Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version

An Adventure: How to implement a Firewall-Hook Driver?

, 28 Oct 2004
Firewall-Hook driver is a completely unknown method to develop simple packet filtering applications. With this article, I want to tell you how this driver works and what you need to do to use it in your applications.
fwhookdrv_bin.zip
FirewallApp.exe
FwHookDrv.sys
fwhookdrv_src.zip
FirewallHooK
FirewallApp.dsp
FirewallApp.dsw
res
CVS
Entries
Entries.Extra
Repository
Root
FirewallApp.ico
FirewallAppDoc.ico
newtoolbar.bmp
Toolbar.bmp
Driver
buildchk_wxp_x86.log
Debug
FwHookDrv.sys
vc60.idb
FwHookDrv.dsp
FwHookDrv.dsw
makefile
objchk_wxp_x86
i386
fwhookdrv.obj
FwHookDrv.pdb
FwHookDrv.sys
_objects.mac
sources
FwHookDrv.sys
FirewallApp.exe
//Microsoft Developer Studio generated resource script.
//
#include "resource.h"

#define APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 2 resource.
//
#include "afxres.h"

/////////////////////////////////////////////////////////////////////////////
#undef APSTUDIO_READONLY_SYMBOLS

/////////////////////////////////////////////////////////////////////////////
// Spanish (Modern) resources

#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ESN)
#ifdef _WIN32
LANGUAGE LANG_SPANISH, SUBLANG_SPANISH_MODERN
#pragma code_page(1252)
#endif //_WIN32

#ifdef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// TEXTINCLUDE
//

1 TEXTINCLUDE DISCARDABLE 
BEGIN
    "resource.h\0"
END

2 TEXTINCLUDE DISCARDABLE 
BEGIN
    "#include ""afxres.h""\r\n"
    "\0"
END

3 TEXTINCLUDE DISCARDABLE 
BEGIN
    "#define _AFX_NO_SPLITTER_RESOURCES\r\n"
    "#define _AFX_NO_OLE_RESOURCES\r\n"
    "#define _AFX_NO_TRACKER_RESOURCES\r\n"
    "#define _AFX_NO_PROPERTY_RESOURCES\r\n"
    "\r\n"
    "#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ESP)\r\n"
    "#ifdef _WIN32\r\n"
    "LANGUAGE 10, 3\r\n"
    "#pragma code_page(1252)\r\n"
    "#endif //_WIN32\r\n"
    "#include ""res\\FirewallApp.rc2""  // non-Microsoft Visual C++ edited resources\r\n"
    "#include ""l.esp\\afxres.rc""          // Standard components\r\n"
    "#include ""l.esp\\afxprint.rc""        // printing/print preview resources\r\n"
    "#endif\r\n"
    "\0"
END

#endif    // APSTUDIO_INVOKED


/////////////////////////////////////////////////////////////////////////////
//
// Icon
//

// Icon with lowest ID value placed first to ensure application icon
// remains consistent on all systems.
IDR_MAINFRAME           ICON    DISCARDABLE     "res\\FirewallApp.ico"
IDR_FIREWATYPE          ICON    DISCARDABLE     "res\\FirewallAppDoc.ico"

/////////////////////////////////////////////////////////////////////////////
//
// Bitmap
//

IDR_MAINFRAME           BITMAP  DISCARDABLE     "res\\newtoolbar.bmp"

/////////////////////////////////////////////////////////////////////////////
//
// Toolbar
//

IDR_MAINFRAME TOOLBAR DISCARDABLE  50, 38
BEGIN
    BUTTON      ID_BUTTONSTART
    BUTTON      ID_BUTTONSTOP
    BUTTON      ID_BUTTONADD
    BUTTON      ID_BUTTONDEL
    BUTTON      ID_BUTTONINSTALL
    BUTTON      ID_BUTTONDESINSTALL
END


/////////////////////////////////////////////////////////////////////////////
//
// Menu
//

