Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
Hi.
I have this code for filtering in firewall, but doesn't show any action on packets!!
Help me please
Following is the code:
    class IpPacketFilter
    {
        [DllImport("iphlpapi.dll", EntryPoint = "PfBindInterfaceToIPAddress")]
        public static extern int PfBindInterfaceToIPAddress(IntPtr Interface_handle, PFADDRESSTYPE pfatType, ref int ip_address);
          [DllImport("iphlpapi.dll", EntryPoint = "PfCreateInterface")]
        public static extern int PfCreateInterface(int dwName, PFFORWARD_ACTION inAction, PFFORWARD_ACTION outAction, bool UseLog, bool MustBeUnique, ref IntPtr ppInterface); 
        //////    //// 
        [DllImport("iphlpapi.dll", EntryPoint = "PfAddFiltersToInterface")] 
        public static extern int PfAddFiltersToInterface( 
            IntPtr interface_handle,          
            int cInFilters,               
            [MarshalAsAttribute(UnmanagedType.Struct)]     
            ref PPF_FILTER_DESCRIPTOR pfiltIn,        
            int cOutFilters,                        
            [MarshalAsAttribute(UnmanagedType.Struct)]     
            ref PPF_FILTER_DESCRIPTOR pfiltOut,            
            [MarshalAsAttribute(UnmanagedType.Struct)]     
            ref PPF_FILTER_DESCRIPTOR pfHandle        
            );
    } 
    public unsafe struct PPF_FILTER_DESCRIPTOR
    {  
        public FILTER_FLAGS dwFilterFlags;
        public int dwRule;
        public PFADDRESSTYPE pfatType;
        public int* SrcAddr;
        public int* SrcMask; 
        public int* DstAddr;  
        public int* DstMask;
        public PROTOCOL dwProtocol;
        public int fLateBound; 
        public int wSrcPort;   
        public int wDstPort;  
        public int wSrcPortHighRange; 
        public int wDstPortHighRange;
    }
    public enum PFFORWARD_ACTION : int
    {  
        PF_ACTION_FORWARD = 0,  
        PF_ACTION_DROP
    }
    public enum PFADDRESSTYPE : int
    {    
        PF_IPV4, 
        PF_IPV6
    }
    public  enum PROTOCOL : int
    {    
        ANY = 0x00,  
        ICMP = 0x01, 
        TCP = 0x06,   
        UDP = 0x11
    }
    public  enum FILTER_FLAGS : int
    {  
        FD_FLAGS = 0x1
    }
    }
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Net;
 
namespace ConsoleApplication1
{
    
    class Program
    {
        internal const int FALSE = 0;
        internal const int TRUE = 1;
        static void Main(string[] args)
        {
            string[] hostsToBlock = new string[2]; 
            hostsToBlock[0] = "192.168.0.2,255.255.255.0,0";  
            //blocks all traffic on any port to/from 67.77.87.97   
            hostsToBlock[1] = "0.0.0.0,0.0.0.0,29000";   
            //blocks all traffic on port 29000, in and out   
            StartPacketFilter(hostsToBlock);
            Console.ReadLine();
           
         }
        internal static int lIpFromString(string sIpAddress) 
        { 
            int lIp = 0;
            try 
            {
                string[] octets = sIpAddress.Split(new string[] { "." }, StringSplitOptions.None);
                if (octets.Length != 4)   
                    return 0;
                for (int i = 0; i < 4; i++)   
                    lIp |= (int.Parse(octets[i]) << (i * 8));
            } 
            catch 
            { 
            }
            return lIp;
        }
        internal static string[] GetLocalIpAddresses()
        {
            IPHostEntry host = Dns.GetHostEntry(Dns.GetHostName());
            string[] localIpAddresses = new string[host.AddressList.Length];
            for (int i = 0; i < host.AddressList.Length; i++) 
            { 
                localIpAddresses[i] = host.AddressList[i].ToString();
            }
                 return localIpAddresses; 
        }
        internal static bool StartPacketFilter(string[] hosts)
        {  
            string[] localIpAddresses = GetLocalIpAddresses();
            //Console.WriteLine(localIpAddresses);
            if (localIpAddresses == null)
                return false; 
            foreach (string localAddress in localIpAddresses)
            {
               
                int result; 
                IntPtr interfaceHandle = new IntPtr();   
                //convert the string IP to an unsigned int for p/invoke
                int lLocalIp = lIpFromString(localAddress);
                 //create a filter interface in the tcp/ip stack 
                result = IpPacketFilter.PfCreateInterface(0, PFFORWARD_ACTION.PF_ACTION_FORWARD, PFFORWARD_ACTION.PF_ACTION_FORWARD, false, true, ref interfaceHandle);
                if (result != 0)
                    return false; 
                //bind interface to an ip address 
                result = IpPacketFilter.PfBindInterfaceToIPAddress(interfaceHandle, PFADDRESSTYPE.PF_IPV4, ref lLocalIp);    
                if (result != 0)
                    return false; 
                foreach (string targetHost in hosts)   
                {        
                    ////IntPtr filterHandle = new IntPtr();  
                    string[] hostDetail = targetHost.Split(new string[] { "," }, StringSplitOptions.None);
                   
                    if (hostDetail != null && hostDetail.Length == 3)  
                    {       
                        //build the filter structure  
                        PPF_FILTER_DESCRIPTOR filter = new PPF_FILTER_DESCRIPTOR();   
                        filter.dwFilterFlags = FILTER_FLAGS.FD_FLAGS; 
                        filter.dwRule = FALSE;             
                        filter.pfatType = PFADDRESSTYPE.PF_IPV4;     
                        filter.dwProtocol = PROTOCOL.TCP;        
                        int iSrcAddr = lLocalIp;              
                        int iSrcMask = lIpFromString("255.255.255.0");
                        filter.wSrcPort = 0;  
                        filter.wSrcPortHighRange = 0;         
                        int iDstAddr = lIpFromString(hostDetail[0]);    
                        int iDstMask = lIpFromString(hostDetail[1]); 
                        filter.wDstPort = int.Parse(hostDetail[2]);       
                        filter.wDstPortHighRange = int.Parse(hostDetail[2]); 
 
                        unsafe          
                        {         
                            filter.SrcAddr = &iSrcAddr;   
                            filter.DstAddr = &iDstAddr;    
                            filter.SrcMask = &iSrcMask; 
                            filter.DstMask = &iDstMask;  
                        }             
                        // add filter to interface (both inbound and outbound)   
                        result = IpPacketFilter.PfAddFiltersToInterface(interfaceHandle, 1, ref filter, 1, ref filter, ref filter);
                        
                        if (result != 0) 
                            return false;
                        
                    }
                  
                }
                
            }
           
            return true;
        }
    }
}
Posted 6-Aug-11 8:56am
Edited 26-Aug-11 2:08am
(no name)5.8K
v2
Comments
SAKryukov at 6-Aug-11 15:23pm
   
OK, this is a code dump. Where is the description of your problem?
--SA
   
It "doesn't show any packets!!" - whatever the hell that means.
elham65_tansa at 26-Aug-11 7:44am
   
"doesn't show any action on packets" means : The firewall should be the IP we will DROP but this does not happen and packets are forwarded
elham65_tansa at 6-Aug-11 15:32pm
   
For example, a packet filter that comes with the IP 192.168.0.2, but let that pass.
It also does not have any error. Only when it passed to the default action is drop. Trace it to run it in visual studio.
I need this code please help me.
elham65_tansa at 20-Aug-11 4:46am
   
please help me , i need this code!!!!!!
digimanus at 26-Aug-11 7:09am
   
why don't you buy a firewall
elham65_tansa at 26-Aug-11 7:15am
   

This is a thesis for my university
digimanus at 26-Aug-11 7:19am
   
good luck then
elham65_tansa at 26-Aug-11 7:21am
   
thank you
SAKryukov at 26-Aug-11 10:46am
   
Aha, and you're going to fake you supposedly independent work. What kind of graduates shall we have?
Sorry, but this is true.
--SA

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web03 | 2.8.1411022.1 | Last Updated 26 Aug 2011
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100