tempfork/wireguard-windows/firewall: add.
This is a fork of wireguard-windows's firewall package, with the firewall rules adjusted to better line up with tailscale's needs. The package was taken from commit 3cc76ed5f222ec82748ef3bd8c41d4b059e28cdb in our fork of wireguard-go. Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
parent
30a37622b4
commit
ac3de93d5c
|
@ -0,0 +1,9 @@
|
|||
This is a copy of the `tunnel/firewall` package of
|
||||
https://git.zx2c4.com/wireguard-windows, with some hardcoded filter
|
||||
rules adjusted to function with Tailscale, rather than
|
||||
wireguard-windows's process structure.
|
||||
|
||||
You should not use this package. It exists as a band-aid while we
|
||||
figure out how to upstream a more flexible firewall package that does
|
||||
the fancier things we need, while also supporting wireguard-windows's
|
||||
goals.
|
|
@ -0,0 +1,190 @@
|
|||
// +build windows
|
||||
|
||||
/* SPDX-License-Identifier: MIT
|
||||
*
|
||||
* Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
|
||||
*/
|
||||
|
||||
package firewall
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"net"
|
||||
"unsafe"
|
||||
|
||||
"golang.org/x/sys/windows"
|
||||
)
|
||||
|
||||
type wfpObjectInstaller func(uintptr) error
|
||||
|
||||
//
|
||||
// Fundamental WireGuard specific WFP objects.
|
||||
//
|
||||
type baseObjects struct {
|
||||
provider windows.GUID
|
||||
filters windows.GUID
|
||||
}
|
||||
|
||||
var wfpSession uintptr
|
||||
|
||||
func createWfpSession() (uintptr, error) {
|
||||
sessionDisplayData, err := createWtFwpmDisplayData0("WireGuard", "WireGuard dynamic session")
|
||||
if err != nil {
|
||||
return 0, wrapErr(err)
|
||||
}
|
||||
|
||||
session := wtFwpmSession0{
|
||||
displayData: *sessionDisplayData,
|
||||
flags: cFWPM_SESSION_FLAG_DYNAMIC,
|
||||
txnWaitTimeoutInMSec: windows.INFINITE,
|
||||
}
|
||||
|
||||
sessionHandle := uintptr(0)
|
||||
|
||||
err = fwpmEngineOpen0(nil, cRPC_C_AUTHN_WINNT, nil, &session, unsafe.Pointer(&sessionHandle))
|
||||
if err != nil {
|
||||
return 0, wrapErr(err)
|
||||
}
|
||||
|
||||
return sessionHandle, nil
|
||||
}
|
||||
|
||||
func registerBaseObjects(session uintptr) (*baseObjects, error) {
|
||||
bo := &baseObjects{}
|
||||
var err error
|
||||
bo.provider, err = windows.GenerateGUID()
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
bo.filters, err = windows.GenerateGUID()
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
|
||||
//
|
||||
// Register provider.
|
||||
//
|
||||
{
|
||||
displayData, err := createWtFwpmDisplayData0("WireGuard", "WireGuard provider")
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
provider := wtFwpmProvider0{
|
||||
providerKey: bo.provider,
|
||||
displayData: *displayData,
|
||||
}
|
||||
err = fwpmProviderAdd0(session, &provider, 0)
|
||||
if err != nil {
|
||||
// TODO: cleanup entire call chain of these if failure?
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// Register filters sublayer.
|
||||
//
|
||||
{
|
||||
displayData, err := createWtFwpmDisplayData0("WireGuard filters", "Permissive and blocking filters")
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
sublayer := wtFwpmSublayer0{
|
||||
subLayerKey: bo.filters,
|
||||
displayData: *displayData,
|
||||
providerKey: &bo.provider,
|
||||
weight: ^uint16(0),
|
||||
}
|
||||
err = fwpmSubLayerAdd0(session, &sublayer, 0)
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
}
|
||||
|
||||
return bo, nil
|
||||
}
|
||||
|
||||
func EnableFirewall(luid uint64, doNotRestrict bool, restrictToDNSServers []net.IP) error {
|
||||
if wfpSession != 0 {
|
||||
return errors.New("The firewall has already been enabled")
|
||||
}
|
||||
|
||||
session, err := createWfpSession()
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
objectInstaller := func(session uintptr) error {
|
||||
baseObjects, err := registerBaseObjects(session)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
err = permitWireGuardService(session, baseObjects, 15)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
if !doNotRestrict {
|
||||
err = allowDNS(session, baseObjects)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
err = permitLoopback(session, baseObjects, 13)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
err = permitTunInterface(session, baseObjects, 12, luid)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
err = permitDHCPIPv4(session, baseObjects, 12)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
err = permitDHCPIPv6(session, baseObjects, 12)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
err = permitNdp(session, baseObjects, 12)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
/* TODO: actually evaluate if this does anything and if we need this. It's layer 2; our other rules are layer 3.
|
||||
* In other words, if somebody complains, try enabling it. For now, keep it off.
|
||||
err = permitHyperV(session, baseObjects, 12)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
*/
|
||||
|
||||
err = blockAll(session, baseObjects, 0)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
err = runTransaction(session, objectInstaller)
|
||||
if err != nil {
|
||||
fwpmEngineClose0(session)
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
wfpSession = session
|
||||
return nil
|
||||
}
|
||||
|
||||
func DisableFirewall() {
|
||||
if wfpSession != 0 {
|
||||
fwpmEngineClose0(wfpSession)
|
||||
wfpSession = 0
|
||||
}
|
||||
}
|
|
@ -0,0 +1,150 @@
|
|||
// +build windows
|
||||
|
||||
/* SPDX-License-Identifier: MIT
|
||||
*
|
||||
* Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
|
||||
*/
|
||||
|
||||
package firewall
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"runtime"
|
||||
"syscall"
|
||||
"unsafe"
|
||||
|
||||
"golang.org/x/sys/windows"
|
||||
)
|
||||
|
||||
func runTransaction(session uintptr, operation wfpObjectInstaller) error {
|
||||
err := fwpmTransactionBegin0(session, 0)
|
||||
if err != nil {
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
err = operation(session)
|
||||
if err != nil {
|
||||
fwpmTransactionAbort0(session)
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
err = fwpmTransactionCommit0(session)
|
||||
if err != nil {
|
||||
fwpmTransactionAbort0(session)
|
||||
return wrapErr(err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func createWtFwpmDisplayData0(name, description string) (*wtFwpmDisplayData0, error) {
|
||||
namePtr, err := windows.UTF16PtrFromString(name)
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
|
||||
descriptionPtr, err := windows.UTF16PtrFromString(description)
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
|
||||
return &wtFwpmDisplayData0{
|
||||
name: namePtr,
|
||||
description: descriptionPtr,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func filterWeight(weight uint8) wtFwpValue0 {
|
||||
return wtFwpValue0{
|
||||
_type: cFWP_UINT8,
|
||||
value: uintptr(weight),
|
||||
}
|
||||
}
|
||||
|
||||
func wrapErr(err error) error {
|
||||
if _, ok := err.(syscall.Errno); !ok {
|
||||
return err
|
||||
}
|
||||
_, file, line, ok := runtime.Caller(1)
|
||||
if !ok {
|
||||
return fmt.Errorf("Firewall error at unknown location: %w", err)
|
||||
}
|
||||
return fmt.Errorf("Firewall error at %s:%d: %w", file, line, err)
|
||||
}
|
||||
|
||||
func getCurrentProcessSecurityDescriptor() (*windows.SECURITY_DESCRIPTOR, error) {
|
||||
var processToken windows.Token
|
||||
err := windows.OpenProcessToken(windows.CurrentProcess(), windows.TOKEN_QUERY, &processToken)
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
defer processToken.Close()
|
||||
gs, err := processToken.GetTokenGroups()
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
var sid *windows.SID
|
||||
for _, g := range gs.AllGroups() {
|
||||
if g.Attributes != windows.SE_GROUP_ENABLED|windows.SE_GROUP_ENABLED_BY_DEFAULT|windows.SE_GROUP_OWNER {
|
||||
continue
|
||||
}
|
||||
// We could be checking != 6, but hopefully Microsoft will update
|
||||
// RtlCreateServiceSid to use SHA2, which will then likely bump
|
||||
// this up. So instead just roll with a minimum.
