FwpmEngineSetOption0 function (fwpmu.h)
The FwpmEngineSetOption0 function changes the filter engine settings.
Syntax
DWORD FwpmEngineSetOption0(
[in] HANDLE engineHandle,
[in] FWPM_ENGINE_OPTION option,
[in] const FWP_VALUE0 *newValue
);
Parameters
[in] engineHandle
Type: HANDLE
Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine.
[in] option
Type: FWPM_ENGINE_OPTION
The option to be set.
[in] newValue
Type: FWP_VALUE0*
The new option value. The data type contained in the newValue parameter should be FWP_UINT32.
When option is FWPM_ENGINE_COLLECT_NET_EVENTS, newValue should be one of the following.
| Value | Meaning |
|---|---|
|
Do not collect network events. |
|
Collect network events. This is the default setting. |
When option is FWPM_ENGINE_NET_EVENT_MATCH_ANY_KEYWORDS, newValue should be either 0 (zero) or a bitwise combination of the following values.
| Value | Meaning |
|---|---|
|
Collect inbound multicast network events. |
|
Collect inbound broadcast network events. |
When option is FWPM_ENGINE_PACKET_QUEUING (available only in Windows 8 and Windows Server 2012), newValue should be one of the following.
When option is FWPM_ENGINE_MONITOR_IPSEC_CONNECTIONS (available only in Windows 8 and Windows Server 2012), newValue should be the following. (FwpmEngineSetOption0 may be used to enable connections, but will fail with FWP_E_STILL_ON ERROR when attempting to disable it.)
| Value | Meaning |
|---|---|
|
The IPsec Connection Monitoring feature will be enabled. New IPsec connection events will be logged as well as notifications sent. |
When option is FWPM_ENGINE_TXN_WATCHDOG_TIMEOUT_IN_MSEC (available only in Windows 8 and Windows Server 2012), newValue should be the time in milliseconds that specifies the maximum duration for a single WFP transaction. Transactions taking longer than this duration will trigger a watchdog event.
The FWPM_ENGINE_NAME_CACHE option is reserved for internal use.
Return value
Type: DWORD
| Return code/value | Description |
|---|---|
|
The option was set successfully. |
|
A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. |
|
Failure to communicate with the remote or local firewall engine. |
Remarks
This function cannot be called from within a transaction. It will fail with FWP_E_TXN_IN_PROGRESS. See Object Management for more information about transactions.
This function cannot be called from within a dynamic session. It will fail with FWP_E_DYNAMIC_SESSION_IN_PROGRESS. See Object Management for more information about sessions.
The caller needs FWPM_ACTRL_WRITE access to the filter engine. See Access Control for more information.
The default settings for network event collection are as follows:
- Outbound, all (unicast, multicast, and broadcast) events are collected.
- Inbound, only unicast events are collected.
To collect inbound broadcast and/or multicast network events,
- Call FwpmEngineSetOption0 with option set to FWPM_ENGINE_COLLECT_NET_EVENTS and newValue set to 1.
- Call FwpmEngineSetOption0 with option set to FWPM_ENGINE_NET_EVENT_MATCH_ANY_KEYWORDS and newValue parameter set to FWPM_NET_EVENT_KEYWORD_INBOUND_MCAST and/or FWPM_NET_EVENT_KEYWORD_INBOUND_BCAST.
- Call FwpmEngineSetOption0 with option set to FWPM_ENGINE_NET_EVENT_MATCH_ANY_KEYWORDS and newValue parameter set to 0 (zero).
FwpmEngineSetOption0 is a specific implementation of FwpmEngineSetOption. See WFP Version-Independent Names and Targeting Specific Versions of Windows for more information.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | fwpmu.h |
| Library | Fwpuclnt.lib |
| DLL | Fwpuclnt.dll |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for