RmzVoid
commented
5 years ago const void* classifyContext this parameter not used such way. use flowContex to identify this can be pointer to your data or this may be a key of the map
Open Waterman178 opened 5 years ago
RmzVoid
commented
5 years ago const void* classifyContext this parameter not used such way. use flowContex to identify this can be pointer to your data or this may be a key of the map
I found that this classifyContext seems to be a custom parameter for the user to pass. But I haven't found the relevant usage. Can anyone give me some advice? Thank you! calloutStream.calloutKey = iCalloutStreamId; calloutStream.classifyFn = ClassifyFunctionStream; calloutStream.notifyFn = NotifyFuncion; calloutStream.flowDeleteFn = FlowDeleteFunction; calloutStream.flags = FWP_CALLOUT_FLAG_CONDITIONAL_ON_FLOW;
status = FwpsCalloutRegister(DeviceObject, &calloutStream, &CalloutStreamId); void NTAPI ClassifyFunctionStream( const FWPS_INCOMING_VALUES0 inData, const FWPS_INCOMING_METADATA_VALUES0 inValue, void layerData, const void classifyContext, const FWPS_FILTER filter, UINT64 flowContext, FWPS_CLASSIFY_OUT0 classifyOut) { MyPara a = (MyPara )classifyContext; DbgPrint("Enter ClassifyFunctionStream \r\n"); } `