Error with filter by Ip range

tailscale / wf

Package for controlling the Windows firewall (aka Windows Filtering Platform, WFP)

BSD 3-Clause "New" or "Revised" License

86 stars 25 forks source link

// Get the absolute path of the current program execPath := ""C:\\Windows\\system32\\cmd.exe"" // Ask windows for the corresponding application ID appID, err := wf.AppID(execPath) if err != nil { println("Error Getting AppID:", err) } ruleGuid, _ := windows.GenerateGUID() iprange, err := netaddr.ParseIPRange("192.168.1.10-192.168.1.25") if err != nil { println("Error parsing IP:", err) } err = session.AddRule(&wf.Rule{ ID: wf.RuleID(ruleGuid), Name: "My Rule", Layer: wf.LayerALEAuthConnectV4, Sublayer: sublayerID, Weight: 900, Conditions: []*wf.Match{ { Field: wf.FieldALEAppID, Op: wf.MatchTypeEqual, Value: appID, }, { Field: wf.FieldIPRemoteAddress, Op: wf.MatchTypeRange, Value: iprange, // IP Range }, }, Action: wf.ActionBlock, })

i've seen the pull request. After updating the compose.go file i changed my code into this:

                      {
                Field: wf.FieldIPRemoteAddress,
                Op:    wf.MatchTypeRange,
                Value: wf.Range{From: iprange.From(), To: iprange.To()}, // IP Range
            },

Still no luck. I've seen also the microsoft blog where someone asked about this:

According to the Doc: FWP_MATCH_TYPE enumeration

The value data type and the filter condition data type must be the same. The Base Filtering Engine (BFE) does not perform any data conversion.

An FWP_UINT32 field that contains an IPv4 address can be compared with an FWP_V4_ADDR_MASK value.

Only sortable data types support FWP_MATCH_RANGE. Sortable data types consist of all integer types, FWP_BYTE_ARRAY16_TYPE, FWP_BYTE_BLOB_TYPE, and FWP_UNICODE_STRING_TYPE.

This is my first week of learning about golang so i cannot really help much more than that

tailscale / wf

Error with filter by Ip range #17