I am learning how to develop a WFP driver, I constructed a simple WFP driver and test it.
It works on win8, win10 and win server 2016, 2019, however, when it installed on Win7, the service didn't get up.
From the debug log, the FwpmProviderAdd() returns "STATUS_FWP_DYNAMIC_SESSION_IN_PROGRESS" on win7.
I checked the MS documents, but didn't get the point that how to fix it.
Following is part of my code ...
status = FwpmProviderGetByKey(g_EngineHandle, &providerGuid, &pExistingProvider);
if (!NT_SUCCESS(status) || !pExistingProvider) {
RtlZeroMemory(&provider, sizeof(provider));
provider.providerKey = providerGuid;
provider.displayData.name = L"Testing Provider";
provider.displayData.description = L"This is for testing";
//provider.flags = FWPM_PROVIDER_FLAG_PERSISTENT;
provider.serviceName = L"wfptest";
status = FwpmProviderAdd(g_EngineHandle, &provider, NULL);
if (!NT_SUCCESS(status)) {
TB_TRACE(TS_CRIT, TA_PACKET, ("ProviderAdd Fail = %#08x!!!!", status));
goto _Exit;
}
Does anyone could help?
Thanks
I found that this is because the session settings when opening FwpmEngineOpen.
In win 7, it is not acceptable to set the session to FWPM_SESSION_FLAG_DYNAMIC