PF_FilterFlags

Generic flags:

FF_DONT_FILTER_IN
Passthrough incoming objects without filtering.

FF_DONT_FILTER_OUT
Passthrough outgoing objects without filtering.

FF_READ_ONLY_IN
Filter incoming objects in read-only mode. The filters with this flag passthrough the incoming packets to destination immediately, and indicate classified objects with read-only flag.

FF_READ_ONLY_OUT
Filter outgoing objects in read-only mode. The filters with this flag passthrough the outgoing packets to destination immediately, and indicate classified objects with read-only flag.

SSL filter flags:

FF_SSL_TLS
Decode SSL TLS sessions. For example this flag should be used during filtering POP3 and SMTP protocols after STARTTLS command.

FF_SSL_SELF_SIGNED_CERTIFICATE
Generate self-signed certificates instead of using root CA. By default the library generates chained certificates during filtering SSL sessions, signed by a root certificate with a subject specified in pf_setRootSSLCertSubject call (default root - NetFilterSDK). This flag instructs the library to generate self signed certificates and add them to Windows storage automatically. 

FF_SSL_INDICATE_HANDSHAKE_REQUESTS
Indicate OT_SSL_HANDSHAKE_OUTGOING/OT_SSL_HANDSHAKE_INCOMING via dataPartAvailable

FF_SSL_TLS_AUTO
Try to detect TLS handshake automatically in first 8 kilobytes of packets.

FF_SSL_COMPATIBILITY
Use RC4 for SSL sessions with local and remote endpoints

FF_SSL_VERIFY
Verify server certificates and don't filter SSL if the certificate is not valid

FF_SSL_SUPPORT_CLIENT_CERTIFICATES
Filter SSL connections in case when server requests a client certificate.
This method requires appropriate client certificates to be in
Windows certificate storage with exportable private key.

FF_SSL_INDICATE_SERVER_CERTIFICATES
Indicate OT_SSL_SERVER_CERTIFICATE via dataPartAvailable

FF_SSL_INDICATE_EXCEPTIONS
Indicate OT_SSL_EXCEPTION via dataPartAvailable

FF_SSL_ENABLE_ALPN = 0x2000,
Support ALPN TLS extension for negotiating next protocols (HTTP/2,SPDY)

FF_SSL_INDICATE_CLIENT_CERT_REQUESTS
Indicate OT_SSL_CLIENT_CERT_REQUEST via dataPartAvailable

FF_SSL_DECODE_ONLY
Don't encode the traffic between proxy and server

HTTP filter flags:

FF_HTTP_KEEP_PIPELINING
By default the filter sends pipelined requests by one, after receiving a response from server for a previous request. This flag instructs the filter to send all pipelined requests as-is.

FF_HTTP_INDICATE_SKIPPED_OBJECTS
Indicate via dataAvailable the objects of types OT_HTTP_SKIPPED_REQUEST_COMPLETE and OT_HTTP_SKIPPED_RESPONSE_COMPLETE. When a filtering application returns DPCR_BYPASS or DPCR_BYPASS or DPCR_BLOCK from dataPartAvailable, or specify flags FF_DONT_FILTER_IN/FF_DONT_FILTER_OUT for HTTP filter, the filter doesn't save the contents of transmitted HTTP objects, but indicates the completion of skipped HTTP objects as OT_HTTP_SKIPPED_REQUEST_COMPLETE/OT_HTTP_SKIPPED_RESPONSE_COMPLETE. The objects of these types contain only two streams: HS_STATUS and HS_HEADER.

FF_HTTP_BLOCK_SPDY
Block SPDY protocol


Requirements

Header PFFilterDefs.h
Library ProtocolFilters.lib