本文介绍了来自FWPM_LAYER_OUTBOUND_IPPACKET_V4图层的进程ID?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在 FWPM_LAYER_OUTBOUND_IPPACKET_V4 层注册了一个WFP驱动程序,该驱动程序需要知道与给定数据包关联的进程的用户模式PID。为此,代码使用 PsGetCurrentProcessId()。
但是,这似乎有时会返回错误的PID(例如,与其他流程相关联的PID)。
I have a WFP driver registered at the FWPM_LAYER_OUTBOUND_IPPACKET_V4 layer that needs to know the user mode PID of the process associated with a given packet. For this, the code uses PsGetCurrentProcessId(). It seems however that this can sometimes return the incorrect PID (e.g. a PID associated with another process).
这是正常的吗?有没有其他或更好的方法来获取这些信息?
Is this normal? Is there an alternative or better way to get this information?
推荐答案
这篇关于来自FWPM_LAYER_OUTBOUND_IPPACKET_V4图层的进程ID?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!