Click here to Skip to main content
6,822,613 members and growing! (19,667 online)
Email Password   helpLost your password?
General Programming » Internet / Network » Proxy / Firewall     Beginner License: The Code Project Open License (CPOL)

Firewall using Vista's Windows Filtering Platform APIs

By MaheshSatya

An article on using Windows Filtering Platform of Vista to write a simple firewall 		C++, C, Windows, Win32, Dev
Posted:2 Sep 2008
Views:15,359
Bookmarked:16 times
 
Search    
Advanced Search
Add to IE Search
printPrint   add Share
      Discuss Discuss   Broken Article?Report  
9 votes for this article.
Popularity: 2.86 Rating: 3.00 out of 5
3 votes, 33.3%
1
2		 1 vote, 11.1%
3		 3 votes, 33.3%
4		 2 votes, 22.2%
5

Introduction

Windows Vista contains a completely new and improved packet filtering engine called Windows Filtering Platform (WFP). Till now, Windows 2000/XP/2003 gave us the packet filtering APIs for implementing simple firewalls or packet filtering applications. However, these packet filtering APIs are discontinued in Vista in favor of WFP. So, here’s an article which shows how to use WFP APIs to write a firewall!

Windows Filtering Platform APIs

These are some of the WFP APIs that we will be using to write our firewall:

  • FwpmEngineOpen0 - This API is used to create a session with the Windows packet filtering engine.
  • FwpmSubLayerAdd0 - This API adds a new sub-layer to the packet filtering engine.
  • FwpmFilterAdd0 - This API adds filters (rules) to a sub-layer. This is analogous to PfAddFiltersToInterface API.
  • FwpmFilterDeleteById0 - This API removes existing filters from a sub-layer.
  • FwpmSubLayerDeleteByKey0 - This API deletes the sub-layer which was added by FwpmSubLayerAdd0.
  • FwpmEngineClose0 - This API closes the session opened by FwpmEngineOpen0.

Here are the steps to write a firewall using the above mentioned APIs:

  • Create a session using FwpmEngineOpen0.
  • Add a sub-layer using FwpmSubLayerAdd0.
  • Now, add filters using FwpmFilterAdd0. If you have "n" filters, then this API needs to be called "n" times.

That's it! Now, check whether you are able to access the blocked IP address via the Web browser.

Using the Code

This article contains a sample class (PacketFilter class) which encapsulates the WFP APIs. The class declaration is as shown below:

class PacketFilter
{
private:
    // Firewall engine handle.
    HANDLE m_hEngineHandle;

    // Firewall sublayer GUID.
    GUID m_subLayerGUID;

    // List of filters.
    IPFILTERINFOLIST m_lstFilters;

    // Method to get byte array format and hex format IP address from string format.
    bool ParseIPAddrString( char* szIpAddr, UINT nStrLen, 
        BYTE* pbHostOrdr, UINT nByteLen, ULONG& uHexAddr );

    // Method to create/delete packet filter interface.
    DWORD CreateDeleteInterface( bool bCreate );

    // Method to bind/unbind to/from packet filter interface.
    DWORD BindUnbindInterface( bool bBind );

    // Method to add/remove filter.
    DWORD AddRemoveFilter( bool bAdd );

public:
    // Constructor.
    PacketFilter();

    // Destructor.
    ~PacketFilter();

    // Method to add IP addresses to m_lstFilters list.
    void AddToBlockList( char* szIpAddrToBlock );

    // Method to start packet filter.
    BOOL StartFirewall();

    // Method to stop packet filter.
    BOOL StopFirewall();
};

Follow these steps to use the PacketFilter class in your application:

  • Instantiate an object of PacketFilter class.
  • Add IP addresses to be blocked using the public method PacketFilter::AddToBlockList.
  • Start the firewall using PacketFilter::StartFirewall public method.
  • Finally, terminate the firewall by calling PacketFilter::Stopfirewall public method.

Points to Note

You need Windows SDK 2008 (available here) to develop applications using Windows Filtering Platform.
Visual C++ 6.0 is incompatible with Windows SDK 2008.

History

  • 31st August, 2008: Initial post

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

MaheshSatya


Member
Occupation: Software Developer
Location: India India

Other popular Internet / Network articles:
Article Top
You must Sign In to use this message board.
FAQ FAQ 
 
Noise Tolerance  Layout  Per page   
 Msgs 1 to 16 of 16 (Total in Forum: 16) (Refresh)FirstPrevNext
GeneralError starting firewall. GetLastError() Pinmembersireeshaj23:58 3 Dec '09  
GeneralRe: Error starting firewall. GetLastError() PinmemberYaniv Mesika11:13 25 Dec '09  
GeneralMy vote of 1 Pinmemberasdasdasdasasd15:09 13 Sep '09  
GeneralMy vote of 1 Pinmembernnm14:43 10 Sep '09  
Questionhelp needed Pinmembericehottopes5:12 6 Aug '09  
GeneralHow Can i make a managed wrapper to the PacketFilter class to use in C# Pinmemberg k h srinivas22:26 21 Sep '08  
GeneralRe: How Can i make a managed wrapper to the PacketFilter class to use in C# PinmemberMaheshSatya3:18 22 Sep '08  
GeneralRe: How Can i make a managed wrapper to the PacketFilter class to use in C# [modified] Pinmemberg k h srinivas0:48 24 Sep '08  
GeneralRe: How Can i make a managed wrapper to the PacketFilter class to use in C# PinmemberMohammed Abed12:56 31 Mar '09  
QuestionOpposite? Pinmembersidrol9:13 18 Sep '08  
AnswerRe: Opposite? Pinmembersuren_hisxlnc22:13 8 Sep '09  
GeneralCompilation errors PinmemberAnkush12321:02 2 Sep '08  
GeneralRe: Compilation errors PinmemberMaheshSatya9:15 3 Sep '08  
GeneralNice one PinmemberManish K. Agarwal20:00 2 Sep '08  
GeneralRe: Nice one PinmemberMaheshSatya9:38 3 Sep '08  
GeneralRe: Nice one PinmemberManish K. Agarwal2:00 4 Sep '08  
Last Visit: 20:36 9 Feb '10     Last Update: 20:36 9 Feb '10 1

General General    News News    Question Question    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads.

PermaLink | Privacy | Terms of Use
Last Updated: 2 Sep 2008
Editor: Deeksha Shenoy
 Copyright 2008 by MaheshSatya
Everything else Copyright © CodeProject, 1999-2010
Web19 | Advertise on the Code Project