[BUG] FwpmFilterCreateEnumHandle and security descriptor filter condition

Started by fixer, May 03, 2018, 08:18:55 PM

Previous topic - Next topic

fixer

Windows Filtering Platform (or WFP) is a set of API and system services that provide a platform for creating network filtering applications. One of these API functions, FwpmFilterCreateEnumHandle0 allows to enumerate a set of filter objects. According to the official MSDN documentation it supports an array of filter conditions to specify which filter objects you want to enumerate. But don't get your hopes high for FWP_SECURITY_DESCRIPTOR_TYPE filter or in other words trying to filter by a security descriptor. It'll return FWP_E_TYPE_MISMATCH error. For some reason (that eludes me) filtering by security descriptor isn't supported.