What is the Fwpm* API?
The Fwpm* API is the user-mode interface to the WFP engine. It allows trusted applications (like your admin console or security agent) to:
- Connect to the Base Filtering Engine (BFE)
- Create and manage filters
- Register or reference sublayers
- Enumerate and audit filter state
These functions are part of the Windows Filtering Platform Management API and defined in:
- Header:
fwpmu.h - Library:
Fwpuclnt.lib - DLL:
Fwpuclnt.dll
Key Functions
| Function | Purpose |
|---|---|
FwpmEngineOpen0() | Opens a session with BFE |
FwpmSubLayerAdd0() | Adds a custom sublayer |
FwpmFilterAdd0() | Adds a filter to a specific layer |
FwpmFilterDeleteByKey0() | Deletes a filter using its GUID |
FwpmEngineClose0() | Closes the session |
Leave a comment
Your email address will not be published. Required fields are marked *