aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--service/firewall/helpers.go162
-rw-r--r--service/firewall/rules.go42
-rw-r--r--service/firewall/syscall_windows.go2
-rw-r--r--service/firewall/types_windows.go32
-rw-r--r--service/firewall/types_windows_386.go18
-rw-r--r--service/firewall/types_windows_amd64.go18
-rw-r--r--service/firewall/types_windows_test.go64
-rw-r--r--service/firewall/zsyscall_windows.go2
8 files changed, 44 insertions, 296 deletions
diff --git a/service/firewall/helpers.go b/service/firewall/helpers.go
index f5cab009..cec61f44 100644
--- a/service/firewall/helpers.go
+++ b/service/firewall/helpers.go
@@ -10,135 +10,10 @@ import (
"golang.org/x/sys/windows"
"runtime"
"syscall"
+ "os"
+ "unsafe"
)
-func (m wtFwpMatchType) String() string {
- switch m {
- case cFWP_MATCH_EQUAL:
- return "FWP_MATCH_EQUAL"
- case cFWP_MATCH_GREATER:
- return "FWP_MATCH_GREATER"
- case cFWP_MATCH_LESS:
- return "FWP_MATCH_LESS"
- case cFWP_MATCH_GREATER_OR_EQUAL:
- return "FWP_MATCH_GREATER_OR_EQUAL"
- case cFWP_MATCH_LESS_OR_EQUAL:
- return "FWP_MATCH_LESS_OR_EQUAL"
- case cFWP_MATCH_RANGE:
- return "FWP_MATCH_RANGE"
- case cFWP_MATCH_FLAGS_ALL_SET:
- return "FWP_MATCH_FLAGS_ALL_SET"
- case cFWP_MATCH_FLAGS_ANY_SET:
- return "FWP_MATCH_FLAGS_ANY_SET"
- case cFWP_MATCH_FLAGS_NONE_SET:
- return "FWP_MATCH_FLAGS_NONE_SET"
- case cFWP_MATCH_EQUAL_CASE_INSENSITIVE:
- return "FWP_MATCH_EQUAL_CASE_INSENSITIVE"
- case cFWP_MATCH_NOT_EQUAL:
- return "FWP_MATCH_NOT_EQUAL"
- case cFWP_MATCH_PREFIX:
- return "FWP_MATCH_PREFIX"
- case cFWP_MATCH_NOT_PREFIX:
- return "FWP_MATCH_NOT_PREFIX"
- case cFWP_MATCH_TYPE_MAX:
- return "FWP_MATCH_TYPE_MAX"
- default:
- return fmt.Sprintf("FwpMatchType_UNKNOWN(%d)", m)
- }
-}
-
-func (ff wtFwpmFilterFlags) String() string {
- switch ff {
- case cFWPM_FILTER_FLAG_NONE:
- return "FWPM_FILTER_FLAG_NONE"
- case cFWPM_FILTER_FLAG_PERSISTENT:
- return "FWPM_FILTER_FLAG_PERSISTENT"
- case cFWPM_FILTER_FLAG_BOOTTIME:
- return "FWPM_FILTER_FLAG_BOOTTIME"
- case cFWPM_FILTER_FLAG_HAS_PROVIDER_CONTEXT:
- return "FWPM_FILTER_FLAG_HAS_PROVIDER_CONTEXT"
- case cFWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT:
- return "FWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT"
- case cFWPM_FILTER_FLAG_PERMIT_IF_CALLOUT_UNREGISTERED:
- return "FWPM_FILTER_FLAG_PERMIT_IF_CALLOUT_UNREGISTERED"
- case cFWPM_FILTER_FLAG_DISABLED:
- return "FWPM_FILTER_FLAG_DISABLED"
- case cFWPM_FILTER_FLAG_INDEXED:
- return "FWPM_FILTER_FLAG_INDEXED"
- case cFWPM_FILTER_FLAG_HAS_SECURITY_REALM_PROVIDER_CONTEXT:
- return "FWPM_FILTER_FLAG_HAS_SECURITY_REALM_PROVIDER_CONTEXT"
- case cFWPM_FILTER_FLAG_SYSTEMOS_ONLY:
- return "FWPM_FILTER_FLAG_SYSTEMOS_ONLY"
