Making a program that intercepts network traffic in Windows

后端 未结 3 1070
野的像风
野的像风 2021-02-09 22:37

Sort of what I\'m asking is \"how to make a software firewall for Windows,\" but something not so complex. I\'m surprised I can find so little when searching for this, only the

相关标签:
3条回答
  • 2021-02-09 22:55

    The DIY way would be going in kernel mode, using filter-hook drivers (for Windows 2000-XP) or WFP Callout Drivers.

    If you want to let others do the dirty work in kernel-mode, the WinPcap driver/library sports lots of low-level network features, including the ones you need, that you can use from user-mode (notice that using WinPcap you can't drop packets).

    0 讨论(0)
  • 2021-02-09 23:05

    I think what you are looking for is a packet sniffer, it will intercept almost all communications over a network. If you want to use a library, check out WinPCap, which was meant for exactly this purpose.

    Also, if you think that you just want something pre-written and just want to modify it, check out Wireshark. Although, reading code is often more difficult than writing it.

    0 讨论(0)
  • 2021-02-09 23:12

    It sounds like what you're looking for is a Winsock Service Provider Interface (SPI) Layered Service Provider (LSP). From what you've said, if you're dealing with Vista or newer, you probably want to implement an instance of the LSP_INSPECTOR class. For older versions of Windows, that class doesn't apply exactly, but the same general idea does. On Vista/7, you set the category (class) for your application with WSCSetApplicationCategory. To install your provider, you fill out a WSAPROTOCOL_INFO structure, then register it by calling WSCInstallProvider.

    0 讨论(0)
提交回复
热议问题