ALE Flow Customization
Network filtering at the Application Layer Enforcement (ALE) layers of the Windows Filtering Platform (WFP) can be customized by adding filters with specific classify options.
Multicast/Broadcast Traffic
To block inbound traffic based on outbound multicast or broadcast states, add a filter that authorizes outbound multicast and broadcast traffic and that has the FWP_CLASSIFY_OPTION_MULTICAST_STATE option set to FWP_OPTION_VALUE_DENY_MULTICAST_STATE.
Remote Peers
To add response packets from different peers to the same ALE flow, add a filter that has the FWP_CLASSIFY_OPTION_LOOSE_SOURCE_MAPPING option set to FWP_OPTION_VALUE_ENABLE_LOOSE_SOURCE_MAPPING.
See Using Classify Options for code sample.
ALE Flow Lifetime
To modify the idle timeout values for an ALE flow, add a filter that has the FWP_CLASSIFY_OPTION_MCAST_BCAST_LIFETIME option and/or the FWP_CLASSIFY_OPTION_UNICAST_LIFETIME option set to the desired idle timeout value.
See Using Classify Options for a code sample.
Related topics
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for