- This topic has 8 replies, 2 voices, and was last updated 16 years, 11 months ago by
.
-
Posts
-
hope more fast~~~~~~
It is ready but due to the reasonable amount of changes/extensions still needs more testing.
deny ip in the ring0
Yes, this is possible in 3.0.4
send rst packet by one sub~~~
Adding such a specific API would be an overhead because requires knowledge of current connection status (tracking all TCP sessions just to be able to send RST will affect perfomance), it is not a great problem to form RST packet in your code and then send it using WinpkFilter API if you need such functionality.
Great!
if you want to test please contract me from bbs message. π
about the send rst packet,it is very important.
we known,the firewall’s important point is protect the host. if we deny the bad ip from the host,for the first time,we will see the host remain a port state:Time_wait.if we deny many and many ip,the host we get over of the States.
Then like Time_wait, the windows system will keep it for 20 minuts at last.
i suggest add one api for winpkfilter. the api can send any Tcp flag packet. by pass in last tcp packet and tcp flag,we can get the buffer. at last,we can send this packet.
eg:
SendFlagTcpPacketToTcp(Lastpacket,Flag,fromip,toip,from port,toport);just a sample.
and eg: sendFlagTcppacketToadpatch……
by the way,how to get the IFS HOOK like winpktilter(NDIS HOOK)?
reguards!!!!:)
π π
SendFlagTcpPacketToTcp(Lastpacket,Flag,fromip,toip,from port,toport);
It would also need SEQ and ACK. Basically you can write such a function using the existing API completely in user mode.
by the way,how to get the IFS HOOK like winpktilter(NDIS HOOK)?
Create an IFS filter driver. There is a static IFS filter sample in the IFS kit (or in the latest WDK) names sfilter and dynamic IFS filter driver authored by Mark Russinovich used in Filemon. The source code for the last one was floating over the Internet, not the latest version but still.
@SerpentFly wrote:
SendFlagTcpPacketToTcp(Lastpacket,Flag,fromip,toip,from port,toport);
It would also need SEQ and ACK. Basically you can write such a function using the existing API completely in user mode.
oh~~~aha~maybe sorry for my poor Porgrame skill.
i beg u write out a delphi code for send such code use winpkfilter api.even if it is a send rst packet!i can not,yes,i did can not get any message for the examples~
please,what’is the time for release the new version.
I admit the 3.0.4 release was delayed several times already. However, this was done for the reason. Actually current 3.0.4 beta is already used by some customers and we are trying to take into the account their comments and suggestions. Once this process is completed (I hope it is already but better wait for the latest test reports) the new version will be available for public.
If you are a licensed customer you also can participate in WinpkFilter beta.
That’t Right!
hope 3.0.4 can release early.
some questions:
1. if i am a license buyer,can we get the both x86 and x64 current version?
2.can u get me some examples at lease two which use winpkfilter for himself software?
3.a fool question π ,it is: if i but the winpkfilter for a license,when i send my software which used the winpkfilter, ~~~~~~this’s to say: the winpktilter driver i paid will be published. how to prevent it? π π π― π―(software+winpkfilert(licensed))
>other will be used it
>other get the winpkfilert(licensed). all right?do u have email. i want to ask something about how to buy it~~ π
many thanks!!!!!!!!!!
1. if i am a license buyer,can we get the both x86 and x64 current version?
Yes, of course.
2.can u get me some examples at lease two which use winpkfilter for himself software?
Not sure what you exctly mean here, but there are a couple of advanced sampes – Internet Gateway and Ethernet Bridge which are available to licensed users.
a fool question Rolling Eyes ,it is: if i but the winpkfilter for a license,when i send my software which used the winpkfilter, ~~~~~~this’s to say: the winpktilter driver i paid will be published. how to prevent it?
Standard build of WinpkFilter driver is freely available for private and non-commercial use, I don’t think that anyone would steal your custom build.
- You must be logged in to reply to this topic.