Jok3r;119693 schrieb:

Hallo Leute ich habe vor einigen Tagen eine Source von einem Paketfilter released.
Jetzt dachte da einige ihren eingenen Paketfilter basteln wollen
stelle ich sie hier jetzt auch in den Bereich, da viele ja nicht in den C++ Bereich schauen.
Jetzt auch inklusive IP Blocker von mir...
mehr kann ich nich in C++ xD
Packetfilter.cpp

C-Quellcode

1. /******************************************************************************
2. PacketFilter.cpp - PacketFilter class implemenation.
4. Mahesh S
5. swatkat_thinkdigit@yahoo.co.in
6. http://swatrant.blogspot.com/
9. ******************************************************************************/
11. #include "PacketFilter.h"
13. /******************************************************************************
14. PacketFilter::PacketFilter() - Constructor
15. *******************************************************************************/
16. PacketFilter::PacketFilter()
17. {
18. try
19. {
20. // Initialize member variables.
21. m_hEngineHandle = NULL;
22. ::ZeroMemory( &m_subLayerGUID, sizeof( GUID ) );
23. }
24. catch(...)
25. {
26. }
27. }
29. /******************************************************************************
30. PacketFilter::~PacketFilter() - Destructor
31. *******************************************************************************/
32. PacketFilter::~PacketFilter()
33. {
34. try
35. {
36. // Stop firewall before closing.
37. StopFirewall();
38. }
39. catch(...)
40. {
41. }
42. }
44. /******************************************************************************
45. PacketFilter::CreateDeleteInterface - This method creates or deletes a packet
46. filter interface.
47. *******************************************************************************/
48. DWORD PacketFilter::CreateDeleteInterface( bool bCreate )
49. {
50. DWORD dwFwAPiRetCode = ERROR_BAD_COMMAND;
51. try
52. {
53. if( bCreate )
54. {
55. // Create packet filter interface.
56. dwFwAPiRetCode = ::FwpmEngineOpen0( NULL,
57. RPC_C_AUTHN_WINNT,
58. NULL,
59. NULL,
60. &m_hEngineHandle );
61. }
62. else
63. {
64. if( NULL != m_hEngineHandle )
65. {
66. // Close packet filter interface.
67. dwFwAPiRetCode = ::FwpmEngineClose0( m_hEngineHandle );
68. m_hEngineHandle = NULL;
69. }
70. }
71. }
72. catch(...)
73. {
74. }
75. return dwFwAPiRetCode;
76. }
78. /******************************************************************************
79. PacketFilter::BindUnbindInterface - This method binds to or unbinds from a
80. packet filter interface.
81. *******************************************************************************/
82. DWORD PacketFilter::BindUnbindInterface( bool bBind )
83. {
84. DWORD dwFwAPiRetCode = ERROR_BAD_COMMAND;
85. try
86. {
87. if( bBind )
88. {
89. RPC_STATUS rpcStatus = {0};
90. FWPM_SUBLAYER0 SubLayer = {0};
92. // Create a GUID for our packet filter layer.
93. rpcStatus = ::UuidCreate( &SubLayer.subLayerKey );
94. if( NO_ERROR == rpcStatus )
95. {
96. // Save GUID.
97. ::CopyMemory( &m_subLayerGUID,
98. &SubLayer.subLayerKey,
99. sizeof( SubLayer.subLayerKey ) );
101. // Populate packet filter layer information.
102. SubLayer.displayData.name = FIREWALL_SUBLAYER_NAMEW;
103. SubLayer.displayData.description = FIREWALL_SUBLAYER_NAMEW;
104. SubLayer.flags = 0;
105. SubLayer.weight = 0x100;
107. // Add packet filter to our interface.
108. dwFwAPiRetCode = ::FwpmSubLayerAdd0( m_hEngineHandle,
109. &SubLayer,
110. NULL );
111. }
112. }
113. else
114. {
115. // Delete packet filter layer from our interface.
116. dwFwAPiRetCode = ::FwpmSubLayerDeleteByKey0( m_hEngineHandle,
117. &m_subLayerGUID );
118. ::ZeroMemory( &m_subLayerGUID, sizeof( GUID ) );
119. }
120. }
121. catch(...)
122. {
123. }
124. return dwFwAPiRetCode;
125. }
127. /******************************************************************************
128. PacketFilter::AddRemoveFilter - This method adds or removes a filter to an
129. existing interface.
130. *******************************************************************************/
131. DWORD PacketFilter::AddRemoveFilter( bool bAdd )
132. {
133. DWORD dwFwAPiRetCode = ERROR_BAD_COMMAND;
134. try
135. {
136. if( bAdd )
137. {
138. if( m_lstFilters.size() )
139. {
140. IPFILTERINFOLIST::iterator itFilters;
141. for( itFilters = m_lstFilters.begin(); itFilters != m_lstFilters.end(); itFilters++ )
142. {
143. if( ( NULL != itFilters->bIpAddrToBlock ) && ( 0 != itFilters->uHexAddrToBlock ) )
144. {
145. FWPM_FILTER0 Filter = {0};
146. FWPM_FILTER_CONDITION0 Condition = {0};
147. FWP_V4_ADDR_AND_MASK AddrMask = {0};
149. // Prepare filter condition.
150. Filter.subLayerKey = m_subLayerGUID;
151. Filter.displayData.name = FIREWALL_SERVICE_NAMEW;
152. Filter.layerKey = FWPM_LAYER_INBOUND_TRANSPORT_V4;
153. Filter.action.type = FWP_ACTION_BLOCK;
154. Filter.weight.type = FWP_EMPTY;
155. Filter.filterCondition = &Condition;
156. Filter.numFilterConditions = 1;
158. // Remote IP address should match itFilters->uHexAddrToBlock.
159. Condition.fieldKey = FWPM_CONDITION_IP_REMOTE_ADDRESS;
160. Condition.matchType = FWP_MATCH_EQUAL;
161. Condition.conditionValue.type = FWP_V4_ADDR_MASK;
162. Condition.conditionValue.v4AddrMask = &AddrMask;
164. // Add IP address to be blocked.
165. AddrMask.addr = itFilters->uHexAddrToBlock;
166. AddrMask.mask = VISTA_SUBNET_MASK;
168. // Add filter condition to our interface. Save filter id in itFilters->u64VistaFilterId.
169. dwFwAPiRetCode = ::FwpmFilterAdd0( m_hEngineHandle,
170. &Filter,
171. NULL,
172. &(itFilters->u64VistaFilterId) );
173. }
174. }
175. }
176. }
177. else
178. {
179. if( m_lstFilters.size() )
180. {
181. IPFILTERINFOLIST::iterator itFilters;
182. for( itFilters = m_lstFilters.begin(); itFilters != m_lstFilters.end(); itFilters++ )
183. {
184. if( ( NULL != itFilters->bIpAddrToBlock ) && ( 0 != itFilters->uHexAddrToBlock ) )
185. {
186. // Delete all previously added filters.
187. dwFwAPiRetCode = ::FwpmFilterDeleteById0( m_hEngineHandle,
188. itFilters->u64VistaFilterId );
189. itFilters->u64VistaFilterId = 0;
190. }
191. }
192. }
193. }
194. }
195. catch(...)
196. {
197. }
198. return dwFwAPiRetCode;
199. }
201. /******************************************************************************
202. PacketFilter::ParseIPAddrString - This is an utility method to convert
203. IP address in string format to byte array and
204. hex formats.
205. *******************************************************************************/
206. bool PacketFilter::ParseIPAddrString( char* szIpAddr, UINT nStrLen, BYTE* pbHostOrdr, UINT nByteLen, ULONG& uHexAddr )
207. {
208. bool bRet = true;
209. try
210. {
211. UINT i = 0;
212. UINT j = 0;
213. UINT nPack = 0;
214. char szTemp[2];
216. // Build byte array format from string format.