|
||||
if !g.Sid.IsValid() || g.Sid.IdentifierAuthority() != windows.SECURITY_NT_AUTHORITY || g.Sid.SubAuthorityCount() < 6 || g.Sid.SubAuthority(0) != 80 {
|
||||
continue
|
||||
}
|
||||
sid = g.Sid
|
||||
break
|
||||
}
|
||||
if sid == nil {
|
||||
return nil, wrapErr(windows.ERROR_NO_SUCH_GROUP)
|
||||
}
|
||||
|
||||
access := []windows.EXPLICIT_ACCESS{{
|
||||
AccessPermissions: cFWP_ACTRL_MATCH_FILTER,
|
||||
AccessMode: windows.GRANT_ACCESS,
|
||||
Trustee: windows.TRUSTEE{
|
||||
TrusteeForm: windows.TRUSTEE_IS_SID,
|
||||
TrusteeType: windows.TRUSTEE_IS_GROUP,
|
||||
TrusteeValue: windows.TrusteeValueFromSID(sid),
|
||||
},
|
||||
}}
|
||||
dacl, err := windows.ACLFromEntries(access, nil)
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
sd, err := windows.NewSecurityDescriptor()
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
err = sd.SetDACL(dacl, true, false)
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
sd, err = sd.ToSelfRelative()
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
return sd, nil
|
||||
}
|
||||
|
||||
func getCurrentProcessAppID() (*wtFwpByteBlob, error) {
|
||||
currentFile, err := os.Executable()
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
|
||||
curFilePtr, err := windows.UTF16PtrFromString(currentFile)
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
|
||||
var appID *wtFwpByteBlob
|
||||
err = fwpmGetAppIdFromFileName0(curFilePtr, unsafe.Pointer(&appID))
|
||||
if err != nil {
|
||||
return nil, wrapErr(err)
|
||||
}
|
||||
return appID, nil
|
||||
}
|
|
@ -0,0 +1,8 @@
|
|||
/* SPDX-License-Identifier: MIT
|
||||
*
|
||||
* Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
|
||||
*/
|
||||
|
||||
package firewall
|
||||
|
||||
//go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go syscall_windows.go
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,36 @@
|
|||
/* SPDX-License-Identifier: MIT
|
||||
*
|
||||
* Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
|
||||
*/
|
||||
|
||||
package firewall
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmengineopen0
|
||||
//sys fwpmEngineOpen0(serverName *uint16, authnService wtRpcCAuthN, authIdentity *uintptr, session *wtFwpmSession0, engineHandle unsafe.Pointer) (err error) [failretval!=0] = fwpuclnt.FwpmEngineOpen0
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmengineclose0
|
||||
//sys fwpmEngineClose0(engineHandle uintptr) (err error) [failretval!=0] = fwpuclnt.FwpmEngineClose0
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmsublayeradd0
|
||||
//sys fwpmSubLayerAdd0(engineHandle uintptr, subLayer *wtFwpmSublayer0, sd uintptr) (err error) [failretval!=0] = fwpuclnt.FwpmSubLayerAdd0
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmgetappidfromfilename0
|
||||
//sys fwpmGetAppIdFromFileName0(fileName *uint16, appID unsafe.Pointer) (err error) [failretval!=0] = fwpuclnt.FwpmGetAppIdFromFileName0
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmfreememory0
|
||||
//sys fwpmFreeMemory0(p unsafe.Pointer) = fwpuclnt.FwpmFreeMemory0
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmfilteradd0
|
||||
//sys fwpmFilterAdd0(engineHandle uintptr, filter *wtFwpmFilter0, sd uintptr, id *uint64) (err error) [failretval!=0] = fwpuclnt.FwpmFilterAdd0
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/Fwpmu/nf-fwpmu-fwpmtransactionbegin0
|
||||
//sys fwpmTransactionBegin0(engineHandle uintptr, flags uint32) (err error) [failretval!=0] = fwpuclnt.FwpmTransactionBegin0
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmtransactioncommit0
|
||||
//sys fwpmTransactionCommit0(engineHandle uintptr) (err error) [failretval!=0] = fwpuclnt.FwpmTransactionCommit0
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmtransactionabort0
|
||||
//sys fwpmTransactionAbort0(engineHandle uintptr) (err error) [failretval!=0] = fwpuclnt.FwpmTransactionAbort0
|
||||
|
||||
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmprovideradd0
|
||||
//sys fwpmProviderAdd0(engineHandle uintptr, provider *wtFwpmProvider0, sd uintptr) (err error) [failretval!=0] = fwpuclnt.FwpmProviderAdd0
|
|
@ -0,0 +1,412 @@
|
|||
// +build windows
|
||||
|
||||
/* SPDX-License-Identifier: MIT
|
||||
*
|
||||
* Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
|
||||
*/
|
||||
|
||||
package firewall
|
||||
|
||||
import "golang.org/x/sys/windows"
|
||||
|
||||
const (
|
||||
anysizeArray = 1 // ANYSIZE_ARRAY defined in winnt.h
|
||||
|
||||
wtFwpBitmapArray64_Size = 8
|
||||
|
||||
wtFwpByteArray16_Size = 16
|
||||
|
||||
wtFwpByteArray6_Size = 6
|
||||
|
||||
wtFwpmAction0_Size = 20
|
||||
wtFwpmAction0_filterType_Offset = 4
|
||||
|
||||
wtFwpV4AddrAndMask_Size = 8
|
||||
wtFwpV4AddrAndMask_mask_Offset = 4
|
||||
|
||||
wtFwpV6AddrAndMask_Size = 17
|
||||
wtFwpV6AddrAndMask_prefixLength_Offset = 16
|
||||
)
|
||||
|
||||
type wtFwpActionFlag uint32
|
||||
|
||||
const (
|
||||
cFWP_ACTION_FLAG_TERMINATING wtFwpActionFlag = 0x00001000
|
||||
cFWP_ACTION_FLAG_NON_TERMINATING wtFwpActionFlag = 0x00002000
|
||||
cFWP_ACTION_FLAG_CALLOUT wtFwpActionFlag = 0x00004000
|
||||
)
|
||||
|
||||
// FWP_ACTION_TYPE defined in fwptypes.h
|
||||
type wtFwpActionType uint32
|
||||
|
||||
const (
|
||||
cFWP_ACTION_BLOCK wtFwpActionType = wtFwpActionType(0x00000001 | cFWP_ACTION_FLAG_TERMINATING)
|
||||
cFWP_ACTION_PERMIT wtFwpActionType = wtFwpActionType(0x00000002 | cFWP_ACTION_FLAG_TERMINATING)
|
||||
cFWP_ACTION_CALLOUT_TERMINATING wtFwpActionType = wtFwpActionType(0x00000003 | cFWP_ACTION_FLAG_CALLOUT | cFWP_ACTION_FLAG_TERMINATING)
|
||||
cFWP_ACTION_CALLOUT_INSPECTION wtFwpActionType = wtFwpActionType(0x00000004 | cFWP_ACTION_FLAG_CALLOUT | cFWP_ACTION_FLAG_NON_TERMINATING)
|
||||
cFWP_ACTION_CALLOUT_UNKNOWN wtFwpActionType = wtFwpActionType(0x00000005 | cFWP_ACTION_FLAG_CALLOUT)
|
||||
cFWP_ACTION_CONTINUE wtFwpActionType = wtFwpActionType(0x00000006 | cFWP_ACTION_FLAG_NON_TERMINATING)
|
||||
cFWP_ACTION_NONE wtFwpActionType = 0x00000007
|
||||
cFWP_ACTION_NONE_NO_MATCH wtFwpActionType = 0x00000008
|
||||
cFWP_ACTION_BITMAP_INDEX_SET wtFwpActionType = 0x00000009
