Enabling a FirewallHook Function
An IPv6 firewall-hook driver enables its FirewallHookfunction by calling the IPv6EnableFirewallHookfunction. An IPv6 firewall-hook driver typically calls the IPv6EnableFirewallHookfunction from within its DriverEntryfunction. For example:
// Prototype for the FirewallHook callback function
IPv6Action
FirewallHook(
const IPv6Addr *SourceAddress,
const IPv6Addr *DestinationAddress,
uint PayloadLength,
uchar HeaderType,
const uchar *HeaderData,
const void *PacketContext,
uint DataLength,
uint InterfaceIndex,
IPv6Direction Direction,
BOOLEAN IsLoopBack
);
// Prototype for the driver's Unload function
VOID
Unload(
IN PDRIVER_OBJECT DriverObject
);
// Driver's DriverEntry function
NTSTATUS
DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
{
NTSTATUS Status;
// Specify the callout driver's Unload function
DriverObject->DriverUnload = Unload;
// Enable the FirewallHook callback function
Status =
IPv6EnableFirewallHook(
FirewallHook
);
// Return status from call to IPv6EnableFirewallHook
return Status;
}
An IPv6 firewall-hook driver is not required to enable its FirewallHookfunction from within its DriverEntryfunction. For example, if the IPv6 firewall-hook functionality is only a subcomponent of a more complex driver, the call to the IPv6EnableFirewallHookfunction might occur when the IPv6 firewall-hook subcomponent is activated.
Only one FirewallHookfunction can be enabled at any given time. If an IPv6 firewall-hook driver calls the IPv6EnableFirewallHookfunction when another FirewallHookfunction is currently enabled, the IPv6EnableFirewallHookfunction returns STATUS_INVALID_DEVICE_REQUEST. To replace a currently enabled FirewallHookfunction with a different FirewallHookfunction, the currently enabled FirewallHookfunction must first be disabled before the replacement FirewallHookfunction can be enabled. For more information about how to disable a FirewallHookfunction, see Disabling a FirewallHook Function.