- case cFWPM_FILTER_FLAG_GAMEOS_ONLY:
- return "FWPM_FILTER_FLAG_GAMEOS_ONLY"
- case cFWPM_FILTER_FLAG_SILENT_MODE:
- return "FWPM_FILTER_FLAG_SILENT_MODE"
- case cFWPM_FILTER_FLAG_IPSEC_NO_ACQUIRE_INITIATE:
- return "FWPM_FILTER_FLAG_IPSEC_NO_ACQUIRE_INITIATE"
- default:
- return fmt.Sprintf("FwpmFilterFlags_UNKNOWN(%d)", ff)
- }
-}
-
-func (dt wtFwpDataType) String() string {
- switch dt {
- case cFWP_EMPTY:
- return "FWP_EMPTY"
- case cFWP_UINT8:
- return "FWP_UINT8"
- case cFWP_UINT16:
- return "FWP_UINT16"
- case cFWP_UINT32:
- return "FWP_UINT32"
- case cFWP_UINT64:
- return "FWP_UINT64"
- case cFWP_INT8:
- return "FWP_INT8"
- case cFWP_INT16:
- return "FWP_INT16"
- case cFWP_INT32:
- return "FWP_INT32"
- case cFWP_INT64:
- return "FWP_INT64"
- case cFWP_FLOAT:
- return "FWP_FLOAT"
- case cFWP_DOUBLE:
- return "FWP_DOUBLE"
- case cFWP_BYTE_ARRAY16_TYPE:
- return "FWP_BYTE_ARRAY16_TYPE"
- case cFWP_BYTE_BLOB_TYPE:
- return "FWP_BYTE_BLOB_TYPE"
- case cFWP_SID:
- return "FWP_SID"
- case cFWP_SECURITY_DESCRIPTOR_TYPE:
- return "FWP_SECURITY_DESCRIPTOR_TYPE"
- case cFWP_TOKEN_INFORMATION_TYPE:
- return "FWP_TOKEN_INFORMATION_TYPE"
- case cFWP_TOKEN_ACCESS_INFORMATION_TYPE:
- return "FWP_TOKEN_ACCESS_INFORMATION_TYPE"
- case cFWP_UNICODE_STRING_TYPE:
- return "FWP_UNICODE_STRING_TYPE"
- case cFWP_BYTE_ARRAY6_TYPE:
- return "FWP_BYTE_ARRAY6_TYPE"
- case cFWP_BITMAP_INDEX_TYPE:
- return "FWP_BITMAP_INDEX_TYPE"
- case cFWP_BITMAP_ARRAY64_TYPE:
- return "FWP_BITMAP_ARRAY64_TYPE"
- case cFWP_SINGLE_DATA_TYPE_MAX:
- return "FWP_SINGLE_DATA_TYPE_MAX"
- case cFWP_V4_ADDR_MASK:
- return "FWP_V4_ADDR_MASK"
- case cFWP_V6_ADDR_MASK:
- return "FWP_V6_ADDR_MASK"
- case cFWP_RANGE_TYPE:
- return "FWP_RANGE_TYPE"
- case cFWP_DATA_TYPE_MAX:
- return "FWP_DATA_TYPE_MAX"
- default:
- return fmt.Sprintf("FwpDataType_UNKNOWN(%d)", dt)
- }
-}
-
func runTransaction(session uintptr, operation wfpObjectInstaller) error {
err := fwpmTransactionBegin0(session, 0)
if err != nil {
@@ -195,3 +70,36 @@ func wrapErr(err error) error {
return fmt.Errorf("Firewall error at %s:%d: %v", file, line, err)
}
}
+
+func getCurrentProcessSecurityDescriptor() (*wtFwpByteBlob, error) {
+ procHandle, err := windows.GetCurrentProcess()
+ if err != nil {
+ panic(err)
+ }
+ blob := &wtFwpByteBlob{}
+ err = getSecurityInfo(procHandle, cSE_KERNEL_OBJECT, cDACL_SECURITY_INFORMATION, nil, nil, nil, nil, (*uintptr)(unsafe.Pointer(&blob.data)))
+ if err != nil {
+ return nil, wrapErr(err)
+ }
+ blob.size = getSecurityDescriptorLength(uintptr(unsafe.Pointer(blob.data)))
+ return blob, nil
+}
+
+func getCurrentProcessAppId() (*wtFwpByteBlob, error) {
+ currentFile, err := os.Executable()
+ if err != nil {