|
||||
)
|
||||
|
||||
// FWP_BYTE_BLOB defined in fwptypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ns-fwptypes-fwp_byte_blob_)
|
||||
type wtFwpByteBlob struct {
|
||||
size uint32
|
||||
data *uint8
|
||||
}
|
||||
|
||||
// FWP_MATCH_TYPE defined in fwptypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ne-fwptypes-fwp_match_type_)
|
||||
type wtFwpMatchType uint32
|
||||
|
||||
const (
|
||||
cFWP_MATCH_EQUAL wtFwpMatchType = 0
|
||||
cFWP_MATCH_GREATER wtFwpMatchType = cFWP_MATCH_EQUAL + 1
|
||||
cFWP_MATCH_LESS wtFwpMatchType = cFWP_MATCH_GREATER + 1
|
||||
cFWP_MATCH_GREATER_OR_EQUAL wtFwpMatchType = cFWP_MATCH_LESS + 1
|
||||
cFWP_MATCH_LESS_OR_EQUAL wtFwpMatchType = cFWP_MATCH_GREATER_OR_EQUAL + 1
|
||||
cFWP_MATCH_RANGE wtFwpMatchType = cFWP_MATCH_LESS_OR_EQUAL + 1
|
||||
cFWP_MATCH_FLAGS_ALL_SET wtFwpMatchType = cFWP_MATCH_RANGE + 1
|
||||
cFWP_MATCH_FLAGS_ANY_SET wtFwpMatchType = cFWP_MATCH_FLAGS_ALL_SET + 1
|
||||
cFWP_MATCH_FLAGS_NONE_SET wtFwpMatchType = cFWP_MATCH_FLAGS_ANY_SET + 1
|
||||
cFWP_MATCH_EQUAL_CASE_INSENSITIVE wtFwpMatchType = cFWP_MATCH_FLAGS_NONE_SET + 1
|
||||
cFWP_MATCH_NOT_EQUAL wtFwpMatchType = cFWP_MATCH_EQUAL_CASE_INSENSITIVE + 1
|
||||
cFWP_MATCH_PREFIX wtFwpMatchType = cFWP_MATCH_NOT_EQUAL + 1
|
||||
cFWP_MATCH_NOT_PREFIX wtFwpMatchType = cFWP_MATCH_PREFIX + 1
|
||||
cFWP_MATCH_TYPE_MAX wtFwpMatchType = cFWP_MATCH_NOT_PREFIX + 1
|
||||
)
|
||||
|
||||
// FWPM_ACTION0 defined in fwpmtypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwpmtypes/ns-fwpmtypes-fwpm_action0_)
|
||||
type wtFwpmAction0 struct {
|
||||
_type wtFwpActionType
|
||||
filterType windows.GUID // Windows type: GUID
|
||||
}
|
||||
|
||||
// Defined in fwpmu.h. 4cd62a49-59c3-4969-b7f3-bda5d32890a4
|
||||
var cFWPM_CONDITION_IP_LOCAL_INTERFACE = windows.GUID{
|
||||
Data1: 0x4cd62a49,
|
||||
Data2: 0x59c3,
|
||||
Data3: 0x4969,
|
||||
Data4: [8]byte{0xb7, 0xf3, 0xbd, 0xa5, 0xd3, 0x28, 0x90, 0xa4},
|
||||
}
|
||||
|
||||
// Defined in fwpmu.h. b235ae9a-1d64-49b8-a44c-5ff3d9095045
|
||||
var cFWPM_CONDITION_IP_REMOTE_ADDRESS = windows.GUID{
|
||||
Data1: 0xb235ae9a,
|
||||
Data2: 0x1d64,
|
||||
Data3: 0x49b8,
|
||||
Data4: [8]byte{0xa4, 0x4c, 0x5f, 0xf3, 0xd9, 0x09, 0x50, 0x45},
|
||||
}
|
||||
|
||||
// Defined in fwpmu.h. 3971ef2b-623e-4f9a-8cb1-6e79b806b9a7
|
||||
var cFWPM_CONDITION_IP_PROTOCOL = windows.GUID{
|
||||
Data1: 0x3971ef2b,
|
||||
Data2: 0x623e,
|
||||
Data3: 0x4f9a,
|
||||
Data4: [8]byte{0x8c, 0xb1, 0x6e, 0x79, 0xb8, 0x06, 0xb9, 0xa7},
|
||||
}
|
||||
|
||||
// Defined in fwpmu.h. 0c1ba1af-5765-453f-af22-a8f791ac775b
|
||||
var cFWPM_CONDITION_IP_LOCAL_PORT = windows.GUID{
|
||||
Data1: 0x0c1ba1af,
|
||||
Data2: 0x5765,
|
||||
Data3: 0x453f,
|
||||
Data4: [8]byte{0xaf, 0x22, 0xa8, 0xf7, 0x91, 0xac, 0x77, 0x5b},
|
||||
}
|
||||
|
||||
// Defined in fwpmu.h. c35a604d-d22b-4e1a-91b4-68f674ee674b
|
||||
var cFWPM_CONDITION_IP_REMOTE_PORT = windows.GUID{
|
||||
Data1: 0xc35a604d,
|
||||
Data2: 0xd22b,
|
||||
Data3: 0x4e1a,
|
||||
Data4: [8]byte{0x91, 0xb4, 0x68, 0xf6, 0x74, 0xee, 0x67, 0x4b},
|
||||
}
|
||||
|
||||
// Defined in fwpmu.h. d78e1e87-8644-4ea5-9437-d809ecefc971
|
||||
var cFWPM_CONDITION_ALE_APP_ID = windows.GUID{
|
||||
Data1: 0xd78e1e87,
|
||||
Data2: 0x8644,
|
||||
Data3: 0x4ea5,
|
||||
Data4: [8]byte{0x94, 0x37, 0xd8, 0x09, 0xec, 0xef, 0xc9, 0x71},
|
||||
}
|
||||
|
||||
// af043a0a-b34d-4f86-979c-c90371af6e66
|
||||
var cFWPM_CONDITION_ALE_USER_ID = windows.GUID{
|
||||
Data1: 0xaf043a0a,
|
||||
Data2: 0xb34d,
|
||||
Data3: 0x4f86,
|
||||
Data4: [8]byte{0x97, 0x9c, 0xc9, 0x03, 0x71, 0xaf, 0x6e, 0x66},
|
||||
}
|
||||
|
||||
// d9ee00de-c1ef-4617-bfe3-ffd8f5a08957
|
||||
var cFWPM_CONDITION_IP_LOCAL_ADDRESS = windows.GUID{
|
||||
Data1: 0xd9ee00de,
|
||||
Data2: 0xc1ef,
|
||||
Data3: 0x4617,
|
||||
Data4: [8]byte{0xbf, 0xe3, 0xff, 0xd8, 0xf5, 0xa0, 0x89, 0x57},
|
||||
}
|
||||
|
||||
var cFWPM_CONDITION_ICMP_TYPE = cFWPM_CONDITION_IP_LOCAL_PORT
|
||||
var cFWPM_CONDITION_ICMP_CODE = cFWPM_CONDITION_IP_REMOTE_PORT
|
||||
|
||||
// 7bc43cbf-37ba-45f1-b74a-82ff518eeb10
|
||||
var cFWPM_CONDITION_L2_FLAGS = windows.GUID{
|
||||
Data1: 0x7bc43cbf,
|
||||
Data2: 0x37ba,
|
||||
Data3: 0x45f1,
|
||||
Data4: [8]byte{0xb7, 0x4a, 0x82, 0xff, 0x51, 0x8e, 0xeb, 0x10},
|
||||
}
|
||||
|
||||
type wtFwpmL2Flags uint32
|
||||
|
||||
const cFWP_CONDITION_L2_IS_VM2VM wtFwpmL2Flags = 0x00000010
|
||||
|
||||
var cFWPM_CONDITION_FLAGS = windows.GUID{
|
||||
Data1: 0x632ce23b,
|
||||
Data2: 0x5167,
|
||||
Data3: 0x435c,
|
||||
Data4: [8]byte{0x86, 0xd7, 0xe9, 0x03, 0x68, 0x4a, 0xa8, 0x0c},
|
||||
}
|
||||
|
||||
type wtFwpmFlags uint32
|
||||
|
||||
const cFWP_CONDITION_FLAG_IS_LOOPBACK wtFwpmFlags = 0x00000001
|
||||
|
||||
// Defined in fwpmtypes.h
|
||||
type wtFwpmFilterFlags uint32
|
||||
|
||||
const (
|
||||
cFWPM_FILTER_FLAG_NONE wtFwpmFilterFlags = 0x00000000
|
||||
cFWPM_FILTER_FLAG_PERSISTENT wtFwpmFilterFlags = 0x00000001
|
||||
cFWPM_FILTER_FLAG_BOOTTIME wtFwpmFilterFlags = 0x00000002
|
||||
cFWPM_FILTER_FLAG_HAS_PROVIDER_CONTEXT wtFwpmFilterFlags = 0x00000004
|
||||
cFWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT wtFwpmFilterFlags = 0x00000008
|
||||
cFWPM_FILTER_FLAG_PERMIT_IF_CALLOUT_UNREGISTERED wtFwpmFilterFlags = 0x00000010
|
||||
cFWPM_FILTER_FLAG_DISABLED wtFwpmFilterFlags = 0x00000020
|
||||
cFWPM_FILTER_FLAG_INDEXED wtFwpmFilterFlags = 0x00000040
|
||||
cFWPM_FILTER_FLAG_HAS_SECURITY_REALM_PROVIDER_CONTEXT wtFwpmFilterFlags = 0x00000080
|
||||
cFWPM_FILTER_FLAG_SYSTEMOS_ONLY wtFwpmFilterFlags = 0x00000100
|
||||
cFWPM_FILTER_FLAG_GAMEOS_ONLY wtFwpmFilterFlags = 0x00000200
|
||||
cFWPM_FILTER_FLAG_SILENT_MODE wtFwpmFilterFlags = 0x00000400
|
||||
cFWPM_FILTER_FLAG_IPSEC_NO_ACQUIRE_INITIATE wtFwpmFilterFlags = 0x00000800
|
||||
)
|
||||
|
||||
// FWPM_LAYER_ALE_AUTH_CONNECT_V4 (c38d57d1-05a7-4c33-904f-7fbceee60e82) defined in fwpmu.h
|
||||
var cFWPM_LAYER_ALE_AUTH_CONNECT_V4 = windows.GUID{
|
||||
Data1: 0xc38d57d1,
|
||||
Data2: 0x05a7,
|
||||
Data3: 0x4c33,
|
||||
Data4: [8]byte{0x90, 0x4f, 0x7f, 0xbc, 0xee, 0xe6, 0x0e, 0x82},
