FilterAPI.h

Download EaseFilter Filter Driver SDK Setup File
Download EaseFilter Filter Driver SDK Zip File

///////////////////////////////////////////////////////////////////////////////

//

//    (C) Copyright 2011 EaseFilter Technologies Inc.

//    All Rights Reserved

//

//    This software is part of a licensed software product and may

//    only be used or copied in accordance with the terms of that license.

//

//      This header file includes the structures and exported API from the FilterAPI.DLL

//         

//

///////////////////////////////////////////////////////////////////////////////

 

 

#ifndef __FILTER_API_H__

#define __FILTER_API_H__

 

 

#define STATUS_ACCESS_DENIED                    0xC0000022L

 

#define MESSAGE_SEND_VERIFICATION_NUMBER  0xFF000001

#define MAX_MESSAGE_SIZE                              65536

#define MAX_FILE_NAME_LENGTH                          512

#define MAX_SID_LENGTH                                256

#define MAX_PATH                                      260

#define MAX_REQUEST_TYPE                              32

 

typedef enum _MessageType

{

      PRE_CREATE                                      = 0x00000001,

      POST_CREATE                                     = 0x00000002,

      PRE_FASTIO_READ                                 = 0x00000004,

      POST_FASTIO_READ                                = 0x00000008,

      PRE_CACHE_READ                                  = 0x00000010,

      POST_CACHE_READ                                 = 0x00000020,

      PRE_NOCACHE_READ                                = 0x00000040,

      POST_NOCACHE_READ                               = 0x00000080,

      PRE_PAGING_IO_READ                              = 0x00000100,

      POST_PAGING_IO_READ                             = 0x00000200,

      PRE_FASTIO_WRITE                                = 0x00000400,

      POST_FASTIO_WRITE                               = 0x00000800,

      PRE_CACHE_WRITE                                 = 0x00001000,

      POST_CACHE_WRITE                                = 0x00002000,

      PRE_NOCACHE_WRITE                               = 0x00004000,

      POST_NOCACHE_WRITE                              = 0x00008000,

      PRE_PAGING_IO_WRITE                             = 0x00010000,

      POST_PAGING_IO_WRITE                            = 0x00020000,

      PRE_QUERY_INFORMATION                           = 0x00040000,

      POST_QUERY_INFORMATION                          = 0x00080000,

      PRE_SET_INFORMATION                             = 0x00100000,

      POST_SET_INFORMATION                            = 0x00200000,

      PRE_DIRECTORY                                   = 0x00400000,

      POST_DIRECTORY                                  = 0x00800000,

      PRE_QUERY_SECURITY                              = 0x01000000,    

      POST_QUERY_SECURITY                             = 0x02000000,

      PRE_SET_SECURITY                                = 0x04000000,

      POST_SET_SECURITY                               = 0x08000000,

      PRE_CLEANUP                                     = 0x10000000,

      POST_CLEANUP                                    = 0x20000000,

      PRE_CLOSE                                       = 0x40000000,

      POST_CLOSE                                      = 0x80000000UL,

 

}MessageType;

 

 

typedef enum _AccessFlag

{

      EXCLUDE_FILTER_RULE                                   = 0X00000000,

      INCLUDE_FILTER_RULE                                   = 0x00000001,

      REPARSE_FILE_OPEN                                     = 0x00000002,

      HIDE_FILES_IN_DIRECTORY_BROWSING                      = 0x00000004,

      ALLOW_OPEN_WTIH_ACCESS_SYSTEM_SECURITY                = 0x00000010,

      ALLOW_OPEN_WITH_READ_ACCESS                           = 0x00000020,

      ALLOW_OPEN_WITH_WRITE_ACCESS                          = 0x00000040,

      ALLOW_OPEN_WITH_CREATE_OR_OVERWRITE_ACCESS            = 0x00000080,

      ALLOW_OPEN_WITH_DELETE_ACCESS                         = 0x00000100,

      ALLOW_READ_ACCESS                                     = 0x00000200,

      ALLOW_WRITE_ACCESS                                    = 0x00000400,

      ALLOW_QUERY_INFORMATION_ACCESS                        = 0x00000800,

      //allow to change file time and file attributes

      ALLOW_SET_INFORMATION                                 = 0x00001000,

      ALLOW_FILE_RENAME                                     = 0x00002000,

      ALLOW_FILE_DELETE                                     = 0x00004000,

      ALLOW_FILE_SIZE_CHANGE                                = 0x00008000,

      ALLOW_QUERY_SECURITY_ACCESS                           = 0x00010000,

      ALLOW_SET_SECURITY_ACCESS                             = 0x00020000,

      ALLOW_DIRECTORY_LIST_ACCESS                           = 0x00040000,

      ALLOW_MAX_RIGHT_ACCESS                                = 0xfffffff0,

     

}AccessFlag;

 

 

typedef enum _FilterType

{

    FILE_SYSTEM_MONITOR             = 0,

    FILE_SYSTEM_CONTROL             = 1,    

 

} FilterType;

 

 

//this is the data structure which send data from kernel to user mode.

typedef struct _MESSAGE_SEND_DATA

{

      ULONG             MessageId;

      PVOID             FileObject;

      PVOID             FsContext;

      ULONG             MessageType;     

      ULONG             ProcessId;

      ULONG             ThreadId;  

      LONGLONG          Offset; // read/write offset

      ULONG             Length; //read/write length

      LONGLONG          FileSize;

      LONGLONG          TransactionTime;

      LONGLONG          CreationTime;

      LONGLONG          LastAccessTime;

      LONGLONG          LastWriteTime;

      ULONG             FileAttributes;

      //The disired access,share access and disposition for Create request.

      ULONG             DesiredAccess;

      ULONG             Disposition;

      ULONG             ShareAccess;

      ULONG             CreateOptions;

      ULONG             CreateStatus;

 

      //For QueryInformation,SetInformation,Directory request it is information class

      //For QuerySecurity and SetSecurity request,it is securityInformation.

      ULONG             InfoClass;

 

      ULONG             Status;

      ULONG             FileNameLength;

      WCHAR             FileName[MAX_FILE_NAME_LENGTH];

      ULONG             SidLength;

      UCHAR             Sid[MAX_SID_LENGTH];

      ULONG             DataBufferLength;

      UCHAR             DataBuffer[MAX_MESSAGE_SIZE];

 

      ULONG             VerificationNumber;

 

} MESSAGE_SEND_DATA, *PMESSAGE_SEND_DATA;

 

//The status return to filter,instruct filter what process needs to be done.

typedef enum _FilterStatus

{

      FILTER_MESSAGE_IS_DIRTY       = 0x00000001, //Set this flag if the reply message need to be processed.

      FILTER_COMPLETE_PRE_OPERATION = 0x00000002, //Set this flag if complete the pre operation.

      FILTER_DATA_BUFFER_IS_UPDATED = 0x00000004, //Set this flag if the databuffer was updated..

     

} FilterStatus;

 

//This the structure return back to filter,only for call back filter.

typedef struct _MESSAGE_REPLY_DATA

{

      ULONG       MessageId;

      ULONG       MessageType;     

      ULONG       ReturnStatus;

      ULONG       FilterStatus;

      ULONG       DataBufferLength;

      UCHAR       DataBuffer[MAX_MESSAGE_SIZE];

 

} MESSAGE_REPLY_DATA, *PMESSAGE_REPLY_DATA;

 

 

#define STATUS_ACCESS_DENIED                    0xC0000022L

 

extern "C" __declspec(dllexport)

BOOL

InstallDriver();

 

extern "C" __declspec(dllexport)

BOOL

UnInstallDriver();

 

extern "C" __declspec(dllexport)

BOOL

SetRegistrationKey(char* key);

 

typedef BOOL (__stdcall *Proto_Message_Callback)(

   IN       PMESSAGE_SEND_DATA pSendMessage,

   IN OUT   PMESSAGE_REPLY_DATA pReplyMessage);

 

typedef VOID (__stdcall *Proto_Disconnect_Callback)();

 

extern "C" __declspec(dllexport)

BOOL

RegisterMessageCallback(

      ULONG ThreadCount,

      Proto_Message_Callback MessageCallback,

      Proto_Disconnect_Callback DisconnectCallback );

 

extern "C" __declspec(dllexport)

VOID

Disconnect();

 

extern "C" __declspec(dllexport)

BOOL

GetLastErrorMessage(WCHAR* Buffer, PULONG BufferLength);

 

extern "C" __declspec(dllexport)

BOOL

ResetConfigData();

 

extern "C" __declspec(dllexport) 

BOOL

SetFilterType(ULONG FilterType);

 

extern "C" __declspec(dllexport) 

BOOL

SetConnectionTimeout(ULONG TimeOutInSeconds);

 

extern "C" __declspec(dllexport)

BOOL

AddFilterRule(ULONG AccessFlag, WCHAR* FilterMask, WCHAR* ReparseMask);

 

extern "C" __declspec(dllexport)

BOOL

RemoveFilterRule(WCHAR* FilterMask);

 

extern "C" __declspec(dllexport)

BOOL

AddExcludedProcessId(ULONG ProcessId);

 

extern "C" __declspec(dllexport)

BOOL

RemoveExcludeProcessId(ULONG ProcessId);

 

extern "C" __declspec(dllexport)

BOOL

RegisterIoRequest(ULONG RequestRegistration);

 

extern "C" __declspec(dllexport)

BOOL 

GetFileHandleInFilter(WCHAR* FileName,HANDLE*   FileHandle);

 

extern "C" __declspec(dllexport)

BOOL

CloseFileHandleInFilter(HANDLE hFile);

 

extern "C" __declspec(dllexport)

BOOL

OpenStubFile(

    LPCTSTR fileName,

    DWORD   dwDesiredAccess,

    DWORD   dwShareMode,

    PHANDLE pHandle );

 

extern "C" __declspec(dllexport)

BOOL

CreateStubFile(

      LPCTSTR           fileName,

      LONGLONG    fileSize,

      ULONG       fileAttributes,

      ULONG       tagDataLength,

      BYTE*       tagData,

      BOOL        overwriteIfExist,

      PHANDLE           pHandle );

 

extern "C" __declspec(dllexport)

BOOL

GetTagData(

      HANDLE hFile,

      PULONG tagDataLength,

      BYTE*  tagData);

 

extern "C" __declspec(dllexport)

BOOL 

RemoveTagData(

    HANDLE hFile ,

      BOOLEAN     updateTimeStamp = FALSE);

 

extern "C" __declspec(dllexport)

BOOL

AddTagData(

    HANDLE  hFile,

    ULONG   tagDataLength,

      BYTE* tagData );

 

extern "C" __declspec(dllexport)

BOOL 

QueryAllocatedRanges(

    IN HANDLE                           hFile,

    IN LONGLONG                         queryOffset,

    IN LONGLONG                         queryLength,

    IN OUT PFILE_ALLOCATED_RANGE_BUFFER allocatedBuffer,

    IN ULONG                            allocatedBufferSize,  

    OUT ULONG                           *returnBufferLength  );

 

#endif //FILTER_API_H