
Return value
Type: DWORD
| Return code/value | Description |
|---|---|
|
The option was retrieved successfully. |
|
A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. |
|
Failure to communicate with the remote or local firewall engine. |
Remarks
The caller must free the returned object by a call to FwpmFreeMemory0.
The caller needs FWPM_ACTRL_READ access to the filter engine. See Access Control for more information.
FwpmEngineGetOption0 is a specific implementation of FwpmEngineGetOption. See WFP Version-Independent Names and Targeting Specific Versions of Windows for more information.
Examples
The following C++ example illustrates the use of FwpmEngineGetOption0 to determine if network events are being collected.
#include <windows.h>
#include <fwpmu.h>
#include <stdio.h>
#pragma comment(lib, "Fwpuclnt.lib")
void main()
{
HANDLE engineHandle = NULL;
DWORD result = ERROR_SUCCESS;
FWPM_ENGINE_OPTION option = FWPM_ENGINE_COLLECT_NET_EVENTS;
FWP_VALUE0* fwpValue = NULL;
result = FwpmEngineOpen0( NULL, RPC_C_AUTHN_WINNT, NULL, NULL, &engineHandle );
if (result != ERROR_SUCCESS)
{
printf("FwpmEngineOpen0 failed.\n");
return;
}
result = FwpmEngineGetOption0( engineHandle, option, &fwpValue);
if (result != ERROR_SUCCESS)
{
printf("FwpmEngineGetOption0 failed.\n");
return;
}
else if(fwpValue->type == FWP_UINT32)
{
if(fwpValue->uint32 == 1 )
printf("Network events are being collected.\n");
else
printf("Network events are NOT being collected.\n");
}
else
printf("Unexpected data type received.\n");
FwpmFreeMemory0((void**)&fwpValue);
return;
}
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | fwpmu.h |
| Library | Fwpuclnt.lib |
| DLL | Fwpuclnt.dll |