|
||||
}
|
||||
|
||||
// e1cd9fe7-f4b5-4273-96c0-592e487b8650
|
||||
var cFWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4 = windows.GUID{
|
||||
Data1: 0xe1cd9fe7,
|
||||
Data2: 0xf4b5,
|
||||
Data3: 0x4273,
|
||||
Data4: [8]byte{0x96, 0xc0, 0x59, 0x2e, 0x48, 0x7b, 0x86, 0x50},
|
||||
}
|
||||
|
||||
// FWPM_LAYER_ALE_AUTH_CONNECT_V6 (4a72393b-319f-44bc-84c3-ba54dcb3b6b4) defined in fwpmu.h
|
||||
var cFWPM_LAYER_ALE_AUTH_CONNECT_V6 = windows.GUID{
|
||||
Data1: 0x4a72393b,
|
||||
Data2: 0x319f,
|
||||
Data3: 0x44bc,
|
||||
Data4: [8]byte{0x84, 0xc3, 0xba, 0x54, 0xdc, 0xb3, 0xb6, 0xb4},
|
||||
}
|
||||
|
||||
// a3b42c97-9f04-4672-b87e-cee9c483257f
|
||||
var cFWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6 = windows.GUID{
|
||||
Data1: 0xa3b42c97,
|
||||
Data2: 0x9f04,
|
||||
Data3: 0x4672,
|
||||
Data4: [8]byte{0xb8, 0x7e, 0xce, 0xe9, 0xc4, 0x83, 0x25, 0x7f},
|
||||
}
|
||||
|
||||
// 94c44912-9d6f-4ebf-b995-05ab8a088d1b
|
||||
var cFWPM_LAYER_OUTBOUND_MAC_FRAME_NATIVE = windows.GUID{
|
||||
Data1: 0x94c44912,
|
||||
Data2: 0x9d6f,
|
||||
Data3: 0x4ebf,
|
||||
Data4: [8]byte{0xb9, 0x95, 0x05, 0xab, 0x8a, 0x08, 0x8d, 0x1b},
|
||||
}
|
||||
|
||||
// d4220bd3-62ce-4f08-ae88-b56e8526df50
|
||||
var cFWPM_LAYER_INBOUND_MAC_FRAME_NATIVE = windows.GUID{
|
||||
Data1: 0xd4220bd3,
|
||||
Data2: 0x62ce,
|
||||
Data3: 0x4f08,
|
||||
Data4: [8]byte{0xae, 0x88, 0xb5, 0x6e, 0x85, 0x26, 0xdf, 0x50},
|
||||
}
|
||||
|
||||
// FWP_BITMAP_ARRAY64 defined in fwtypes.h
|
||||
type wtFwpBitmapArray64 struct {
|
||||
bitmapArray64 [8]uint8 // Windows type: [8]UINT8
|
||||
}
|
||||
|
||||
// FWP_BYTE_ARRAY6 defined in fwtypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ns-fwptypes-fwp_byte_array6_)
|
||||
type wtFwpByteArray6 struct {
|
||||
byteArray6 [6]uint8 // Windows type: [6]UINT8
|
||||
}
|
||||
|
||||
// FWP_BYTE_ARRAY16 defined in fwptypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ns-fwptypes-fwp_byte_array16_)
|
||||
type wtFwpByteArray16 struct {
|
||||
byteArray16 [16]uint8 // Windows type [16]UINT8
|
||||
}
|
||||
|
||||
// FWP_CONDITION_VALUE0 defined in fwptypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ns-fwptypes-fwp_condition_value0).
|
||||
type wtFwpConditionValue0 wtFwpValue0
|
||||
|
||||
// FWP_DATA_TYPE defined in fwptypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ne-fwptypes-fwp_data_type_)
|
||||
type wtFwpDataType uint
|
||||
|
||||
const (
|
||||
cFWP_EMPTY wtFwpDataType = 0
|
||||
cFWP_UINT8 wtFwpDataType = cFWP_EMPTY + 1
|
||||
cFWP_UINT16 wtFwpDataType = cFWP_UINT8 + 1
|
||||
cFWP_UINT32 wtFwpDataType = cFWP_UINT16 + 1
|
||||
cFWP_UINT64 wtFwpDataType = cFWP_UINT32 + 1
|
||||
cFWP_INT8 wtFwpDataType = cFWP_UINT64 + 1
|
||||
cFWP_INT16 wtFwpDataType = cFWP_INT8 + 1
|
||||
cFWP_INT32 wtFwpDataType = cFWP_INT16 + 1
|
||||
cFWP_INT64 wtFwpDataType = cFWP_INT32 + 1
|
||||
cFWP_FLOAT wtFwpDataType = cFWP_INT64 + 1
|
||||
cFWP_DOUBLE wtFwpDataType = cFWP_FLOAT + 1
|
||||
cFWP_BYTE_ARRAY16_TYPE wtFwpDataType = cFWP_DOUBLE + 1
|
||||
cFWP_BYTE_BLOB_TYPE wtFwpDataType = cFWP_BYTE_ARRAY16_TYPE + 1
|
||||
cFWP_SID wtFwpDataType = cFWP_BYTE_BLOB_TYPE + 1
|
||||
cFWP_SECURITY_DESCRIPTOR_TYPE wtFwpDataType = cFWP_SID + 1
|
||||
cFWP_TOKEN_INFORMATION_TYPE wtFwpDataType = cFWP_SECURITY_DESCRIPTOR_TYPE + 1
|
||||
cFWP_TOKEN_ACCESS_INFORMATION_TYPE wtFwpDataType = cFWP_TOKEN_INFORMATION_TYPE + 1
|
||||
cFWP_UNICODE_STRING_TYPE wtFwpDataType = cFWP_TOKEN_ACCESS_INFORMATION_TYPE + 1
|
||||
cFWP_BYTE_ARRAY6_TYPE wtFwpDataType = cFWP_UNICODE_STRING_TYPE + 1
|
||||
cFWP_BITMAP_INDEX_TYPE wtFwpDataType = cFWP_BYTE_ARRAY6_TYPE + 1
|
||||
cFWP_BITMAP_ARRAY64_TYPE wtFwpDataType = cFWP_BITMAP_INDEX_TYPE + 1
|
||||
cFWP_SINGLE_DATA_TYPE_MAX wtFwpDataType = 0xff
|
||||
cFWP_V4_ADDR_MASK wtFwpDataType = cFWP_SINGLE_DATA_TYPE_MAX + 1
|
||||
cFWP_V6_ADDR_MASK wtFwpDataType = cFWP_V4_ADDR_MASK + 1
|
||||
cFWP_RANGE_TYPE wtFwpDataType = cFWP_V6_ADDR_MASK + 1
|
||||
cFWP_DATA_TYPE_MAX wtFwpDataType = cFWP_RANGE_TYPE + 1
|
||||
)
|
||||
|
||||
// FWP_V4_ADDR_AND_MASK defined in fwptypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ns-fwptypes-fwp_v4_addr_and_mask).
|
||||
type wtFwpV4AddrAndMask struct {
|
||||
addr uint32
|
||||
mask uint32
|
||||
}
|
||||
|
||||
// FWP_V6_ADDR_AND_MASK defined in fwptypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ns-fwptypes-fwp_v6_addr_and_mask).
|
||||
type wtFwpV6AddrAndMask struct {
|
||||
addr [16]uint8
|
||||
prefixLength uint8
|
||||
}
|
||||
|
||||
// FWP_VALUE0 defined in fwptypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ns-fwptypes-fwp_value0_)
|
||||
type wtFwpValue0 struct {
|
||||
_type wtFwpDataType
|
||||
value uintptr
|
||||
}
|
||||
|
||||
// FWPM_DISPLAY_DATA0 defined in fwptypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwptypes/ns-fwptypes-fwpm_display_data0).
|
||||
type wtFwpmDisplayData0 struct {
|
||||
name *uint16 // Windows type: *wchar_t
|
||||
description *uint16 // Windows type: *wchar_t
|
||||
}
|
||||
|
||||
// FWPM_FILTER_CONDITION0 defined in fwpmtypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwpmtypes/ns-fwpmtypes-fwpm_filter_condition0).
|
||||
type wtFwpmFilterCondition0 struct {
|
||||
fieldKey windows.GUID // Windows type: GUID
|
||||
matchType wtFwpMatchType
|
||||
conditionValue wtFwpConditionValue0
|
||||
}
|
||||
|
||||
// FWPM_PROVIDER0 defined in fwpmtypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwpmtypes/ns-fwpmtypes-fwpm_provider0_)
|
||||
type wtFwpProvider0 struct {
|
||||
providerKey windows.GUID // Windows type: GUID
|
||||
displayData wtFwpmDisplayData0
|
||||
flags uint32
|
||||
providerData wtFwpByteBlob
|
||||
serviceName *uint16 // Windows type: *wchar_t
|
||||
}
|
||||
|
||||
type wtFwpmSessionFlagsValue uint32
|
||||
|
||||
const (
|
||||
cFWPM_SESSION_FLAG_DYNAMIC wtFwpmSessionFlagsValue = 0x00000001 // FWPM_SESSION_FLAG_DYNAMIC defined in fwpmtypes.h
|
||||
)
|
||||
|
||||
// FWPM_SESSION0 defined in fwpmtypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwpmtypes/ns-fwpmtypes-fwpm_session0).
