Crate wfp

Crate wfp 

Source
Expand description

§Windows Filtering Platform (WFP) Rust library

This crate provides a safe Rust library around the Windows Filtering Platform API, allowing you to create and manage network filters on Windows.

§Overview

The Windows Filtering Platform is a set of APIs that allow applications to handle filtering and processing of network traffic. This crate provides a type-safe interface to create filters that can block or permit network traffic based on various criteria.

§Basic Usage

use wfp::{FilterEngineBuilder, FilterBuilder, PortConditionBuilder, ActionType, Layer, Transaction};
use std::io;

fn main() -> io::Result<()> {
    // Open a dynamic filter engine session
    let mut engine = FilterEngineBuilder::default().dynamic().open()?;
     
    // Create a transaction for atomic filter operations
    let transaction = Transaction::new(&mut engine)?;
     
    // Create and add a filter
    FilterBuilder::default()
        .name("Block outbound connections")
        .description("Blocks all outbound IPv4 connections")
        .action(ActionType::Block)
        .layer(Layer::ConnectV4)
        .condition(
            PortConditionBuilder::remote()
                .equal(80)
                .build(),
        )
        .add(&transaction)?;
     
    // Commit the transaction
    transaction.commit()?;
     
    Ok(())
}

§Examples

See the examples/ directory for more usage examples.

Run examples with: cargo run --example <example>

Structs§

AppIdConditionBuilder
Typed builder for application ID conditions.
Condition
Internal representation of a built condition.
FilterBuilder
Builder for creating Windows Filtering Platform filters.
FilterEngine
Represents an active connection to the Windows Filtering Platform engine.
FilterEngineBuilder
Builder for creating a Windows Filtering Platform engine session.
FilterEnumItem
A WFP filter
FilterEnumerator
An iterator over filters.
PortConditionBuilder
Typed builder for port-based conditions.
ProtocolConditionBuilder
Typed builder for protocol-based conditions.
SubLayerBuilder
Builder for creating Windows Filtering Platform sublayers.
Transaction
Represents a transactional context for filter operations.

Enums§

ActionType
Specifies the action to take when a filter matches network traffic.
ConditionField
Represents different types of filter conditions that can be applied to network traffic.
Layer
Specifies the network layer at which a filter operates.
MatchType
Specifies how a condition value should be matched against network traffic.

Functions§

delete_filter
Delete a filter by its ID.
delete_filter_by_guid
Delete a filter by its GUID.