Re: Firewall IM Driver Help

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: MFPL <notgiven@xxxxxxxxxxxxxxxxx>
Date: Tue, 06 Dec 2005 01:13:42 +0000

Pavel A. wrote:

"MFPL" <notgiven@xxxxxxxxxxxxxxxxx> wrote in message news:eNbm5id%23FHA.2384@xxxxxxxxxxxxxxxxxxxxxxx
I am a student and have not the money to buy already made/test engine for this and also buying one complete will not help me learn.
Uno momento... A copy of personal firewall sotware costs < $50,
and some are free. Ethereal is free.

You know any personal firewall software for windows < $50 with open source for the driver hook ?

I have Ethereal at home and use it to help understand my CCNP. But Ethereal is a different thing. I think maybe it is not the same, it used libpcap. Libpcap is 'packet capture' but has it 'packet filtering' ? I have libpcap/winpcap sources but not spend time to look at yet.

I find free 'packet capture' but 'packet filtering' source is very much money. I look at PCAUSA and others.

Also, studying a good product made and tested by professionals IMHO
is very useful for learning.

Yes but I hope to start with the simple filtering base and learn from it. I think that I learn much more by making problems and solve them than reading the correct way and not knowing all the significances.

Maybe you are developing a commercial product?

No it is not for comercial product. But it is something I interest in having as a job when I finish my course.

Do you suggest to begin from winpcap ? Is this packet capture example the same basic system I need for packet filter ? Do you recomend it as a base for the firewall hook ?

Also, do you know any warnings you can give me when throwing away the packet instead of indicate it ? Is there anything special to do to avoid a problem ? For an example, who cleans the buffer and do I need to tell/ask other layer that it is safe to do so ?

Sorry but it seems there is not much detail or tutorial on this although it is an important topic.


Thank you for your time and your help.  I apologise for my english.

--PA

Follow-Ups:
- Re: Firewall IM Driver Help
  - From: Thomas F. Divine [DDK MVP]

References:
- Firewall IM Driver Help
  - From: MFPL
- Re: Firewall IM Driver Help
  - From: Pavel A.

Prev by Date: Re: Reporting a bug to Microsoft
Next by Date: Re: Keyboard filter driver - obtaining keyboard indicator status
Previous by thread: Re: Firewall IM Driver Help
Next by thread: Re: Firewall IM Driver Help
Index(es):
- Date
- Thread

Relevant Pages

Re: Firewall IM Driver Help
... The second article includes an example of blocking packets. ... Libpcap is 'packet capture' but has it 'packet filtering'? ... I find free 'packet capture' but 'packet filtering' source is very much money. ...
(microsoft.public.development.device.drivers)
enc0 patch for ipsec
... This is a device to expose packets going in/out of ipsec and comes ... and handoff to pfilfor packet filtering. ... the extra work is only done when the enc0 interface is created. ...
(freebsd-arch)
enc0 patch for ipsec
... This is a device to expose packets going in/out of ipsec and comes ... and handoff to pfilfor packet filtering. ... the extra work is only done when the enc0 interface is created. ...
(freebsd-net)
Re: How to use if_bridge
... some of the net.link.bridge sysctls as well. ... has affect when packet filtering is enabled, both for the on and off ... knob contols what happens when filtering is enabled and the packet is ... worked in hostap mode as well, but failed in infrastructure mode. ...
(freebsd-net)
Re: Ethereal - not sufficient permission?
... >>You need root privilege to use Ethereal ... > Only in packet capture mode. ... > a previously recorded packet trace. ... > ethereal binary tends to crash the whole system if run in packet capture ...
(comp.os.linux.networking)