Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version
Go to top

An Adventure: How to implement a Firewall-Hook Driver?

, 28 Oct 2004
Firewall-Hook driver is a completely unknown method to develop simple packet filtering applications. With this article, I want to tell you how this driver works and what you need to do to use it in your applications.
fwhookdrv_bin.zip
FirewallApp.exe
FwHookDrv.sys
fwhookdrv_src.zip
FirewallHooK
FirewallApp.dsp
FirewallApp.dsw
res
CVS
Entries
Entries.Extra
Repository
Root
FirewallApp.ico
FirewallAppDoc.ico
newtoolbar.bmp
Toolbar.bmp
Driver
buildchk_wxp_x86.log
Debug
FwHookDrv.sys
vc60.idb
FwHookDrv.dsp
FwHookDrv.dsw
makefile
objchk_wxp_x86
i386
fwhookdrv.obj
FwHookDrv.pdb
FwHookDrv.sys
_objects.mac
sources
FwHookDrv.sys
FirewallApp.exe
/*

  NetHeaders.h

  Autor: Jes�s O.
  Last Updated: 15/02/2003


*/

#ifndef _NetHeaders_h_
#define _NetHeaders_h_


#pragma pack(1)


#define	IP_DF 0x4000			// dont fragment flag
#define	IP_MF 0x2000			// more fragments flag
#define	IP_OFFMASK 0x1fff		// mask for fragmenting bits

enum
  {
    IPPROTO_IP					= 0,		// Dummy protocol for TCP.
    IPPROTO_HOPOPTS				= 0,		// IPv6 Hop-by-Hop options.  */
    IPPROTO_ICMP				= 1,		// Internet Control Message Protocol.  */
    IPPROTO_IGMP				= 2,		// Internet Group Management Protocol. */
    IPPROTO_IPIP				= 4,		// IPIP tunnels (older KA9Q tunnels use 94).  */
    IPPROTO_TCP					= 6,		// Transmission Control Protocol.  */
    IPPROTO_EGP					= 8,		// Exterior Gateway Protocol.  */
    IPPROTO_PUP					= 12,		//	PUP protocol.  */
    IPPROTO_UDP					= 17,		//	User Datagram Protocol.  */
    IPPROTO_IDP					= 22,		//  XNS IDP protocol.  */
    IPPROTO_TP					= 29,		//  SO Transport Protocol Class 4.  */
    IPPROTO_IPV6				= 41,		//	IPv6 header.  */
    IPPROTO_ROUTING				= 43,		//	IPv6 routing header.  */
    IPPROTO_FRAGMENT			= 44,		//	IPv6 fragmentation header.  */
    IPPROTO_RSVP				= 46,		//  Reservation Protocol.  */
    IPPROTO_GRE					= 47,		//  General Routing Encapsulation.  */
    IPPROTO_ESP					= 50,		// encapsulating security payload.  */
    IPPROTO_AH					= 51,		// authentication header.  */
    IPPROTO_ICMPV6				= 58,		// ICMPv6.  */
    IPPROTO_NONE				= 59,		/* IPv6 no next header.  */
    IPPROTO_DSTOPTS				= 60,		/* IPv6 destination options.  */
    IPPROTO_MTP					= 92,		/* Multicast Transport Protocol.  */
    IPPROTO_ENCAP				= 98,		/* Encapsulation Header.  */
    IPPROTO_PIM					= 103,		/* Protocol Independent Multicast.  */
    IPPROTO_COMP				= 108,		/* Compression Header Protocol.  */
    IPPROTO_RAW					= 255,		/* Raw IP packets.  */
    IPPROTO_MAX
  };


typedef struct _IPHeader 
{
	UCHAR	headerLength:4;	// Header length 
	UCHAR	version:4;		// Version 
	UCHAR	tos;			// Type of service 
	USHORT	length;			// Total length 
	USHORT	id;				// Identification 
	USHORT	offset;			// Fragment offset field
	UCHAR	ttl;			// Time to live 
	UCHAR	protocol;		// Protocol 
	USHORT	checksum;		// Checksum 
	ULONG	source;			// Source address 
	ULONG	destination;	// Destination address 
}IPHeader, *PIPHeader;


typedef struct _ICMPHeader
{
	UCHAR	type;			// Type of message 
	UCHAR	code;			// Code
	USHORT	checksum;		// Checksum
}ICMPHeader, *PICMPHeader;


typedef struct _UDPHeader
{
	USHORT	sourcePort;			// Source port
	USHORT	destinationPort;	// Destination port
	USHORT	length;				// Length
	USHORT	checksum;			// Checksum
}UDPHeader, *PUDPHeader;


// TCP Flags
#define	TH_FIN	0x01
#define	TH_SYN	0x02
#define	TH_RST	0x04
#define	TH_PUSH	0x08
#define	TH_ACK	0x10
#define	TH_URG	0x20

typedef struct _TCPHeader
{
	USHORT	sourcePort;			// Source Port
	USHORT	destinationPort;	// Destination Port
	ULONG	nSequence;			// Sequence number
	ULONG	nAck;				// Acknowledgement number

	UCHAR	unused:4;			// Unused
	UCHAR	offset:4;			// Data offset
	UCHAR	flags;				// Flags

	USHORT	window;				// Window size
	USHORT	checksum;			// Checksum
	USHORT	urp;				// Urgent Pointer
}TCPHeader, *PTCPHeader;

#pragma pack()

#endif

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

Jesus Oliva
Chief Technology Officer
Spain Spain
To summarize: learn, learn, learn... and then try to remember something I.... I don't Know what i have to remember...
 
http://www.olivacorner.com

| Advertise | Privacy | Mobile
Web01 | 2.8.140926.1 | Last Updated 28 Oct 2004
Article Copyright 2004 by Jesus Oliva
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid