So far, in Windows 2000/XP/2003 operating systems the packet filtering APIs (PfXxx APIs) were used to implement TCP/IP packet filtering applications and firewalls. However, these PfXxx APIs are discontinued in Windows Vista/2008! But, Vista contains a completely new filtering engine called Windows Filtering Platform (WFP). The WFP gives various APIs using which packet filtering can be achieved. However, I couldn't find simple and reasonably complete examples of these APIs. Hence I posted an article at CodeProject which shows an implementation of simple firewall using WFP. It might help if you are planning to use WFP APIs. The article can be found here. That article is just a starting point, and you can do much more things with WFP. These are some of the pages which give information about WFP:
WFP Management API Reference
WFP structures Reference
Windows SDK 2008
Visual Studio 2008
Windows Filtering Platform (WFP) user mode examples
By secgeeks - Posted on September 4th, 2008
Tagged:
67
vote
Bookmark/Search this post with:
http://www.secgeeks.com/trackback/2334
