当前位置: 动力学知识库 > 问答 > 编程问答 >

wfp - Filtering child processes

问题描述:

I have a callout driver at FWPM_LAYER_ALE_FLOW_ESTABLISHED_V4 layer with the filter condition FWPM_CONDITION_ALE_APP_ID to filter traffic from a specific application.

However, with some applications, they also spawn some child processes and one of them may communicate with the Internet, so filtering the parent process will

give no output, with the filtering condition FWPM_CONDITION_ALE_APP_ID, WFP

filters the process created by this application only.

How can I filter the parent and all its child processes?

分享给朋友:
您可能感兴趣的文章:
随机阅读: