Click here to Skip to main content
13,047,502 members (62,315 online)
Rate this:
Please Sign up or sign in to vote.
I have this code for filtering in firewall, but doesn't show any action on packets!!
Help me please
Following is the code:
class IpPacketFilter
    [DllImport("iphlpapi.dll", EntryPoint = "PfBindInterfaceToIPAddress")]
    public static extern int PfBindInterfaceToIPAddress(IntPtr Interface_handle, PFADDRESSTYPE pfatType, ref int ip_address);
      [DllImport("iphlpapi.dll", EntryPoint = "PfCreateInterface")]
    public static extern int PfCreateInterface(int dwName, PFFORWARD_ACTION inAction, PFFORWARD_ACTION outAction, bool UseLog, bool MustBeUnique, ref IntPtr ppInterface);
    //////    ////
    [DllImport("iphlpapi.dll", EntryPoint = "PfAddFiltersToInterface")]
    public static extern int PfAddFiltersToInterface(
        IntPtr interface_handle,
        int cInFilters,
        ref PPF_FILTER_DESCRIPTOR pfiltIn,
        int cOutFilters,
        ref PPF_FILTER_DESCRIPTOR pfiltOut,
        ref PPF_FILTER_DESCRIPTOR pfHandle
public unsafe struct PPF_FILTER_DESCRIPTOR
    public FILTER_FLAGS dwFilterFlags;
    public int dwRule;
    public PFADDRESSTYPE pfatType;
    public int* SrcAddr;
    public int* SrcMask;
    public int* DstAddr;
    public int* DstMask;
    public PROTOCOL dwProtocol;
    public int fLateBound;
    public int wSrcPort;
    public int wDstPort;
    public int wSrcPortHighRange;
    public int wDstPortHighRange;
public enum PFFORWARD_ACTION : int
public enum PFADDRESSTYPE : int
public  enum PROTOCOL : int
    ANY = 0x00,
    ICMP = 0x01,
    TCP = 0x06,
    UDP = 0x11
public  enum FILTER_FLAGS : int
    FD_FLAGS = 0x1

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Net;
namespace ConsoleApplication1
    class Program
        internal const int FALSE = 0;
        internal const int TRUE = 1;
        static void Main(string[] args)
            string[] hostsToBlock = new string[2]; 
            hostsToBlock[0] = ",,0";  
            //blocks all traffic on any port to/from   
            hostsToBlock[1] = ",,29000";   
            //blocks all traffic on port 29000, in and out   
        internal static int lIpFromString(string sIpAddress) 
            int lIp = 0;
                string[] octets = sIpAddress.Split(new string[] { "." }, StringSplitOptions.None);
                if (octets.Length != 4)   
                    return 0;
                for (int i = 0; i < 4; i++)   
                    lIp |= (int.Parse(octets[i]) << (i * 8));
            return lIp;
        internal static string[] GetLocalIpAddresses()
            IPHostEntry host = Dns.GetHostEntry(Dns.GetHostName());
            string[] localIpAddresses = new string[host.AddressList.Length];
            for (int i = 0; i < host.AddressList.Length; i++) 
                localIpAddresses[i] = host.AddressList[i].ToString();
                 return localIpAddresses; 
        internal static bool StartPacketFilter(string[] hosts)
            string[] localIpAddresses = GetLocalIpAddresses();
            if (localIpAddresses == null)
                return false; 
            foreach (string localAddress in localIpAddresses)
                int result; 
                IntPtr interfaceHandle = new IntPtr();   
                //convert the string IP to an unsigned int for p/invoke
                int lLocalIp = lIpFromString(localAddress);
                 //create a filter interface in the tcp/ip stack 
                result = IpPacketFilter.PfCreateInterface(0, PFFORWARD_ACTION.PF_ACTION_FORWARD, PFFORWARD_ACTION.PF_ACTION_FORWARD, false, true, ref interfaceHandle);
                if (result != 0)
                    return false; 
                //bind interface to an ip address 
                result = IpPacketFilter.PfBindInterfaceToIPAddress(interfaceHandle, PFADDRESSTYPE.PF_IPV4, ref lLocalIp);    
                if (result != 0)
                    return false; 
                foreach (string targetHost in hosts)   
                    ////IntPtr filterHandle = new IntPtr();  
                    string[] hostDetail = targetHost.Split(new string[] { "," }, StringSplitOptions.None);
                    if (hostDetail != null && hostDetail.Length == 3)  
                        //build the filter structure  
                        PPF_FILTER_DESCRIPTOR filter = new PPF_FILTER_DESCRIPTOR();   
                        filter.dwFilterFlags = FILTER_FLAGS.FD_FLAGS; 
                        filter.dwRule = FALSE;             
                        filter.pfatType = PFADDRESSTYPE.PF_IPV4;     
                        filter.dwProtocol = PROTOCOL.TCP;        
                        int iSrcAddr = lLocalIp;              
                        int iSrcMask = lIpFromString("");
                        filter.wSrcPort = 0;  
                        filter.wSrcPortHighRange = 0;         
                        int iDstAddr = lIpFromString(hostDetail[0]);    
                        int iDstMask = lIpFromString(hostDetail[1]); 
                        filter.wDstPort = int.Parse(hostDetail[2]);       
                        filter.wDstPortHighRange = int.Parse(hostDetail[2]); 
                            filter.SrcAddr = &iSrcAddr;   
                            filter.DstAddr = &iDstAddr;    
                            filter.SrcMask = &iSrcMask; 
                            filter.DstMask = &iDstMask;  
                        // add filter to interface (both inbound and outbound)   
                        result = IpPacketFilter.PfAddFiltersToInterface(interfaceHandle, 1, ref filter, 1, ref filter, ref filter);
                        if (result != 0) 
                            return false;
            return true;
Posted 6-Aug-11 7:56am
Updated 26-Aug-11 1:08am
SAKryukov 6-Aug-11 15:23pm
OK, this is a code dump. Where is the description of your problem?
It "doesn't show any packets!!" - whatever the hell that means.
elham65_tansa 26-Aug-11 7:44am
"doesn't show any action on packets" means : The firewall should be the IP we will DROP but this does not happen and packets are forwarded
elham65_tansa 6-Aug-11 15:32pm
For example, a packet filter that comes with the IP, but let that pass.
It also does not have any error. Only when it passed to the default action is drop. Trace it to run it in visual studio.
I need this code please help me.
elham65_tansa 20-Aug-11 4:46am
please help me , i need this code!!!!!!
digimanus 26-Aug-11 7:09am
why don't you buy a firewall
elham65_tansa 26-Aug-11 7:15am

This is a thesis for my university
digimanus 26-Aug-11 7:19am
good luck then
elham65_tansa 26-Aug-11 7:21am
thank you
SAKryukov 26-Aug-11 10:46am
Aha, and you're going to fake you supposedly independent work. What kind of graduates shall we have?
Sorry, but this is true.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy | Mobile
Web02 | 2.8.170713.1 | Last Updated 26 Aug 2011
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100