Редагувати

Поділитися через


ALE Flow Customization

Network filtering at the Application Layer Enforcement (ALE) layers of the Windows Filtering Platform (WFP) can be customized by adding filters with specific classify options.

Multicast/Broadcast Traffic

To block inbound traffic based on outbound multicast or broadcast states, add a filter that authorizes outbound multicast and broadcast traffic and that has the FWP_CLASSIFY_OPTION_MULTICAST_STATE option set to FWP_OPTION_VALUE_DENY_MULTICAST_STATE.

Remote Peers

To add response packets from different peers to the same ALE flow, add a filter that has the FWP_CLASSIFY_OPTION_LOOSE_SOURCE_MAPPING option set to FWP_OPTION_VALUE_ENABLE_LOOSE_SOURCE_MAPPING.

See Using Classify Options for code sample.

ALE Flow Lifetime

To modify the idle timeout values for an ALE flow, add a filter that has the FWP_CLASSIFY_OPTION_MCAST_BCAST_LIFETIME option and/or the FWP_CLASSIFY_OPTION_UNICAST_LIFETIME option set to the desired idle timeout value.

See Using Classify Options for a code sample.

Application Layer Enforcement (ALE)

ALE Layers

ALE Stateful Filtering

ALE Multicast/Broadcast Traffic

ALE Reauthorization

Using Classify Options