IDR_MAINFRAME MENU PRELOAD DISCARDABLE 
BEGIN
    POPUP "File"
    BEGIN
        MENUITEM "Start Filtering",             ID_MENUSTART
        MENUITEM "Stop Filtering",              ID_MENUSTOP
        MENUITEM SEPARATOR
        MENUITEM "Load Rules",                  IDMENU_LOADRULES
        MENUITEM "Save Rules",                  IDMENU_SAVERULES
        MENUITEM SEPARATOR
        MENUITEM "Exit",                        ID_APP_EXIT
    END
    POPUP "Rules"
    BEGIN
        MENUITEM "Add Rule",                    IDMENU_ADDRULE
        MENUITEM "Del Rule",                    IDMENU_DELRULE
        MENUITEM SEPARATOR
        MENUITEM "Install Rules",               IDMENU_INSTALLRULES
        MENUITEM "Uninstall Rules",             IDMENU_UNINSTALLRULES
    END
    POPUP "Help"
    BEGIN
        MENUITEM "About Firewall FwHook....",   ID_APP_ABOUT
    END
END


/////////////////////////////////////////////////////////////////////////////
//
// Accelerator
//

IDR_MAINFRAME ACCELERATORS PRELOAD MOVEABLE PURE 
BEGIN
    "N",            ID_FILE_NEW,            VIRTKEY, CONTROL
    "O",            ID_FILE_OPEN,           VIRTKEY, CONTROL
    "S",            ID_FILE_SAVE,           VIRTKEY, CONTROL
    "P",            ID_FILE_PRINT,          VIRTKEY, CONTROL
    "Z",            ID_EDIT_UNDO,           VIRTKEY, CONTROL
    "X",            ID_EDIT_CUT,            VIRTKEY, CONTROL
    "C",            ID_EDIT_COPY,           VIRTKEY, CONTROL
    "V",            ID_EDIT_PASTE,          VIRTKEY, CONTROL
    VK_BACK,        ID_EDIT_UNDO,           VIRTKEY, ALT
    VK_DELETE,      ID_EDIT_CUT,            VIRTKEY, SHIFT
    VK_INSERT,      ID_EDIT_COPY,           VIRTKEY, CONTROL
    VK_INSERT,      ID_EDIT_PASTE,          VIRTKEY, SHIFT
    VK_F6,          ID_NEXT_PANE,           VIRTKEY 
    VK_F6,          ID_PREV_PANE,           VIRTKEY, SHIFT
END


/////////////////////////////////////////////////////////////////////////////
//
// Dialog
//

IDD_ABOUTBOX DIALOG DISCARDABLE  0, 0, 235, 55
STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Acerca de FirewallApp"
FONT 8, "MS Sans Serif"
BEGIN
    ICON            IDR_MAINFRAME,IDC_STATIC,11,17,20,20
    LTEXT           "FirewallApp FwHook v1.0",IDC_STATIC,40,10,119,8,
                    SS_NOPREFIX
    LTEXT           "Copyright (C) 2004",IDC_STATIC,40,25,119,8
    DEFPUSHBUTTON   "Aceptar",IDOK,178,7,50,14,WS_GROUP
END

IDD_FIREWALLAPP_FORM DIALOG DISCARDABLE  0, 0, 425, 177
STYLE WS_CHILD | WS_BORDER
FONT 8, "MS Sans Serif"
BEGIN
    CONTROL         "List1",IDC_LIST1,"SysListView32",LVS_REPORT | 
                    LVS_SINGLESEL | LVS_NOLABELWRAP | WS_BORDER | WS_TABSTOP,
                    7,33,411,121
    LTEXT           "Filter Rules",IDC_STATIC,17,18,78,11
END

IDD_ADDRULEDLG DIALOG DISCARDABLE  0, 0, 278, 193
STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Add Rule"
FONT 8, "MS Sans Serif"
BEGIN
    EDITTEXT        IDC_EDIT1,81,23,69,12,ES_RIGHT | ES_AUTOHSCROLL
    EDITTEXT        IDC_EDIT2,223,23,30,12,ES_RIGHT | ES_AUTOHSCROLL | 
                    ES_NUMBER
    EDITTEXT        IDC_EDIT6,81,47,69,12,ES_RIGHT | ES_AUTOHSCROLL
    EDITTEXT        IDC_EDIT3,81,90,69,12,ES_RIGHT | ES_AUTOHSCROLL
    EDITTEXT        IDC_EDIT4,223,90,30,12,ES_RIGHT | ES_AUTOHSCROLL | 
                    ES_NUMBER
    EDITTEXT        IDC_EDIT5,81,114,69,12,ES_RIGHT | ES_AUTOHSCROLL
    COMBOBOX        IDC_COMBO4,67,143,44,49,CBS_DROPDOWNLIST | WS_VSCROLL | 
                    WS_TABSTOP
    COMBOBOX        IDC_COMBO3,167,143,70,51,CBS_DROPDOWNLIST | CBS_SORT | 
                    WS_VSCROLL | WS_TABSTOP
    DEFPUSHBUTTON   "Add",IDOK,73,172,50,14
    PUSHBUTTON      "Cancel",IDCANCEL,137,172,50,14
    GROUPBOX        "Source",IDC_STATIC,7,7,262,62
    GROUPBOX        "Destination",IDC_STATIC,9,73,262,62
    LTEXT           "Action",IDC_STATIC,135,146,25,11
    LTEXT           "Ip Address",IDC_STATIC,29,21,42,8
    LTEXT           "Port",IDC_STATIC,191,23,14,8
    LTEXT           "Port",IDC_STATIC,191,90,14,8
    LTEXT           "Protocol",IDC_STATIC,27,146,27,8
    LTEXT           "(0.0.0.0 for All)",IDC_STATIC,21,97,46,8
    LTEXT           "(0 for All)",IDC_STATIC,183,98,29,11
    LTEXT           "Ip Mask",IDC_STATIC,37,50,32,10
    LTEXT           "Ip Address",IDC_STATIC,29,87,42,8
    LTEXT           "(0.0.0.0 for All)",IDC_STATIC,21,97,46,8
    LTEXT           "Ip Mask",IDC_STATIC,41,114,32,10
    LTEXT           "(0 for All)",IDC_STATIC,183,31,29,11
    LTEXT           "(0.0.0.0 for All)",IDC_STATIC,21,30,46,8
END


#ifndef _MAC
/////////////////////////////////////////////////////////////////////////////
//
// Version
//

VS_VERSION_INFO VERSIONINFO
 FILEVERSION 1,0,0,1
 PRODUCTVERSION 1,0,0,1
 FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
 FILEFLAGS 0x1L
#else
 FILEFLAGS 0x0L
#endif
 FILEOS 0x4L
 FILETYPE 0x1L
 FILESUBTYPE 0x0L
BEGIN
    BLOCK "StringFileInfo"
    BEGIN
        BLOCK "0C0A04B0"
        BEGIN
            VALUE "CompanyName", "\0"
            VALUE "FileDescription", "Aplicaci�n MFC FirewallApp\0"
            VALUE "FileVersion", "1, 0, 0, 1\0"
            VALUE "InternalName", "FirewallApp\0"
            VALUE "LegalCopyright", "Copyright (C) 2003\0"
            VALUE "LegalTrademarks", "\0"
            VALUE "OriginalFilename", "FirewallApp.EXE\0"
            VALUE "ProductName", "Aplicaci�n FirewallApp\0"
            VALUE "ProductVersion", "1, 0, 0, 1\0"
        END
    END
    BLOCK "VarFileInfo"
    BEGIN
        VALUE "Translation", 0xc0a, 1200
    END
END

#endif    // !_MAC


/////////////////////////////////////////////////////////////////////////////
//
// DESIGNINFO
//

#ifdef APSTUDIO_INVOKED
GUIDELINES DESIGNINFO DISCARDABLE 
BEGIN
    IDD_ABOUTBOX, DIALOG
    BEGIN
        LEFTMARGIN, 7
        RIGHTMARGIN, 228
        TOPMARGIN, 7
        BOTTOMMARGIN, 48
    END

    IDD_FIREWALLAPP_FORM, DIALOG
    BEGIN
        LEFTMARGIN, 7
        RIGHTMARGIN, 418
        TOPMARGIN, 7
        BOTTOMMARGIN, 170
    END

    IDD_ADDRULEDLG, DIALOG
    BEGIN
        LEFTMARGIN, 7
        RIGHTMARGIN, 271
        TOPMARGIN, 7
        BOTTOMMARGIN, 186
    END
END
#endif    // APSTUDIO_INVOKED


/////////////////////////////////////////////////////////////////////////////
//
// Dialog Info
//

IDD_ADDRULEDLG DLGINIT
BEGIN
    IDC_COMBO4, 0x403, 4, 0
0x6c41, 0x006c, 
    IDC_COMBO4, 0x403, 4, 0
0x4354, 0x0050, 
    IDC_COMBO4, 0x403, 4, 0
0x4455, 0x0050, 
    IDC_COMBO4, 0x403, 5, 0
0x4349, 0x504d, "\000" 
    IDC_COMBO3, 0x403, 6, 0
0x6c41, 0x6f6c, 0x0077, 
    IDC_COMBO3, 0x403, 5, 0
0x7244, 0x706f, "\000" 
    0
END


/////////////////////////////////////////////////////////////////////////////
//
// String Table
//

STRINGTABLE PRELOAD DISCARDABLE 
BEGIN
    IDR_MAINFRAME           "FirewallApp\n\nFirewa\n\n\nFirewallApp.Document\nFirewa Document"
END

STRINGTABLE PRELOAD DISCARDABLE 
BEGIN
    AFX_IDS_APP_TITLE       "FirewallApp"
    AFX_IDS_IDLEMESSAGE     "Preparado"
END

STRINGTABLE DISCARDABLE 
BEGIN
    ID_INDICATOR_EXT        "EXT"
    ID_INDICATOR_CAPS       "MAY"
    ID_INDICATOR_NUM        "NUM"
    ID_INDICATOR_SCRL       "DESP"
    ID_INDICATOR_OVR        "SOB"
    ID_INDICATOR_REC        "GRB"
END

STRINGTABLE DISCARDABLE 
BEGIN
    ID_FILE_NEW             "Crea un nuevo documento\nNuevo"
    ID_FILE_OPEN            "Abre un documento ya existente\nAbrir"
    ID_FILE_CLOSE           "Cierra el documento activo\nCerrar"
    ID_FILE_SAVE            "Guarda el documento activo\nGuardar"
    ID_FILE_SAVE_AS         "Guarda el documento activo con un nuevo nombre\nGuardar como"
    ID_FILE_PAGE_SETUP      "Cambia las opciones de impresi�n\nPreparar p�gina"
    ID_FILE_PRINT_SETUP     "Cambia las opciones de impresora y de impresi�n\nConfigurar impresora"
    ID_FILE_PRINT           "Imprime el documento activo\nImprimir"
    ID_FILE_PRINT_PREVIEW   "Muestra p�ginas completas\nPresentaci�n preliminar"
END

STRINGTABLE DISCARDABLE 
BEGIN
    ID_APP_ABOUT            "Muestra informaci�n del programa, n�mero de versi�n y copyright\nAcerca de"
    ID_APP_EXIT             "Sale de la aplicaci�n; le pide que guarde los documentos\nSalir"
END

STRINGTABLE DISCARDABLE 
BEGIN
    ID_FILE_MRU_FILE1       "Abre este documento"
    ID_FILE_MRU_FILE2       "Abre este documento"
    ID_FILE_MRU_FILE3       "Abre este documento"
    ID_FILE_MRU_FILE4       "Abre este documento"
    ID_FILE_MRU_FILE5       "Abre este documento"
    ID_FILE_MRU_FILE6       "Abre este documento"
    ID_FILE_MRU_FILE7       "Abre este documento"
    ID_FILE_MRU_FILE8       "Abre este documento"
    ID_FILE_MRU_FILE9       "Abre este documento"
    ID_FILE_MRU_FILE10      "Abre este documento"
    ID_FILE_MRU_FILE11      "Abre este documento"
    ID_FILE_MRU_FILE12      "Abre este documento"
    ID_FILE_MRU_FILE13      "Abre este documento"
    ID_FILE_MRU_FILE14      "Abre este documento"
    ID_FILE_MRU_FILE15      "Abre este documento"
    ID_FILE_MRU_FILE16      "Abre este documento"
END