+ return nil, wrapErr(err)
+ }
+
+ curFilePtr, err := windows.UTF16PtrFromString(currentFile)
+ if err != nil {
+ return nil, wrapErr(err)
+ }
+
+ var appId *wtFwpByteBlob
+ err = fwpmGetAppIdFromFileName0(curFilePtr, unsafe.Pointer(&appId))
+ if err != nil {
+ return nil, wrapErr(err)
+ }
+ return appId, nil
+}
diff --git a/service/firewall/rules.go b/service/firewall/rules.go
index 392c6b0c..15901655 100644
--- a/service/firewall/rules.go
+++ b/service/firewall/rules.go
@@ -8,7 +8,6 @@ package firewall
import (
"golang.org/x/sys/windows"
"golang.zx2c4.com/wireguard/windows/version"
- "os"
"unsafe"
)
@@ -110,39 +109,6 @@ func permitTunInterface(session uintptr, baseObjects *baseObjects, weight uint8,
return nil
}
-func getCurrentProcessSecurityDescriptor() (*wtFwpByteBlob, error) {
- procHandle, err := windows.GetCurrentProcess()
- if err != nil {
- panic(err)
- }
- blob := &wtFwpByteBlob{}
- err = getSecurityInfo(procHandle, cSE_KERNEL_OBJECT, cDACL_SECURITY_INFORMATION, nil, nil, nil, nil, (*uintptr)(unsafe.Pointer(&blob.data)))
- if err != nil {
- return nil, wrapErr(err)
- }
- blob.size = getSecurityDescriptorLength(uintptr(unsafe.Pointer(blob.data)))
- return blob, nil
-}
-
-func getCurrentProcessAppId() (*wtFwpByteBlob, error) {
- currentFile, err := os.Executable()
- if err != nil {
- return nil, wrapErr(err)
- }
-
- curFilePtr, err := windows.UTF16PtrFromString(currentFile)
- if err != nil {
- return nil, wrapErr(err)
- }
-
- var appId *wtFwpByteBlob
- err = fwpmGetAppIdFromFileName0(curFilePtr, unsafe.Pointer(&appId))
- if err != nil {
- return nil, wrapErr(err)
- }
- return appId, nil
-}
-
func permitWireGuardService(session uintptr, baseObjects *baseObjects, weight uint8) error {
var conditions [2]wtFwpmFilterCondition0
@@ -853,7 +819,7 @@ func permitNdp(session uintptr, baseObjects *baseObjects, weight uint8) error {
func permitHyperV(session uintptr, baseObjects *baseObjects, weight uint8) error {
//
- // Only applicable on Win8+
+ // Only applicable on Win8+.
//
{
v, err := version.OsVersion()
@@ -890,6 +856,9 @@ func permitHyperV(session uintptr, baseObjects *baseObjects, weight uint8) error
filterId := uint64(0)
+ //
+ // #1 Outbound.
+ //
{
displayData, err := createWtFwpmDisplayData0("Permit Hyper-V => Hyper-V outbound", "")
if err != nil {
@@ -905,6 +874,9 @@ func permitHyperV(session uintptr, baseObjects *baseObjects, weight uint8) error
}
}
+ //
+ // #2 Inbound.
+ //
{
displayData, err := createWtFwpmDisplayData0("Permit Hyper-V => Hyper-V inbound", "")
if err != nil {
diff --git a/service/firewall/syscall_windows.go b/service/firewall/syscall_windows.go
index 49c64951..27eb462b 100644
--- a/service/firewall/syscall_windows.go