|
||||
type wtFwpmSession0 struct {
|
||||
sessionKey windows.GUID // Windows type: GUID
|
||||
displayData wtFwpmDisplayData0
|
||||
flags wtFwpmSessionFlagsValue // Windows type UINT32
|
||||
txnWaitTimeoutInMSec uint32
|
||||
processId uint32 // Windows type: DWORD
|
||||
sid *windows.SID
|
||||
username *uint16 // Windows type: *wchar_t
|
||||
kernelMode uint8 // Windows type: BOOL
|
||||
}
|
||||
|
||||
type wtFwpmSublayerFlags uint32
|
||||
|
||||
const (
|
||||
cFWPM_SUBLAYER_FLAG_PERSISTENT wtFwpmSublayerFlags = 0x00000001 // FWPM_SUBLAYER_FLAG_PERSISTENT defined in fwpmtypes.h
|
||||
)
|
||||
|
||||
// FWPM_SUBLAYER0 defined in fwpmtypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwpmtypes/ns-fwpmtypes-fwpm_sublayer0_)
|
||||
type wtFwpmSublayer0 struct {
|
||||
subLayerKey windows.GUID // Windows type: GUID
|
||||
displayData wtFwpmDisplayData0
|
||||
flags wtFwpmSublayerFlags
|
||||
providerKey *windows.GUID // Windows type: *GUID
|
||||
providerData wtFwpByteBlob
|
||||
weight uint16
|
||||
}
|
||||
|
||||
// Defined in rpcdce.h
|
||||
type wtRpcCAuthN uint32
|
||||
|
||||
const (
|
||||
cRPC_C_AUTHN_NONE wtRpcCAuthN = 0
|
||||
cRPC_C_AUTHN_WINNT wtRpcCAuthN = 10
|
||||
cRPC_C_AUTHN_DEFAULT wtRpcCAuthN = 0xFFFFFFFF
|
||||
)
|
||||
|
||||
// FWPM_PROVIDER0 defined in fwpmtypes.h
|
||||
// (https://docs.microsoft.com/sv-se/windows/desktop/api/fwpmtypes/ns-fwpmtypes-fwpm_provider0).
|
||||
type wtFwpmProvider0 struct {
|
||||
providerKey windows.GUID
|
||||
displayData wtFwpmDisplayData0
|
||||
flags uint32
|
||||
providerData wtFwpByteBlob
|
||||
serviceName *uint16
|
||||
}
|
||||
|
||||
type wtIPProto uint32
|
||||
|
||||
const (
|
||||
cIPPROTO_ICMP wtIPProto = 1
|
||||
cIPPROTO_ICMPV6 wtIPProto = 58
|
||||
cIPPROTO_TCP wtIPProto = 6
|
||||
cIPPROTO_UDP wtIPProto = 17
|
||||
)
|
||||
|
||||
const (
|
||||
cFWP_ACTRL_MATCH_FILTER = 1
|
||||
)
|
|
@ -0,0 +1,90 @@
|
|||
// +build windows,386 windows,arm
|
||||
|
||||
/* SPDX-License-Identifier: MIT
|
||||
*
|
||||
* Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
|
||||
*/
|
||||
|
||||
package firewall
|
||||
|
||||
import "golang.org/x/sys/windows"
|
||||
|
||||
const (
|
||||
wtFwpByteBlob_Size = 8
|
||||
wtFwpByteBlob_data_Offset = 4
|
||||
|
||||
wtFwpConditionValue0_Size = 8
|
||||
wtFwpConditionValue0_uint8_Offset = 4
|
||||
|
||||
wtFwpmDisplayData0_Size = 8
|
||||
wtFwpmDisplayData0_description_Offset = 4
|
||||
|
||||
wtFwpmFilter0_Size = 152
|
||||
wtFwpmFilter0_displayData_Offset = 16
|
||||
wtFwpmFilter0_flags_Offset = 24
|
||||
wtFwpmFilter0_providerKey_Offset = 28
|
||||
wtFwpmFilter0_providerData_Offset = 32
|
||||
wtFwpmFilter0_layerKey_Offset = 40
|
||||
wtFwpmFilter0_subLayerKey_Offset = 56
|
||||
wtFwpmFilter0_weight_Offset = 72
|
||||
wtFwpmFilter0_numFilterConditions_Offset = 80
|
||||
wtFwpmFilter0_filterCondition_Offset = 84
|
||||
wtFwpmFilter0_action_Offset = 88
|
||||
wtFwpmFilter0_providerContextKey_Offset = 112
|
||||
wtFwpmFilter0_reserved_Offset = 128
|
||||
wtFwpmFilter0_filterID_Offset = 136
|
||||
wtFwpmFilter0_effectiveWeight_Offset = 144
|
||||
|
||||
wtFwpmFilterCondition0_Size = 28
|
||||
wtFwpmFilterCondition0_matchType_Offset = 16
|
||||
wtFwpmFilterCondition0_conditionValue_Offset = 20
|
||||
|
||||
wtFwpmSession0_Size = 48
|
||||
wtFwpmSession0_displayData_Offset = 16
|
||||
wtFwpmSession0_flags_Offset = 24
|
||||
wtFwpmSession0_txnWaitTimeoutInMSec_Offset = 28
|
||||
wtFwpmSession0_processId_Offset = 32
|
||||
wtFwpmSession0_sid_Offset = 36
|
||||
wtFwpmSession0_username_Offset = 40
|
||||
wtFwpmSession0_kernelMode_Offset = 44
|
||||
|
||||
wtFwpmSublayer0_Size = 44
|
||||
wtFwpmSublayer0_displayData_Offset = 16
|
||||
wtFwpmSublayer0_flags_Offset = 24
|
||||
wtFwpmSublayer0_providerKey_Offset = 28
|
||||
wtFwpmSublayer0_providerData_Offset = 32
|
||||
wtFwpmSublayer0_weight_Offset = 40
|
||||
|
||||
wtFwpProvider0_Size = 40
|
||||
wtFwpProvider0_displayData_Offset = 16
|
||||
wtFwpProvider0_flags_Offset = 24
|
||||
wtFwpProvider0_providerData_Offset = 28
|
||||
wtFwpProvider0_serviceName_Offset = 36
|
||||
|
||||
wtFwpTokenInformation_Size = 16
|
||||
|
||||
wtFwpValue0_Size = 8
|
||||
wtFwpValue0_value_Offset = 4
|
||||
)
|
||||
|
||||
// FWPM_FILTER0 defined in fwpmtypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwpmtypes/ns-fwpmtypes-fwpm_filter0).
|
||||
type wtFwpmFilter0 struct {
|
||||
filterKey windows.GUID // Windows type: GUID
|
||||
displayData wtFwpmDisplayData0
|
||||
flags wtFwpmFilterFlags
|
||||
providerKey *windows.GUID // Windows type: *GUID
|
||||
providerData wtFwpByteBlob
|
||||
layerKey windows.GUID // Windows type: GUID
|
||||
subLayerKey windows.GUID // Windows type: GUID
|
||||
weight wtFwpValue0
|
||||
numFilterConditions uint32
|
||||
filterCondition *wtFwpmFilterCondition0
|
||||
action wtFwpmAction0
|
||||
offset1 [4]byte // Layout correction field
|
||||
providerContextKey windows.GUID // Windows type: GUID
|
||||
reserved *windows.GUID // Windows type: *GUID
|
||||
offset2 [4]byte // Layout correction field
|
||||
filterID uint64
|
||||
effectiveWeight wtFwpValue0
|
||||
}
|
|
@ -0,0 +1,87 @@
|
|||
// +build windows,amd64 windows,arm64
|
||||
|
||||
/* SPDX-License-Identifier: MIT
|
||||
*
|
||||
* Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
|
||||
*/
|
||||
|
||||
package firewall
|
||||
|
||||
import "golang.org/x/sys/windows"
|
||||
|
||||
const (
|
||||
wtFwpByteBlob_Size = 16
|
||||
wtFwpByteBlob_data_Offset = 8
|
||||
|
||||
wtFwpConditionValue0_Size = 16
|
||||
wtFwpConditionValue0_uint8_Offset = 8
|
||||
|
||||
wtFwpmDisplayData0_Size = 16
|
||||
wtFwpmDisplayData0_description_Offset = 8
|
||||
|
||||
wtFwpmFilter0_Size = 200
|
||||
wtFwpmFilter0_displayData_Offset = 16
|
||||
wtFwpmFilter0_flags_Offset = 32
|
||||
wtFwpmFilter0_providerKey_Offset = 40
|
||||
wtFwpmFilter0_providerData_Offset = 48
|
||||
wtFwpmFilter0_layerKey_Offset = 64
|
||||
wtFwpmFilter0_subLayerKey_Offset = 80
|
||||
wtFwpmFilter0_weight_Offset = 96
|
||||
wtFwpmFilter0_numFilterConditions_Offset = 112
|
||||
wtFwpmFilter0_filterCondition_Offset = 120
|
||||
wtFwpmFilter0_action_Offset = 128
|
||||
wtFwpmFilter0_providerContextKey_Offset = 152
|
||||
wtFwpmFilter0_reserved_Offset = 168
|
||||
wtFwpmFilter0_filterID_Offset = 176
|
||||
wtFwpmFilter0_effectiveWeight_Offset = 184
|
||||
|
||||
wtFwpmFilterCondition0_Size = 40
|
||||
wtFwpmFilterCondition0_matchType_Offset = 16
|
||||
wtFwpmFilterCondition0_conditionValue_Offset = 24
|
||||
|
||||
wtFwpmSession0_Size = 72
|
||||
wtFwpmSession0_displayData_Offset = 16
|
||||
wtFwpmSession0_flags_Offset = 32
|
||||
wtFwpmSession0_txnWaitTimeoutInMSec_Offset = 36
|
||||
wtFwpmSession0_processId_Offset = 40
|
||||
wtFwpmSession0_sid_Offset = 48
|
||||
wtFwpmSession0_username_Offset = 56
|
||||
wtFwpmSession0_kernelMode_Offset = 64
|
||||
|
||||
wtFwpmSublayer0_Size = 72
|
||||
wtFwpmSublayer0_displayData_Offset = 16
|
||||
wtFwpmSublayer0_flags_Offset = 32
|
||||
wtFwpmSublayer0_providerKey_Offset = 40
|
||||
wtFwpmSublayer0_providerData_Offset = 48
|
||||
wtFwpmSublayer0_weight_Offset = 64
|
||||
|
||||
wtFwpProvider0_Size = 64
|
||||
wtFwpProvider0_displayData_Offset = 16
|
||||
wtFwpProvider0_flags_Offset = 32
|
||||
wtFwpProvider0_providerData_Offset = 40
|
||||
wtFwpProvider0_serviceName_Offset = 56
|
||||
|
||||
wtFwpValue0_Size = 16
|
||||
wtFwpValue0_value_Offset = 8
|
||||
)
|
||||
|
||||
// FWPM_FILTER0 defined in fwpmtypes.h
|
||||
// (https://docs.microsoft.com/en-us/windows/desktop/api/fwpmtypes/ns-fwpmtypes-fwpm_filter0).
|
||||
type wtFwpmFilter0 struct {
|
||||
filterKey windows.GUID // Windows type: GUID
|
||||
displayData wtFwpmDisplayData0
|
||||
flags wtFwpmFilterFlags // Windows type: UINT32
|
||||
providerKey *windows.GUID // Windows type: *GUID
|
||||
providerData wtFwpByteBlob
|
||||
layerKey windows.GUID // Windows type: GUID
|
||||
subLayerKey windows.GUID // Windows type: GUID
|
||||
weight wtFwpValue0
|
||||
numFilterConditions uint32
|
||||
filterCondition *wtFwpmFilterCondition0
|
||||
action wtFwpmAction0
|
||||
offset1 [4]byte // Layout correction field
|
||||
providerContextKey windows.GUID // Windows type: GUID
|
||||
reserved *windows.GUID // Windows type: *GUID
|
||||
filterID uint64
|
||||
effectiveWeight wtFwpValue0
|
||||
}
|
|
@ -0,0 +1,540 @@
|
|||
// +build windows
|
||||
|
||||
/* SPDX-License-Identifier: MIT
|
||||
*
|
||||
* Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
|
||||
*/
|
||||
|
||||
package firewall
|
||||
|
||||
import (
|
||||
"testing"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
func TestWtFwpByteBlobSize(t *testing.T) {
|
||||
|
||||
const actualWtFwpByteBlobSize = unsafe.Sizeof(wtFwpByteBlob{})
|
||||
|
||||
if actualWtFwpByteBlobSize != wtFwpByteBlob_Size {
|
||||
t.Errorf("Size of FwpByteBlob is %d, although %d is expected.", actualWtFwpByteBlobSize,
|
||||
wtFwpByteBlob_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpByteBlobOffsets(t *testing.T) {
|
||||
|
||||
s := wtFwpByteBlob{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.data)) - sp
|
||||
|
||||
if offset != wtFwpByteBlob_data_Offset {
|
||||
t.Errorf("FwpByteBlob.data offset is %d although %d is expected", offset, wtFwpByteBlob_data_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmAction0Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpmAction0Size = unsafe.Sizeof(wtFwpmAction0{})
|
||||
|
||||
if actualWtFwpmAction0Size != wtFwpmAction0_Size {
|
||||
t.Errorf("Size of wtFwpmAction0 is %d, although %d is expected.", actualWtFwpmAction0Size,
|
||||
wtFwpmAction0_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmAction0Offsets(t *testing.T) {
|
||||
|
||||
s := wtFwpmAction0{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.filterType)) - sp
|
||||
|
||||
if offset != wtFwpmAction0_filterType_Offset {
|
||||
t.Errorf("wtFwpmAction0.filterType offset is %d although %d is expected", offset,
|
||||
wtFwpmAction0_filterType_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpBitmapArray64Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpBitmapArray64Size = unsafe.Sizeof(wtFwpBitmapArray64{})
|
||||
|
||||
if actualWtFwpBitmapArray64Size != wtFwpBitmapArray64_Size {
|
||||
t.Errorf("Size of wtFwpBitmapArray64 is %d, although %d is expected.", actualWtFwpBitmapArray64Size,
|
||||
wtFwpBitmapArray64_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpByteArray6Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpByteArray6Size = unsafe.Sizeof(wtFwpByteArray6{})
|
||||
|
||||
if actualWtFwpByteArray6Size != wtFwpByteArray6_Size {
|
||||
t.Errorf("Size of wtFwpByteArray6 is %d, although %d is expected.", actualWtFwpByteArray6Size,
|
||||
wtFwpByteArray6_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpByteArray16Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpByteArray16Size = unsafe.Sizeof(wtFwpByteArray16{})
|
||||
|
||||
if actualWtFwpByteArray16Size != wtFwpByteArray16_Size {
|
||||
t.Errorf("Size of wtFwpByteArray16 is %d, although %d is expected.", actualWtFwpByteArray16Size,
|
||||
wtFwpByteArray16_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpConditionValue0Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpConditionValue0Size = unsafe.Sizeof(wtFwpConditionValue0{})
|
||||
|
||||
if actualWtFwpConditionValue0Size != wtFwpConditionValue0_Size {
|
||||
t.Errorf("Size of wtFwpConditionValue0 is %d, although %d is expected.", actualWtFwpConditionValue0Size,
|
||||
wtFwpConditionValue0_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpConditionValue0Offsets(t *testing.T) {
|
||||
|
||||
s := wtFwpConditionValue0{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.value)) - sp
|
||||
|
||||
if offset != wtFwpConditionValue0_uint8_Offset {
|
||||
t.Errorf("wtFwpConditionValue0.value offset is %d although %d is expected", offset, wtFwpConditionValue0_uint8_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpV4AddrAndMaskSize(t *testing.T) {
|
||||
|
||||
const actualWtFwpV4AddrAndMaskSize = unsafe.Sizeof(wtFwpV4AddrAndMask{})
|
||||
|
||||
if actualWtFwpV4AddrAndMaskSize != wtFwpV4AddrAndMask_Size {
|
||||
t.Errorf("Size of wtFwpV4AddrAndMask is %d, although %d is expected.", actualWtFwpV4AddrAndMaskSize,
|
||||
wtFwpV4AddrAndMask_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpV4AddrAndMaskOffsets(t *testing.T) {
|
||||
|
||||
s := wtFwpV4AddrAndMask{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.mask)) - sp
|
||||
|
||||
if offset != wtFwpV4AddrAndMask_mask_Offset {
|
||||
t.Errorf("wtFwpV4AddrAndMask.mask offset is %d although %d is expected", offset,
|
||||
wtFwpV4AddrAndMask_mask_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpV6AddrAndMaskSize(t *testing.T) {
|
||||
|
||||
const actualWtFwpV6AddrAndMaskSize = unsafe.Sizeof(wtFwpV6AddrAndMask{})
|
||||
|
||||
if actualWtFwpV6AddrAndMaskSize != wtFwpV6AddrAndMask_Size {
|
||||
t.Errorf("Size of wtFwpV6AddrAndMask is %d, although %d is expected.", actualWtFwpV6AddrAndMaskSize,
|
||||
wtFwpV6AddrAndMask_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpV6AddrAndMaskOffsets(t *testing.T) {
|
||||
|
||||
s := wtFwpV6AddrAndMask{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.prefixLength)) - sp
|
||||
|
||||
if offset != wtFwpV6AddrAndMask_prefixLength_Offset {
|
||||
t.Errorf("wtFwpV6AddrAndMask.prefixLength offset is %d although %d is expected", offset,
|
||||
wtFwpV6AddrAndMask_prefixLength_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpValue0Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpValue0Size = unsafe.Sizeof(wtFwpValue0{})
|
||||
|
||||
if actualWtFwpValue0Size != wtFwpValue0_Size {
|
||||
t.Errorf("Size of wtFwpValue0 is %d, although %d is expected.", actualWtFwpValue0Size, wtFwpValue0_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpValue0Offsets(t *testing.T) {
|
||||
|
||||
s := wtFwpValue0{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.value)) - sp
|
||||
|
||||
if offset != wtFwpValue0_value_Offset {
|
||||
t.Errorf("wtFwpValue0.value offset is %d although %d is expected", offset, wtFwpValue0_value_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmDisplayData0Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpmDisplayData0Size = unsafe.Sizeof(wtFwpmDisplayData0{})
|
||||
|
||||
if actualWtFwpmDisplayData0Size != wtFwpmDisplayData0_Size {
|
||||
t.Errorf("Size of wtFwpmDisplayData0 is %d, although %d is expected.", actualWtFwpmDisplayData0Size,
|
||||
wtFwpmDisplayData0_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmDisplayData0Offsets(t *testing.T) {
|
||||
|
||||
s := wtFwpmDisplayData0{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.description)) - sp
|
||||
|
||||
if offset != wtFwpmDisplayData0_description_Offset {
|
||||
t.Errorf("wtFwpmDisplayData0.description offset is %d although %d is expected", offset,
|
||||
wtFwpmDisplayData0_description_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmFilterCondition0Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpmFilterCondition0Size = unsafe.Sizeof(wtFwpmFilterCondition0{})
|
||||
|
||||
if actualWtFwpmFilterCondition0Size != wtFwpmFilterCondition0_Size {
|
||||
t.Errorf("Size of wtFwpmFilterCondition0 is %d, although %d is expected.",
|
||||
actualWtFwpmFilterCondition0Size, wtFwpmFilterCondition0_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmFilterCondition0Offsets(t *testing.T) {
|
||||
|
||||
s := wtFwpmFilterCondition0{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.matchType)) - sp
|
||||
|
||||
if offset != wtFwpmFilterCondition0_matchType_Offset {
|
||||
t.Errorf("wtFwpmFilterCondition0.matchType offset is %d although %d is expected", offset,
|
||||
wtFwpmFilterCondition0_matchType_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.conditionValue)) - sp
|
||||
|
||||
if offset != wtFwpmFilterCondition0_conditionValue_Offset {
|
||||
t.Errorf("wtFwpmFilterCondition0.conditionValue offset is %d although %d is expected", offset,
|
||||
wtFwpmFilterCondition0_conditionValue_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmFilter0Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpmFilter0Size = unsafe.Sizeof(wtFwpmFilter0{})
|
||||
|
||||
if actualWtFwpmFilter0Size != wtFwpmFilter0_Size {
|
||||
t.Errorf("Size of wtFwpmFilter0 is %d, although %d is expected.", actualWtFwpmFilter0Size,
|
||||
wtFwpmFilter0_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmFilter0Offsets(t *testing.T) {
|
||||
|
||||
s := wtFwpmFilter0{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.displayData)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_displayData_Offset {
|
||||
t.Errorf("wtFwpmFilter0.displayData offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_displayData_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.flags)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_flags_Offset {
|
||||
t.Errorf("wtFwpmFilter0.flags offset is %d although %d is expected", offset, wtFwpmFilter0_flags_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.providerKey)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_providerKey_Offset {
|
||||
t.Errorf("wtFwpmFilter0.providerKey offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_providerKey_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.providerData)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_providerData_Offset {
|
||||
t.Errorf("wtFwpmFilter0.providerData offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_providerData_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.layerKey)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_layerKey_Offset {
|
||||
t.Errorf("wtFwpmFilter0.layerKey offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_layerKey_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.subLayerKey)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_subLayerKey_Offset {
|
||||
t.Errorf("wtFwpmFilter0.subLayerKey offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_subLayerKey_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.weight)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_weight_Offset {
|
||||
t.Errorf("wtFwpmFilter0.weight offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_weight_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.numFilterConditions)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_numFilterConditions_Offset {
|
||||
t.Errorf("wtFwpmFilter0.numFilterConditions offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_numFilterConditions_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.filterCondition)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_filterCondition_Offset {
|
||||
t.Errorf("wtFwpmFilter0.filterCondition offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_filterCondition_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.action)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_action_Offset {
|
||||
t.Errorf("wtFwpmFilter0.action offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_action_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.providerContextKey)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_providerContextKey_Offset {
|
||||
t.Errorf("wtFwpmFilter0.providerContextKey offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_providerContextKey_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.reserved)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_reserved_Offset {
|
||||
t.Errorf("wtFwpmFilter0.reserved offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_reserved_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.filterID)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_filterID_Offset {
|
||||
t.Errorf("wtFwpmFilter0.filterID offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_filterID_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.effectiveWeight)) - sp
|
||||
|
||||
if offset != wtFwpmFilter0_effectiveWeight_Offset {
|
||||
t.Errorf("wtFwpmFilter0.effectiveWeight offset is %d although %d is expected", offset,
|
||||
wtFwpmFilter0_effectiveWeight_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpProvider0Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpProvider0Size = unsafe.Sizeof(wtFwpProvider0{})
|
||||
|
||||
if actualWtFwpProvider0Size != wtFwpProvider0_Size {
|
||||
t.Errorf("Size of wtFwpProvider0 is %d, although %d is expected.", actualWtFwpProvider0Size,
|
||||
wtFwpProvider0_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpProvider0Offsets(t *testing.T) {
|
||||
|
||||
s := wtFwpProvider0{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.displayData)) - sp
|
||||
|
||||
if offset != wtFwpProvider0_displayData_Offset {
|
||||
t.Errorf("wtFwpProvider0.displayData offset is %d although %d is expected", offset,
|
||||
wtFwpProvider0_displayData_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.flags)) - sp
|
||||
|
||||
if offset != wtFwpProvider0_flags_Offset {
|
||||
t.Errorf("wtFwpProvider0.flags offset is %d although %d is expected", offset,
|
||||
wtFwpProvider0_flags_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.providerData)) - sp
|
||||
|
||||
if offset != wtFwpProvider0_providerData_Offset {
|
||||
t.Errorf("wtFwpProvider0.providerData offset is %d although %d is expected", offset,
|
||||
wtFwpProvider0_providerData_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.serviceName)) - sp
|
||||
|
||||
if offset != wtFwpProvider0_serviceName_Offset {
|
||||
t.Errorf("wtFwpProvider0.serviceName offset is %d although %d is expected", offset,
|
||||
wtFwpProvider0_serviceName_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmSession0Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpmSession0Size = unsafe.Sizeof(wtFwpmSession0{})
|
||||
|
||||
if actualWtFwpmSession0Size != wtFwpmSession0_Size {
|
||||
t.Errorf("Size of wtFwpmSession0 is %d, although %d is expected.", actualWtFwpmSession0Size,
|
||||
wtFwpmSession0_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmSession0Offsets(t *testing.T) {
|
||||
|
||||
s := wtFwpmSession0{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.displayData)) - sp
|
||||
|
||||
if offset != wtFwpmSession0_displayData_Offset {
|
||||
t.Errorf("wtFwpmSession0.displayData offset is %d although %d is expected", offset,
|
||||
wtFwpmSession0_displayData_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.flags)) - sp
|
||||
|
||||
if offset != wtFwpmSession0_flags_Offset {
|
||||
t.Errorf("wtFwpmSession0.flags offset is %d although %d is expected", offset, wtFwpmSession0_flags_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.txnWaitTimeoutInMSec)) - sp
|
||||
|
||||
if offset != wtFwpmSession0_txnWaitTimeoutInMSec_Offset {
|
||||
t.Errorf("wtFwpmSession0.txnWaitTimeoutInMSec offset is %d although %d is expected", offset,
|
||||
wtFwpmSession0_txnWaitTimeoutInMSec_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.processId)) - sp
|
||||
|
||||
if offset != wtFwpmSession0_processId_Offset {
|
||||
t.Errorf("wtFwpmSession0.processId offset is %d although %d is expected", offset,
|
||||
wtFwpmSession0_processId_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.sid)) - sp
|
||||
|
||||
if offset != wtFwpmSession0_sid_Offset {
|
||||
t.Errorf("wtFwpmSession0.sid offset is %d although %d is expected", offset, wtFwpmSession0_sid_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.username)) - sp
|
||||
|
||||
if offset != wtFwpmSession0_username_Offset {
|
||||
t.Errorf("wtFwpmSession0.username offset is %d although %d is expected", offset,
|
||||
wtFwpmSession0_username_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.kernelMode)) - sp
|
||||
|
||||
if offset != wtFwpmSession0_kernelMode_Offset {
|
||||
t.Errorf("wtFwpmSession0.kernelMode offset is %d although %d is expected", offset,
|
||||
wtFwpmSession0_kernelMode_Offset)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmSublayer0Size(t *testing.T) {
|
||||
|
||||
const actualWtFwpmSublayer0Size = unsafe.Sizeof(wtFwpmSublayer0{})
|
||||
|
||||
if actualWtFwpmSublayer0Size != wtFwpmSublayer0_Size {
|
||||
t.Errorf("Size of wtFwpmSublayer0 is %d, although %d is expected.", actualWtFwpmSublayer0Size,
|
||||
wtFwpmSublayer0_Size)
|
||||
}
|
||||
}
|
||||
|
||||
func TestWtFwpmSublayer0Offsets(t *testing.T) {
|
||||
|
||||
s := wtFwpmSublayer0{}
|
||||
sp := uintptr(unsafe.Pointer(&s))
|
||||
|
||||
offset := uintptr(unsafe.Pointer(&s.displayData)) - sp
|
||||
|
||||
if offset != wtFwpmSublayer0_displayData_Offset {
|
||||
t.Errorf("wtFwpmSublayer0.displayData offset is %d although %d is expected", offset,
|
||||
wtFwpmSublayer0_displayData_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.flags)) - sp
|
||||
|
||||
if offset != wtFwpmSublayer0_flags_Offset {
|
||||
t.Errorf("wtFwpmSublayer0.flags offset is %d although %d is expected", offset,
|
||||
wtFwpmSublayer0_flags_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.providerKey)) - sp
|
||||
|
||||
if offset != wtFwpmSublayer0_providerKey_Offset {
|
||||
t.Errorf("wtFwpmSublayer0.providerKey offset is %d although %d is expected", offset,
|
||||
wtFwpmSublayer0_providerKey_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.providerData)) - sp
|
||||
|
||||
if offset != wtFwpmSublayer0_providerData_Offset {
|
||||
t.Errorf("wtFwpmSublayer0.providerData offset is %d although %d is expected", offset,
|
||||
wtFwpmSublayer0_providerData_Offset)
|
||||
return
|
||||
}
|
||||
|
||||
offset = uintptr(unsafe.Pointer(&s.weight)) - sp
|
||||
|
||||
if offset != wtFwpmSublayer0_weight_Offset {
|
||||
t.Errorf("wtFwpmSublayer0.weight offset is %d although %d is expected", offset,
|
||||
wtFwpmSublayer0_weight_Offset)
|
||||
return
|
||||
}
|
||||
}
|
|
@ -0,0 +1,132 @@
|
|||
// +build windows
|
||||
|
||||
// Code generated by 'go generate'; DO NOT EDIT.
|
||||
|
||||
package firewall
|
||||
|
||||
import (
|
||||
"syscall"
|
||||
"unsafe"
|
||||
|
||||
"golang.org/x/sys/windows"
|
||||
)
|
||||
|
||||
var _ unsafe.Pointer
|
||||
|
||||
// Do the interface allocations only once for common
|
||||
// Errno values.
|
||||
const (
|
||||
errnoERROR_IO_PENDING = 997
|
||||
)
|
||||
|
||||
var (
|
||||
errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING)
|
||||
errERROR_EINVAL error = syscall.EINVAL
|
||||
)
|
||||
|
||||
// errnoErr returns common boxed Errno values, to prevent
|
||||
// allocations at runtime.
|
||||
func errnoErr(e syscall.Errno) error {
|
||||
switch e {
|
||||
case 0:
|
||||
return errERROR_EINVAL
|
||||
case errnoERROR_IO_PENDING:
|
||||
return errERROR_IO_PENDING
|
||||
}
|
||||
// TODO: add more here, after collecting data on the common
|
||||
// error values see on Windows. (perhaps when running
|
||||
// all.bat?)
|
||||
return e
|
||||
}
|
||||
|
||||
var (
|
||||
modfwpuclnt = windows.NewLazySystemDLL("fwpuclnt.dll")
|
||||
|
||||
procFwpmEngineClose0 = modfwpuclnt.NewProc("FwpmEngineClose0")
|
||||
procFwpmEngineOpen0 = modfwpuclnt.NewProc("FwpmEngineOpen0")
|
||||
procFwpmFilterAdd0 = modfwpuclnt.NewProc("FwpmFilterAdd0")
|
||||
procFwpmFreeMemory0 = modfwpuclnt.NewProc("FwpmFreeMemory0")
|
||||
procFwpmGetAppIdFromFileName0 = modfwpuclnt.NewProc("FwpmGetAppIdFromFileName0")
|
||||
procFwpmProviderAdd0 = modfwpuclnt.NewProc("FwpmProviderAdd0")
|
||||
procFwpmSubLayerAdd0 = modfwpuclnt.NewProc("FwpmSubLayerAdd0")
|
||||
procFwpmTransactionAbort0 = modfwpuclnt.NewProc("FwpmTransactionAbort0")
|
||||
procFwpmTransactionBegin0 = modfwpuclnt.NewProc("FwpmTransactionBegin0")
|
||||
procFwpmTransactionCommit0 = modfwpuclnt.NewProc("FwpmTransactionCommit0")
|
||||
)
|
||||
|
||||
func fwpmEngineClose0(engineHandle uintptr) (err error) {
|
||||
r1, _, e1 := syscall.Syscall(procFwpmEngineClose0.Addr(), 1, uintptr(engineHandle), 0, 0)
|
||||
if r1 != 0 {
|
||||
err = errnoErr(e1)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func fwpmEngineOpen0(serverName *uint16, authnService wtRpcCAuthN, authIdentity *uintptr, session *wtFwpmSession0, engineHandle unsafe.Pointer) (err error) {
|
||||
r1, _, e1 := syscall.Syscall6(procFwpmEngineOpen0.Addr(), 5, uintptr(unsafe.Pointer(serverName)), uintptr(authnService), uintptr(unsafe.Pointer(authIdentity)), uintptr(unsafe.Pointer(session)), uintptr(engineHandle), 0)
|
||||
if r1 != 0 {
|
||||
err = errnoErr(e1)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func fwpmFilterAdd0(engineHandle uintptr, filter *wtFwpmFilter0, sd uintptr, id *uint64) (err error) {
|
||||
r1, _, e1 := syscall.Syscall6(procFwpmFilterAdd0.Addr(), 4, uintptr(engineHandle), uintptr(unsafe.Pointer(filter)), uintptr(sd), uintptr(unsafe.Pointer(id)), 0, 0)
|
||||
if r1 != 0 {
|
||||
err = errnoErr(e1)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func fwpmFreeMemory0(p unsafe.Pointer) {
|
||||
syscall.Syscall(procFwpmFreeMemory0.Addr(), 1, uintptr(p), 0, 0)
|
||||
return
|
||||
}
|
||||
|
||||
func fwpmGetAppIdFromFileName0(fileName *uint16, appID unsafe.Pointer) (err error) {
|
||||
r1, _, e1 := syscall.Syscall(procFwpmGetAppIdFromFileName0.Addr(), 2, uintptr(unsafe.Pointer(fileName)), uintptr(appID), 0)
|
||||
if r1 != 0 {
|
||||
err = errnoErr(e1)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func fwpmProviderAdd0(engineHandle uintptr, provider *wtFwpmProvider0, sd uintptr) (err error) {
|
||||
r1, _, e1 := syscall.Syscall(procFwpmProviderAdd0.Addr(), 3, uintptr(engineHandle), uintptr(unsafe.Pointer(provider)), uintptr(sd))
|
||||
if r1 != 0 {
|
||||
err = errnoErr(e1)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func fwpmSubLayerAdd0(engineHandle uintptr, subLayer *wtFwpmSublayer0, sd uintptr) (err error) {
|
||||
r1, _, e1 := syscall.Syscall(procFwpmSubLayerAdd0.Addr(), 3, uintptr(engineHandle), uintptr(unsafe.Pointer(subLayer)), uintptr(sd))
|
||||
if r1 != 0 {
|
||||
err = errnoErr(e1)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func fwpmTransactionAbort0(engineHandle uintptr) (err error) {
|
||||
r1, _, e1 := syscall.Syscall(procFwpmTransactionAbort0.Addr(), 1, uintptr(engineHandle), 0, 0)
|
||||
if r1 != 0 {
|
||||
err = errnoErr(e1)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func fwpmTransactionBegin0(engineHandle uintptr, flags uint32) (err error) {
|
||||
r1, _, e1 := syscall.Syscall(procFwpmTransactionBegin0.Addr(), 2, uintptr(engineHandle), uintptr(flags), 0)
|
||||
if r1 != 0 {
|
||||
err = errnoErr(e1)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func fwpmTransactionCommit0(engineHandle uintptr) (err error) {
|
||||
r1, _, e1 := syscall.Syscall(procFwpmTransactionCommit0.Addr(), 1, uintptr(engineHandle), 0, 0)
|
||||
if r1 != 0 {
|
||||
err = errnoErr(e1)
|
||||
}
|
||||
return
|
||||
}
|
Loading…
Reference in New Issue