tcpip port pools in fresh windows 10 builds

It seems that old good TcpPortPool & UdpPortPool were removed since est. build 14251 and were replaced with more complex structure stored in TcpCompartmentSet & UdpCompartmentSet

Lets see how we can get access to port pools
from InetCreatePortPool:
  push  50506E49h                       ; Tag
  push  26A8h                           ; NumberOfBytes
  mov   edi, ecx
  mov   esi, edx
  push  200h                            ; PoolType
  mov   [ebp+var_4], edi
  call  ds:__imp__ExAllocatePoolWithTag@12

some memory was alloced with tag InPP. Time for windbg

kd> dd tcpip!TcpCompartmentSet
8614b974  895e42f0 ffffffff 00000000 00000000
kd> !pool 895e42f0 2
Pool page 895e42f0 region is Nonpaged pool
*895e42e8 size:  188 previous size:   30  (Allocated) *InCS
        Owning component : Unknown (update pooltag.txt)

IDA says that this memory was alloced in function InetCreateCompartmentSet:
  push  'SCnI'                          ; Tag
  push  180h                            ; NumberOfBytes
  push  200h                            ; PoolType
  mov   ebx, edx
  mov   [ebp+var_4], ecx
  xor   edi, edi
  call  ds:__imp__ExAllocatePoolWithTag@12
  mov   esi, eax
  test  esi, esi
  jz    loc_CE3A8
  push  180h                            ; size_t
  push  edi                             ; int
  push  esi                             ; void *
  call  _memset

also almost all references to TcpCompartmentSet call function InetGetCompartmentContext:
  mov   edi, [esi+144h]
  mov   eax, [edi+14h]
  pop   edi
  pop   esi
  mov   esp, ebp
  pop   ebp
  retn

so check this in windbg:
kd> dd 895e42f0 + 144
895e4434  89b23d88 86072efc 860c681d 00000000
kd> !pool 89b23d88 2
Pool page 89b23d88 region is Nonpaged pool
*89b23d80 size:   20 previous size:   20  (Allocated) *InCo
        Owning component : Unknown (update pooltag.txt)
kd> dd 89b23d88 + 14
89b23d9c  89b1d5a0 04040004 41506e49 00000000
kd> !pool 89b1d5a0 2
Pool page 89b1d5a0 region is Nonpaged pool
*89b1d598 size:   10 previous size:  598  (Allocated) *TcCo
        Owning component : Unknown (update pooltag.txt)

IDA says that this memory was alloced in unnamed function called from TcpStartInetModule:
  push  ebx
  push  edi
  push  6F436354h                       ; Tag
  push  4                               ; NumberOfBytes
  push  200h                            ; PoolType
  call  ds:__imp__ExAllocatePoolWithTag@12 ; ExAllocatePoolWithTag(x,x,x)
  mov   ebx, eax
  test  ebx, ebx
  jnz   short loc_82F28
  mov   edi, STATUS_NO_MEMORY
  jmp   loc_830EF
 full schizophrenia - alloc 4 byte from NonPagedPoolNx to hold 1 pointer ! Lets check next in windbg:
kd> dd 89b1d5a0
89b1d5a0  89b24000 89b0f7ec 04040002 41506e49
kd> !pool 89b24000 2
Pool page 89b24000 region is Nonpaged pool
*89b24000 : large page allocation, tag is InPP, size is 0x26a8 bytes
        Pooltag InPP : Inet Port pool, Binary : tcpip.sys

Yeah baby, now we finally got our structure for ports pool !