It is very difficult to find free source code of a firewall . So I with my friend Rajender developed this firewall. It is a simple firewall based on packet filtering technology.
I have used the driver as describe in an article in http://www.codeproject.com/ - Code Project/Internet & Network - Developing Firewalls for Windows 2000/XP by Jesús O at the URL : http://www.codeproject.com/useritems/drvfltip.asp .
Using the code
Working of the filter
Working of firewall is based on the following steps
- Extract the packet header
- Check the protocol associated
- Compare with the rules
- Check the source and destination add. If protocol is same
- Check out the port if protocol is TCP
- Drop or pass the packet
After declaring structure variables an integer type “countrule” is declared and initialized it holds the value of the number the rule, it is incremented when new rule is required. Filterlist is initialized to first, its size increases as more and more rules are added. Now the packet header is extracted and is assigned to the variable ipp. Next the protocol is checked.
If the protocol is numbered as 6 means it is TCP. We accept all the packets if the connection is already established. Also if we don't have the bit SYN activate then we pass the packet by using return
Otherwise the packet is compared against the rules from the list until there is no member is in the list means till the condition
while (aux! =NULL) persists. Now check if the protocol is same, if it is then look for the source and destination address and each time increment the countrule. Now it the protocol is TCP check for the port.
Now the decision can be taken whether to drop or pass the packet according to the following statements
return PF_DROP; else
The same procedure is done for the packets of the UDP protocols. For other packet we don't look more and now we have decided what to do with the packet. After this countrule is incremented. And we accept all the packets which are not registered.
Here is the description of various classes/source files.
- DrvFltIp.H - This file contains structure of the various headers that are being used in the TCP IP Protocol suite.
- TDRIVER.H - This file contains the definition of the various method used to load, unload ,read and write into the driver. It also contains code for adding rules into the firewall
- TDRIVER.CPP - This file contains various definition of the functions that are defined inside the
- ADDRULEDLG.H - This file contains the definition of the various functions that are used for the checking whether the given IP address is in the valid format or not and is used for translating the user defined inputs into the driver readable format
- AddRuleDlg.cpp : implementation file. This is the file that will contain the definition of the class functions that were defined in the AddRuleDlg.h header file
- FIREVIEW.H - interface of the
- FIREVIEW.CPP - implementation of the
- Sockutil.h - This file contains the basic declarations of the functions that are used for the conversion of the network address into the internet address and for conversion of port numbers into comp readable format
- SockUtil.CPP - Implementation of Sockutil.cpp
- PortScanDlg.cpp - Implementation of port scanner.
- StarWarsCtrl.cpp - Implementation of about dialog box in animated view.
- SystemTray.cpp - Class for sending the firewall to system tray. taken from code project.
Points of Interest
I have written this program to share my Knowledge with you. I want you to do further work on it and help me to make it a successful open source project by mailing me back modified code. You can find more articles and software projects with free source code on my web site :-
You can also mail to me at firstname.lastname@example.org or my partner in this project Mr. Rajender Singh. His email address is : email@example.com
- Date Posted: December 08, 2003