+++ b/service/firewall/syscall_windows.go
@@ -6,7 +6,7 @@
package firewall
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmengineopen0
-//sys fwpmEngineOpen0(serverName *uint16, authnService wtRpcCAuthN, authIdentity *wtSecWinntAuthIdentityW, session *wtFwpmSession0, engineHandle unsafe.Pointer) (err error) [failretval!=0] = fwpuclnt.FwpmEngineOpen0
+//sys fwpmEngineOpen0(serverName *uint16, authnService wtRpcCAuthN, authIdentity *uintptr, session *wtFwpmSession0, engineHandle unsafe.Pointer) (err error) [failretval!=0] = fwpuclnt.FwpmEngineOpen0
// https://docs.microsoft.com/en-us/windows/desktop/api/fwpmu/nf-fwpmu-fwpmengineclose0
//sys fwpmEngineClose0(engineHandle uintptr) (err error) [failretval!=0] = fwpuclnt.FwpmEngineClose0
diff --git a/service/firewall/types_windows.go b/service/firewall/types_windows.go
index 9be4d722..8404a41b 100644
--- a/service/firewall/types_windows.go
+++ b/service/firewall/types_windows.go
@@ -17,15 +17,12 @@ const (
wtFwpByteArray6_Size = 6
wtFwpmAction0_Size = 20
-
wtFwpmAction0_filterType_Offset = 4
wtFwpV4AddrAndMask_Size = 8
-
wtFwpV4AddrAndMask_mask_Offset = 4
wtFwpV6AddrAndMask_Size = 17
-
wtFwpV6AddrAndMask_prefixLength_Offset = 16
)
@@ -384,39 +381,10 @@ type wtRpcCAuthN uint32
const (
cRPC_C_AUTHN_NONE wtRpcCAuthN = 0
- cRPC_C_AUTHN_DCE_PRIVATE wtRpcCAuthN = 1
- cRPC_C_AUTHN_DCE_PUBLIC wtRpcCAuthN = 2
- cRPC_C_AUTHN_DEC_PUBLIC wtRpcCAuthN = 4
- cRPC_C_AUTHN_GSS_NEGOTIATE wtRpcCAuthN = 9
cRPC_C_AUTHN_WINNT wtRpcCAuthN = 10
- cRPC_C_AUTHN_GSS_SCHANNEL wtRpcCAuthN = 14
- cRPC_C_AUTHN_GSS_KERBEROS wtRpcCAuthN = 16
- cRPC_C_AUTHN_DPA wtRpcCAuthN = 17
- cRPC_C_AUTHN_MSN wtRpcCAuthN = 18
- cRPC_C_AUTHN_DIGEST wtRpcCAuthN = 21
- cRPC_C_AUTHN_KERNEL wtRpcCAuthN = 20
- cRPC_C_AUTHN_NEGO_EXTENDER wtRpcCAuthN = 30
- cRPC_C_AUTHN_PKU2U wtRpcCAuthN = 31
- cRPC_C_AUTHN_LIVE_SSP wtRpcCAuthN = 32
- cRPC_C_AUTHN_LIVEXP_SSP wtRpcCAuthN = 35
- cRPC_C_AUTHN_CLOUD_AP wtRpcCAuthN = 36
- cRPC_C_AUTHN_MSONLINE wtRpcCAuthN = 82
- cRPC_C_AUTHN_MQ wtRpcCAuthN = 100
cRPC_C_AUTHN_DEFAULT wtRpcCAuthN = 0xFFFFFFFF
)
-// SEC_WINNT_AUTH_IDENTITY_W defined in rpcdce.h
-// (https://docs.microsoft.com/en-us/windows/desktop/api/rpcdce/ns-rpcdce-_sec_winnt_auth_identity_w).
-type wtSecWinntAuthIdentityW struct {
- User *uint16 // Windows type: unsigned short
- UserLength int32 // Windows type: long
- Domain *uint16 // Windows type: unsigned short
- DomainLength int32 // Windows type: long
- Password *uint16 // Windows type: unsigned short
- PasswordLength int32 // Windows type: long
- Flags int32 // Windows type: long
-}
-
// FWPM_PROVIDER0 defined in fwpmtypes.h
// (https://docs.microsoft.com/sv-se/windows/desktop/api/fwpmtypes/ns-fwpmtypes-fwpm_provider0_).
type wtFwpmProvider0 struct {
diff --git a/service/firewall/types_windows_386.go b/service/firewall/types_windows_386.go
index 7a474912..e2b48c78 100644
--- a/service/firewall/types_windows_386.go
+++ b/service/firewall/types_windows_386.go
@@ -9,19 +9,15 @@ import "golang.org/x/sys/windows"
const (
wtFwpByteBlob_Size = 8
-
wtFwpByteBlob_data_Offset = 4
wtFwpConditionValue0_Size = 8
-
wtFwpConditionValue0_uint8_Offset = 4
wtFwpmDisplayData0_Size = 8
-
wtFwpmDisplayData0_description_Offset = 4
wtFwpmFilter0_Size = 152
-
wtFwpmFilter0_displayData_Offset = 16
wtFwpmFilter0_flags_Offset = 24
wtFwpmFilter0_providerKey_Offset = 28
@@ -38,12 +34,10 @@ const (
wtFwpmFilter0_effectiveWeight_Offset = 144
wtFwpmFilterCondition0_Size = 28
-
wtFwpmFilterCondition0_matchType_Offset = 16
wtFwpmFilterCondition0_conditionValue_Offset = 20
wtFwpmSession0_Size = 48
-
wtFwpmSession0_displayData_Offset = 16
wtFwpmSession0_flags_Offset = 24
wtFwpmSession0_txnWaitTimeoutInMSec_Offset = 28
@@ -53,7 +47,6 @@ const (
wtFwpmSession0_kernelMode_Offset = 44
wtFwpmSublayer0_Size = 44
-
wtFwpmSublayer0_displayData_Offset = 16
wtFwpmSublayer0_flags_Offset = 24
wtFwpmSublayer0_providerKey_Offset = 28
@@ -61,7 +54,6 @@ const (
wtFwpmSublayer0_weight_Offset = 40
wtFwpProvider0_Size = 40
-
wtFwpProvider0_displayData_Offset = 16
wtFwpProvider0_flags_Offset = 24
wtFwpProvider0_providerData_Offset = 28
@@ -70,17 +62,7 @@ const (
wtFwpTokenInformation_Size = 16
wtFwpValue0_Size = 8
-
wtFwpValue0_value_Offset = 4
-
- wtSecWinntAuthIdentityW_Size = 28
-
- wtSecWinntAuthIdentityW_UserLength_Offset = 4
- wtSecWinntAuthIdentityW_Domain_Offset = 8
- wtSecWinntAuthIdentityW_DomainLength_Offset = 12
- wtSecWinntAuthIdentityW_Password_Offset = 16
- wtSecWinntAuthIdentityW_PasswordLength_Offset = 20
- wtSecWinntAuthIdentityW_Flags_Offset = 24
)
// FWPM_FILTER0 defined in fwpmtypes.h
diff --git a/service/firewall/types_windows_amd64.go b/service/firewall/types_windows_amd64.go
index 036bfa15..95ddd27a 100644
--- a/service/firewall/types_windows_amd64.go
+++ b/service/firewall/types_windows_amd64.go
@@ -9,19 +9,15 @@ import "golang.org/x/sys/windows"
const (
wtFwpByteBlob_Size = 16
-
wtFwpByteBlob_data_Offset = 8
wtFwpConditionValue0_Size = 16
-
wtFwpConditionValue0_uint8_Offset = 8
wtFwpmDisplayData0_Size = 16
-
wtFwpmDisplayData0_description_Offset = 8
wtFwpmFilter0_Size = 200
-
wtFwpmFilter0_displayData_Offset = 16
wtFwpmFilter0_flags_Offset = 32
wtFwpmFilter0_providerKey_Offset = 40
@@ -38,12 +34,10 @@ const (
wtFwpmFilter0_effectiveWeight_Offset = 184
wtFwpmFilterCondition0_Size = 40
-
wtFwpmFilterCondition0_matchType_Offset = 16
wtFwpmFilterCondition0_conditionValue_Offset = 24
wtFwpmSession0_Size = 72
-
wtFwpmSession0_displayData_Offset = 16
wtFwpmSession0_flags_Offset = 32
wtFwpmSession0_txnWaitTimeoutInMSec_Offset = 36
@@ -53,7 +47,6 @@ const (
wtFwpmSession0_kernelMode_Offset = 64
wtFwpmSublayer0_Size = 72
-
wtFwpmSublayer0_displayData_Offset = 16
wtFwpmSublayer0_flags_Offset = 32
wtFwpmSublayer0_providerKey_Offset = 40
@@ -61,24 +54,13 @@ const (
wtFwpmSublayer0_weight_Offset = 64
wtFwpProvider0_Size = 64
-
wtFwpProvider0_displayData_Offset = 16
wtFwpProvider0_flags_Offset = 32
wtFwpProvider0_providerData_Offset = 40
wtFwpProvider0_serviceName_Offset = 56
wtFwpValue0_Size = 16
-
wtFwpValue0_value_Offset = 8
-
- wtSecWinntAuthIdentityW_Size = 48
-
- wtSecWinntAuthIdentityW_UserLength_Offset = 8
- wtSecWinntAuthIdentityW_Domain_Offset = 16
- wtSecWinntAuthIdentityW_DomainLength_Offset = 24
- wtSecWinntAuthIdentityW_Password_Offset = 32
- wtSecWinntAuthIdentityW_PasswordLength_Offset = 40
- wtSecWinntAuthIdentityW_Flags_Offset = 44
)
// FWPM_FILTER0 defined in fwpmtypes.h
diff --git a/service/firewall/types_windows_test.go b/service/firewall/types_windows_test.go
index 6ff6e09d..5015672d 100644
--- a/service/firewall/types_windows_test.go
+++ b/service/firewall/types_windows_test.go
@@ -536,67 +536,3 @@ func TestWtFwpmSublayer0Offsets(t *testing.T) {
return
}
}
-
-func TestWtSecWinntAuthIdentityWSize(t *testing.T) {
-
- const actualWtSecWinntAuthIdentityWSize = unsafe.Sizeof(wtSecWinntAuthIdentityW{})
-
- if actualWtSecWinntAuthIdentityWSize != wtSecWinntAuthIdentityW_Size {
- t.Errorf("Size of wtSecWinntAuthIdentityW is %d, although %d is expected.",
- actualWtSecWinntAuthIdentityWSize, wtSecWinntAuthIdentityW_Size)
- }
-}
-
-func TestWtSecWinntAuthIdentityWOffsets(t *testing.T) {
-
- s := wtSecWinntAuthIdentityW{}
- sp := uintptr(unsafe.Pointer(&s))
-
- offset := uintptr(unsafe.Pointer(&s.UserLength)) - sp
-
- if offset != wtSecWinntAuthIdentityW_UserLength_Offset {
- t.Errorf("wtSecWinntAuthIdentityW.UserLength offset is %d although %d is expected", offset,
- wtSecWinntAuthIdentityW_UserLength_Offset)
- return
- }
-
- offset = uintptr(unsafe.Pointer(&s.Domain)) - sp
-
- if offset != wtSecWinntAuthIdentityW_Domain_Offset {
- t.Errorf("wtSecWinntAuthIdentityW.Domain offset is %d although %d is expected", offset,
- wtSecWinntAuthIdentityW_Domain_Offset)
- return
- }
-
- offset = uintptr(unsafe.Pointer(&s.DomainLength)) - sp
-
- if offset != wtSecWinntAuthIdentityW_DomainLength_Offset {
- t.Errorf("wtSecWinntAuthIdentityW.DomainLength offset is %d although %d is expected", offset,
- wtSecWinntAuthIdentityW_DomainLength_Offset)
- return
- }
-
- offset = uintptr(unsafe.Pointer(&s.Password)) - sp
-
- if offset != wtSecWinntAuthIdentityW_Password_Offset {
- t.Errorf("wtSecWinntAuthIdentityW.Password offset is %d although %d is expected", offset,
- wtSecWinntAuthIdentityW_Password_Offset)
- return
- }
-
- offset = uintptr(unsafe.Pointer(&s.PasswordLength)) - sp
-
- if offset != wtSecWinntAuthIdentityW_PasswordLength_Offset {
- t.Errorf("wtSecWinntAuthIdentityW.PasswordLength offset is %d although %d is expected", offset,
- wtSecWinntAuthIdentityW_PasswordLength_Offset)
- return
- }
-
- offset = uintptr(unsafe.Pointer(&s.Flags)) - sp
-
- if offset != wtSecWinntAuthIdentityW_Flags_Offset {
- t.Errorf("wtSecWinntAuthIdentityW.Flags offset is %d although %d is expected", offset,
- wtSecWinntAuthIdentityW_Flags_Offset)
- return
- }
-}
diff --git a/service/firewall/zsyscall_windows.go b/service/firewall/zsyscall_windows.go
index cb461314..f4a8a054 100644
--- a/service/firewall/zsyscall_windows.go
+++ b/service/firewall/zsyscall_windows.go
@@ -54,7 +54,7 @@ var (
procGetSecurityDescriptorLength = modadvapi32.NewProc("GetSecurityDescriptorLength")
)
-func fwpmEngineOpen0(serverName *uint16, authnService wtRpcCAuthN, authIdentity *wtSecWinntAuthIdentityW, session *wtFwpmSession0, engineHandle unsafe.Pointer) (err error) {
+func fwpmEngineOpen0(serverName *uint16, authnService wtRpcCAuthN, authIdentity *uintptr, session *wtFwpmSession0, engineHandle unsafe.Pointer) (err error) {
r1, _, e1 := syscall.Syscall6(procFwpmEngineOpen0.Addr(), 5, uintptr(unsafe.Pointer(serverName)), uintptr(authnService), uintptr(unsafe.Pointer(authIdentity)), uintptr(unsafe.Pointer(session)), uintptr(engineHandle), 0)
if r1 != 0 {
if e1 != 0 {
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.