Windows TCP/IP

Hi!
I wish to know about Win32 TCP/IP implementation, whether and how I can bypass it, actually. Setting a hook would also be interesting (I want to write a firewall).
Thanks!

Comments

  • SephirothSephiroth Fayetteville, NC, USA
    : Hi!
    : I wish to know about Win32 TCP/IP implementation, whether and how I can bypass it, actually. Setting a hook would also be interesting (I want to write a firewall).
    : Thanks!
    :
    What do you mean by by-passing it? Do you not want it to start at boot? Do you want all data recieved to go somewhere else?? Basically, you won't by-pass TCP to make a firewall. I would think that you'd make an app that would simply monitor incoming traffic, and if TCP hasn't started listening for data on that port, simply destroy the packet or save it to view later. I'm using TCP for game coding, so I am basing this on what I know of listening, opening, closing, yadda-yadda with ports.

    -[italic][b][red]S[/red][purple]e[/purple][blue]p[/blue][green]h[/green][red]i[/red][purple]r[/purple][blue]o[/blue][green]t[/green][red]h[/red][/b][/italic]

  • By by-passing TCP/IP, I mean sending and receiving data on the available physical conection, without encapsulating it in IP packets. That is, handling all data that is being sent/received over a telephone line or an ethernet connection. This way I could be sure that Win32 TCP/IP gets only the data I want it to get, and I could handle the TCP/IP packets before they are analized by the Win32 TCP/IP layer.
    I realize that sounds pretty SF, I'm just asking if anybody ever tried to do it... :)
  • : By by-passing TCP/IP, I mean sending and receiving data on the available physical conection, without encapsulating it in IP packets. That is, handling all data that is being sent/received over a telephone line or an ethernet connection. This way I could be sure that Win32 TCP/IP gets only the data I want it to get, and I could handle the TCP/IP packets before they are analized by the Win32 TCP/IP layer.
    : I realize that sounds pretty SF, I'm just asking if anybody ever tried to do it... :)
    :

    What Windows you are working on? In CE you can't hook dialup interface but in 98, ME (brrrr), NT, 2000 and XP all that is possible.

    First of all, you need to get yourself Windows DDK (Device Driver Kit). It has all the headers, libraries and pretty good documents. Then look for NDIS Intermediate Driver (filter driver) form documentations. You don't have to rip off Windows TCP/IP driver, you can set your own intermediate driver below TCP/IP but above NIC-driver (or above dialup-intermediate driver).

    So now your driver gets all the packets that are coming from network before TCPIP gets them. It also get all packets coming from TCPIP before they are sent to network. You can modify packets, drop them, construct and send your own packets etc.

    The trickiest part here is how to communicate with user-space software. In my previous company, where I was programming stuff like this, we used UDP packets to carry information but this is pretty ugly way. There is some other way to do this but I can't remember it's name. Something call IRP is sent through registered IRP-handlers from user-space to kernel... can't remember.

    Well anyway, I think this would be the best solution and pretty easy to implement because DDK has sample intermediate driver which is well documented.
  • Thanks, Weicco, but now a new problem arises: how do I get my hands on the Windows XP DDK?
    I got the WinNT 4.0 DDK when it was still available for download from Microsoft. Is there any way that I can download the Windows XP DDK from somewhere too? I mean, after all it is free, people should be able to just download it.
  • I think it costs money. Not sure though. Email MS and ask :)

    : Thanks, Weicco, but now a new problem arises: how do I get my hands on the Windows XP DDK?
    : I got the WinNT 4.0 DDK when it was still available for download from Microsoft. Is there any way that I can download the Windows XP DDK from somewhere too? I mean, after all it is free, people should be able to just download it.
    :

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories