Developing Firewalls for Windows 2000/XP

Jesus Oliva

Rate me:

4.86/5 (158 votes)

3 Nov 2003CPOL9 min read

1.1M

26.4K

491

An article about developing Firewalls for Windows 2000/XP

drvfltip_source.zip
- DrvFltIp.c
- DrvFltIp.dsp
- DrvFltIp.dsw
- DrvFltIp.h
- DrvFltIp.sys
- makefile
- sources
- testDrv.exe
- testDrv
  - res
    - testDrv.ico
    - testDrv.rc2
  - resource.h
  - sockUtil.cpp
  - sockutil.h
  - StdAfx.cpp
  - StdAfx.h
  - TDriver.cpp
  - TDriver.h
  - testDrv.cpp
  - testDrv.dsp
  - testDrv.h
  - testDrv.rc
  - testDrvDlg.cpp
  - testDrvDlg.h
firewallfhk_src.zip
- DrvFltIp.h
- DrvFltIp.sys
- Firewall.exe
- FirewallApp.clw
- FirewallApp.cpp
- FirewallApp.dsp
- FirewallApp.dsw
- FirewallApp.h
- FirewallApp.rc
- FirewallAppDoc.cpp
- FirewallAppDoc.h
- FirewallAppView.cpp
- FirewallAppView.h
- MainFrm.cpp
- MainFrm.h
- res
  - CVS
    - Entries
    - Entries.Extra
    - Repository
    - Root
  - FirewallApp.ico
  - FirewallApp.rc2
  - FirewallAppDoc.ico
  - newtoolbar.bmp
  - Toolbar.bmp
- resource.h
- RuleDlg.cpp
- RuleDlg.h
- rules.h
- sockUtil.cpp
- sockutil.h
- StdAfx.cpp
- StdAfx.h
- TDriver.cpp
- TDriver.h
drvfltip_src.zip
- DrvFltIp.c
- DrvFltIp.dsp
- DrvFltIp.dsw
- DrvFltIp.h
- DrvFltIp.sys
- makefile
- sources
- testDrv.exe
- testDrv.ico
- testDrv.rc2
- resource.h
- sockUtil.cpp
- sockutil.h
- StdAfx.cpp
- StdAfx.h
- TDriver.cpp
- TDriver.h
- testDrv.clw
- testDrv.cpp
- testDrv.dsp
- testDrv.h
- testDrv.rc
- testDrvDlg.cpp
- testDrvDlg.h

/*

  DrvFltIp.H

  Author: Jes�s Oliva Garc�a
  Last Updated: 06/04/03 18:54
  
*/


//
// Define the various device type values.  Note that values used by Microsoft
// Corporation are in the range 0-32767, and 32768-65535 are reserved for use
// by customers.
//
// Tipo del dispositivo. De 0-32767 reservado por Microsoft.
#define FILE_DEVICE_DRVFLTIP  0x00654322


// Macro para definir IOCTL
#define DRVFLTIP_IOCTL_INDEX  0x830


// Defino los IOCTLs
#define START_IP_HOOK CTL_CODE(FILE_DEVICE_DRVFLTIP, DRVFLTIP_IOCTL_INDEX,METHOD_BUFFERED, FILE_ANY_ACCESS)

#define STOP_IP_HOOK CTL_CODE(FILE_DEVICE_DRVFLTIP, DRVFLTIP_IOCTL_INDEX+1, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define ADD_FILTER CTL_CODE(FILE_DEVICE_DRVFLTIP, DRVFLTIP_IOCTL_INDEX+2, METHOD_BUFFERED, FILE_WRITE_ACCESS)

#define CLEAR_FILTER CTL_CODE(FILE_DEVICE_DRVFLTIP, DRVFLTIP_IOCTL_INDEX+3, METHOD_BUFFERED, FILE_ANY_ACCESS)



// Estructura para definir una regla de filtrado
typedef struct filter
{
	USHORT protocol;		// Protocolo

	ULONG sourceIp;			// Direcci�n IP fuente
	ULONG destinationIp;	// Direcci�n IP destino

	ULONG sourceMask;		// Mascara de direcci�n IP fuente
	ULONG destinationMask;	// Mascara de direcci�n IP destino

	USHORT sourcePort;		// Puerto fuente
	USHORT destinationPort; // Puerto destino
	
	BOOLEAN drop;			// Si TRUE, el paquete sera tirado en caso de coincidencia
}IPFilter, *PIPFilter;



// Estructura para definir la lista enlazada de reglas.
struct filterList
{
	IPFilter ipf;

	struct filterList *next;
};


// Cabecera IP
typedef struct IPHeader 
{
    UCHAR     iphVerLen;      // Version y longitud cabecera
    UCHAR     ipTOS;          // Tipo de servicio
    USHORT    ipLength;       // Longitud total del datagrama
    USHORT    ipID;		      // Identificacion 
    USHORT    ipFlags;	      // Flags
    UCHAR     ipTTL;	      // TTL
    UCHAR     ipProtocol;	  // Protocolo de nivel superior 
    USHORT    ipChecksum;     // Checksum de la cabecera
    ULONG     ipSource;       // Direccion fuente
    ULONG     ipDestination;  // Direccion destino
} IPPacket, *PIPPacket; 


// Cabecera TCP
typedef struct _TCPHeader
{
	USHORT			sourcePort;			// Puerto fuente
	USHORT			destinationPort;	// Puerto destino
	ULONG			sequenceNumber;		// Numero de secuencia
	ULONG			acknowledgeNumber;	// Numero de reconocimiento
	UCHAR			dataoffset;			// Puntero a los datos
	UCHAR			flags;				// Flags
	USHORT			windows;			// Tama�o de la ventana TCP
	USHORT			checksum;			// Checksum del paquete
	USHORT			urgentPointer;		// Puntero a los datos "urgentes"
} TCPHeader, *PTCPHeader;


// Cabecera UDP
typedef struct _UDPHeader
{
	USHORT			sourcePort;			// Puerto fuente
	USHORT			destinationPort;	// Puerto destino
	USHORT			len;				// Longitud del datagrama
	USHORT			checksum;			// Checksum del datagrama
} UDPHeader, *PUDPHeader;

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Written By

Jesus Oliva

Chief Technology Officer

Spain

To summarize: learn, learn, learn... and then try to remember something I.... I don't Know what i have to remember...

http://www.olivacorner.com

Developing Firewalls for Windows 2000/XP

License

Comments and Discussions