LSP: Почему не работает с службами windows 10?

[a487a5a]

Доброго времени суток. Из исходников msdn собрал свой firewall по технологии LSP(Layered Service Provider). Тестил на win 7 (x32,x64) - всё работает прекрасно. Даже системные процессы захватывает, такие как lsass.exe, [System]. Проблемы начались когда тесты перешли на win 10. Библиотека перестала работать с службами windows, только подхватывается обычными процессами(браузеры, игры).
После повторного, долгого и тщательного изучения документации выяснил следующее:

On Windows Vista and later, an LSP can be classified based on how it interacts with Windows Sockets calls and data. An LSP category is an identifiable group of behaviors on a subset of Winsock SPI functions. For example, an HTTP content filter would be categorized as a data inspector (the LSP_INSPECTOR category).
An LSP may belong to more than one category. For example, a firewall/security LSP could belong to both the inspector (LSP_INSPECTOR) and firewall (LSP_FIREWALL) categories.
If an LSP does not have a category set, it is considered to be in the All Other category. This LSP category will not be loaded in services or system processes (for example, lsass, winlogon, and many svchost processes).

Источник: https://docs.microsoft.com/en-us/wi...ng-layered-service-providers-and-applications
Чтобы заставить библиотеку работать с системными службами(services), я добавил следующий код в инсталляторе(после вызова WSCInstallProviderAndChains):

DWORD lspCategory = 0xFFFFFFFF;
       // DWORD lspCategory = LSP_SYSTEM | LSP_FIREWALL | LSP_INSPECTOR; // | LSP_REDIRECTOR | LSP_PROXY | ;
            //| LSP_INBOUND_MODIFY | LSP_OUTBOUND_MODIFY | LSP_CRYPTO_COMPRESS; // | LSP_LOCAL_CACHE;

        fprintf(stderr, "category: %d \n", lspCategory);
        fprintf(stderr, "sizeof: %zd  \n", sizeof(lspCategory));
        rc = WSCSetProviderInfo(providerGuid, ProviderInfoLspCategories, (PBYTE)&lspCategory, sizeof(lspCategory), NULL, &error);
        if (rc == SOCKET_ERROR) {
            fprintf(stderr, "InstallProviderVista: %s failed: %d\n",
                "WSCSetProviderInfo32", error);
            goto cleanup;
        }

Я пробовал значение lspCategory менять на LSP_SYSTEM, LSP_FIREWALL... на 0xFFFFFFFF. Пробовал просто оставить NULL. Но, увы мои попытки не увенчались успехом. Прошу помощи у тех, кто может разбирался в этом и знает в чем проблема?

 

[Apocalypse]

Layered Service Providers are deprecated. Starting with Windows 8 and Windows Server 2012, use Windows Filtering Platform

The WSCSetProviderInfo function can only be called by a user logged on as a member of the Administrators group. If WSCSetProviderInfo is called by a user that is not a member of the Administrators group, the function call will fail and WSANO_RECOVERY is returned in the lpErrno parameter. This function can also fail because of user account control (UAC). If an application that contains this function is executed by a user logged on as a member of the Administrators group other than the built-in Administrator, this call will fail unless the application has been marked in the manifest file with a requestedExecutionLevel set to requireAdministrator. If the application on Windows Vista or Windows Server 2008 lacks this manifest file, a user logged on as a member of the Administrators group other than the built-in Administrator must then be executing the application in an enhanced shell as the built-in Administrator (RunAs administrator) for this function to succeed.

 

[a487a5a]

Thanks for the help