Expand Minimize

IPSEC_TRAFFIC1 structure

The IPSEC_TRAFFIC1 structure specifies parameters to describe IPsec traffic.

Note  IPSEC_TRAFFIC1 is the specific implementation of IPSEC_TRAFFIC used in Windows 7 and later. See WFP Version-Independent Names and Targeting Specific Versions of Windows for more information. For Windows Vista, IPSEC_TRAFFIC0 is available.

Syntax


typedef struct IPSEC_TRAFFIC1_ {
  FWP_IP_VERSION     ipVersion;
  union {
    UINT32 localV4Address;
    UINT8  localV6Address[16];
  };
  union {
    UINT32 remoteV4Address;
    UINT8  remoteV6Address[16];
  };
  IPSEC_TRAFFIC_TYPE trafficType;
  union {
    UINT64 ipsecFilterId;
    UINT64 tunnelPolicyId;
  };
  UINT16             remotePort;
  UINT16             localPort;
  UINT8              ipProtocol;
  UINT64             localIfLuid;
  UINT32             realIfProfileId;
} IPSEC_TRAFFIC1;

Members

ipVersion

An FWP_IP_VERSION value that specifies the IP version. In tunnel mode, this is the version of the outer header.

localV4Address

The local IPv4 address of the IPsec traffic. In tunnel mode, this is the local tunnel endpoint.

Specified when ipVersion is FWP_IP_VERSION_V4.

localV6Address

The local IPv6 address of the IPsec traffic. In tunnel mode, this is the local tunnel endpoint.

Specified when ipVersion is FWP_IP_VERSION_V6.

remoteV4Address

The remote IPv4 address of the IPsec traffic. In tunnel mode, this is the remote tunnel endpoint.

Specified when ipVersion is FWP_IP_VERSION_V4.

remoteV6Address

The remote IPv6 address of the IPsec traffic. In tunnel mode, this is the remote tunnel endpoint.

Specified when ipVersion is FWP_IP_VERSION_V6.

trafficType

Type of IPsec traffic.

See IPSEC_TRAFFIC_TYPE for more information.

ipsecFilterId

The LUID of the FWPS transport layer filter corresponding to this traffic.

Available if trafficType is IPSEC_TRAFFIC_TYPE_TRANSPORT.

tunnelPolicyId

The LUID of the associated Quick Mode (QM) tunnel policy.

Available if trafficType is IPSEC_TRAFFIC_TYPE_TUNNEL.

remotePort

The remote TCP/UDP port for this traffic. This is used when the remote port condition in the transport layer filter is more generic than the actual remote port.

localPort

The local TCP/UDP port for this traffic. This is used when the local port condition in the transport layer filter is more generic than the actual local port.

ipProtocol

The IP protocol for this traffic. This is used when the IP protocol condition in the transport layer filter is more generic than the actual IP protocol.

localIfLuid

The LUID of the local interface corresponding to the local address specified above.

realIfProfileId

The profile ID corresponding to the actual interface that the traffic is using.

Remarks

The IPSEC_TRAFFIC1 type describes the characteristics of the traffic that will match the SA.

For IPsec transport mode, the localV*Address and remoteV*Address members specify the IP addresses. The ipsecFilterId member specifies (as part of the transport layer filter conditions) the transport protocol information (such as IP protocol, ports, etc), of the matching traffic. However, if the localPort, remotePort, or ipProtocol member is nonzero, its value will override the corresponding value specified in the transport layer filter.

For IPsec tunnel mode, the localV*Address and remoteV*Address members specify the outer IP header tunnel endpoints. The tunnelPolicyId member specifies (as part of the filter conditions specified via FwpmIPsecTunnelAdd1) the inner IP header addresses and transport protocol information of the matching traffic. The localPort, remotePort, and ipProtocol members should not be specified for tunnel mode.

Requirements

Minimum supported client

Windows 7 [desktop apps only]

Minimum supported server

Windows Server 2008 R2 [desktop apps only]

Header

Ipsectypes.h

IDL

Ipsectypes.idl

See also

Windows Filtering Platform API Structures
FWP_IP_VERSION
IPSEC_TRAFFIC_TYPE

 

 

Community Additions

ADD
Show:
© 2014 Microsoft