STRINGTABLE DISCARDABLE 
BEGIN
    ID_NEXT_PANE            "Cambia a la siguiente secci�n de ventana\nSiguiente secci�n"
    ID_PREV_PANE            "Vuelve a la secci�n de ventana anterior\nSecci�n anterior"
END

STRINGTABLE DISCARDABLE 
BEGIN
    ID_WINDOW_SPLIT         "Divide la ventana activa en secciones\nDividir"
END

STRINGTABLE DISCARDABLE 
BEGIN
    ID_EDIT_CLEAR           "Borra la selecci�n\nBorrar"
    ID_EDIT_CLEAR_ALL       "Borra todo\nBorrar todo"
    ID_EDIT_COPY            "Copia la selecci�n y la coloca en el portapapeles\nCopiar"
    ID_EDIT_CUT             "Corta la selecci�n y la coloca en el portapapeles\nCortar"
    ID_EDIT_FIND            "Buscaa el texto especificado\nBuscar"
    ID_EDIT_PASTE           "Inserta el contenido del portapapeles\nPegar"
    ID_EDIT_REPEAT          "Repite la �ltima acci�n\nRepetir"
    ID_EDIT_REPLACE         "Reemplaza texto espec�fico por otro texto\nReemplazar"
    ID_EDIT_SELECT_ALL      "Selecciona todo el documento\nSeleccionar todo"
    ID_EDIT_UNDO            "Deshace la �ltima acci�n\nDeshacer"
    ID_EDIT_REDO            "Rehace la acci�n que acaba de deshacerse\nRehacer"
END

STRINGTABLE DISCARDABLE 
BEGIN
    ID_VIEW_TOOLBAR         "Muestra u oculta la barra de herramientas\nAlternar Barra de herramientas"
    ID_VIEW_STATUS_BAR      "Muestra u oculta la barra de estado\nAlternar Barra de estado"
END

STRINGTABLE DISCARDABLE 
BEGIN
    AFX_IDS_SCSIZE          "Cambia el tama�o de la ventana"
    AFX_IDS_SCMOVE          "Cambia la posici�n de la ventana"
    AFX_IDS_SCMINIMIZE      "Reduce la ventana a un icono"
    AFX_IDS_SCMAXIMIZE      "Agranda la ventana al tama�o completo"
    AFX_IDS_SCNEXTWINDOW    "Cambia a la ventana del siguiente documento"
    AFX_IDS_SCPREVWINDOW    "Cambia a la ventana del documento anterior"
    AFX_IDS_SCCLOSE         "Cierra la ventana activa y le pide que guarde los documentos"
END

STRINGTABLE DISCARDABLE 
BEGIN
    AFX_IDS_SCRESTORE       "Restaura la ventana a su tama�o normal"
    AFX_IDS_SCTASKLIST      "Activa la lista de tareas"
END

STRINGTABLE DISCARDABLE 
BEGIN
    AFX_IDS_PREVIEW_CLOSE   "Cierra el modo de presentaci�n preliminar\nCancelar presentaci�n preliminar"
END

#endif    // Spanish (Modern) resources
/////////////////////////////////////////////////////////////////////////////



#ifndef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 3 resource.
//
#define _AFX_NO_SPLITTER_RESOURCES
#define _AFX_NO_OLE_RESOURCES
#define _AFX_NO_TRACKER_RESOURCES
#define _AFX_NO_PROPERTY_RESOURCES

#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ESP)
#ifdef _WIN32
LANGUAGE 10, 3
#pragma code_page(1252)
#endif //_WIN32
#include "res\FirewallApp.rc2"  // non-Microsoft Visual C++ edited resources
#include "l.esp\afxres.rc"          // Standard components
#include "l.esp\afxprint.rc"        // printing/print preview resources
#endif

/////////////////////////////////////////////////////////////////////////////
#endif    // not APSTUDIO_INVOKED

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

Jesus Oliva
Chief Technology Officer
Spain Spain
To summarize: learn, learn, learn... and then try to remember something I.... I don't Know what i have to remember...

http://www.olivacorner.com

| Advertise | Privacy | Terms of Use | Mobile
Web03 | 2.8.150414.1 | Last Updated 28 Oct 2004
Article Copyright 2004 by Jesus Oliva
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid