关于“手动SA键控”的问题示例MSDN [英] Question on "Manual SA keying" example MSDN

问题描述

您好。我有一个例子问题  http：// msdn。 microsoft.com/en-us/library/windows/desktop/bb451820(v=vs.85).aspx 。在功能 

Hello. Im have a question by example http://msdn.microsoft.com/en-us/library/windows/desktop/bb451820(v=vs.85).aspx. In function 

AddInboundSa have next code 

filter.action.type = FWP_ACTION_CALLOUT_TERMINATING;

在计算机运行之后实现此代码ping消失。据我所知，我需要一个callout驱动程序，它允许或允许IP数据包。我是正确的？或者只提供在顶部链接中描述的用户模式？

After implementing this code ping between computers when they running disappears. As I understand it I need have a callout driver, which was allow or permit IP packets. I'm right? Or enought only user mode which describes in top link?

还有一个问题：  AddInboundSa 有输入参数" __ in
const FWP_BYTE_BLOB * authKey "。哪些数据必须包含此参数？

And one more question: AddInboundSa has input parameter "__in const FWP_BYTE_BLOB* authKey". What data must contain this parameter?

推荐答案

过滤器将使用内置-in callout，如以下行中的最后一行所示：

the filter will be using the built-in callout as indicated in the last of the following lines:

   filter.action.type = FWP_ACTION_CALLOUT_TERMINATING;   // Add the inbound filter.   filter.layerKey = FWPM_LAYER_INBOUND_TRANSPORT_V4;   filter.action.calloutKey = FWPM_CALLOUT_IPSEC_INBOUND_TRANSPORT_V4;

authKey就是用于验证算法的密钥。这只是存储为ByteBlob。

The authKey is just that, the key used for the authentication algorithm. This is just stored as a ByteBlob.

使用"NetSh.exe WFP显示状态"从策略转储的一个示例：

An example of one dumped from policy using "NetSh.exe WFP Show State":

         < authKey>

         < data> 0000000000000000000000000000000000000000< / data>&
         < asString> ................. ...< / asString>       < / authKey>

        <authKey>
         <data>0000000000000000000000000000000000000000</data>
         <asString>....................</asString>
        </authKey>

希望这会有所帮助，

这篇关于关于“手动SA键控”的问题示例MSDN的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！