217. for( ; ( i < nStrLen ) && ( j < nByteLen ); )
218. {
219. if( '.' != szIpAddr[i] )
220. {
221. ::StringCchPrintf( szTemp, 2, "%c", szIpAddr[i] );
222. nPack = (nPack*10) + ::atoi( szTemp );
223. }
224. else
225. {
226. pbHostOrdr[j] = nPack;
227. nPack = 0;
228. j++;
229. }
230. i++;
231. }
232. if( j < nByteLen )
233. {
234. pbHostOrdr[j] = nPack;
236. // Build hex format from byte array format.
237. for( j = 0; j < nByteLen; j++ )
238. {
239. uHexAddr = ( uHexAddr << 8 ) + pbHostOrdr[j];
240. }
241. }
242. }
243. catch(...)
244. {
245. }
246. return bRet;
247. }
249. /******************************************************************************
250. PacketFilter::AddToBlockList - This public method allows caller to add
251. IP addresses which need to be blocked.
252. *******************************************************************************/
253. void PacketFilter::AddToBlockList( char* szIpAddrToBlock )
254. {
255. try
256. {
257. if( NULL != szIpAddrToBlock )
258. {
259. IPFILTERINFO stIPFilter = {0};
261. // Get byte array format and hex format IP address from string format.
262. ParseIPAddrString( szIpAddrToBlock,
263. ::lstrlen( szIpAddrToBlock ),
264. stIPFilter.bIpAddrToBlock,
265. BYTE_IPADDR_ARRLEN,
266. stIPFilter.uHexAddrToBlock );
268. // Push the IP address information to list.
269. m_lstFilters.push_back( stIPFilter );
270. }
271. }
272. catch(...)
273. {
274. }
275. }
277. /******************************************************************************
278. PacketFilter::StartFirewall - This public method starts firewall.
279. *******************************************************************************/
280. BOOL PacketFilter::StartFirewall()
281. {
282. BOOL bStarted = FALSE;
283. try
284. {
285. // Create packet filter interface.
286. if( ERROR_SUCCESS == CreateDeleteInterface( true ) )
287. {
288. // Bind to packet filter interface.
289. if( ERROR_SUCCESS == BindUnbindInterface( true ) )
290. {
291. // Add filters.
292. AddRemoveFilter( true );
294. bStarted = TRUE;
295. }
296. }
297. }
298. catch(...)
299. {
300. }
301. return bStarted;
302. }
304. /******************************************************************************
305. PacketFilter::StopFirewall - This method stops firewall.
306. *******************************************************************************/
307. BOOL PacketFilter::StopFirewall()
308. {
309. BOOL bStopped = FALSE;
310. try
311. {
312. // Remove all filters.
313. AddRemoveFilter( false );
314. m_lstFilters.clear();
316. // Unbind from packet filter interface.
317. if( ERROR_SUCCESS == BindUnbindInterface( false ) )
318. {
319. // Delete packet filter interface.
320. if( ERROR_SUCCESS == CreateDeleteInterface( false ) )
321. {
322. bStopped = TRUE;
323. }
324. }
325. }
326. catch(...)
327. {
328. }
329. return bStopped;
330. }
332. #ifdef SAMPLE_APP
333. /******************************************************************************
334. main - Entry point.
335. *******************************************************************************/
336. void main()
337. {
338. try
339. {
340. PacketFilter pktFilter;
342. // Add IP addresses which are to be blocked.
343. pktFilter.AddToBlockList( "209.160.73.61" );
344. pktFilter.AddToBlockList( "69.10.233.10" );
346. // Start firewall.
347. if( pktFilter.StartFirewall() )
348. {
349. printf( "\nFirewall started successfully...\n" );
350. }
351. else
352. {
353. printf( "\nError starting firewall. GetLastError() 0x%x", ::GetLastError() );
354. }
356. // Wait.
357. printf( "\nPress any key to stop firewall...\n" );
358. _getch();
360. // Stop firewall.
361. if( pktFilter.StopFirewall() )
362. {
363. printf( "\nFirewall stopped successfully...\n" );
364. }
365. else
366. {
367. printf( "\nError stopping firewall. GetLastError() 0x%x", ::GetLastError() );
368. }
370. // Quit.
371. printf( "\nPress any key to exit...\n" );
372. _getch();
373. }
374. catch(...)
375. {
376. }
377. }
378. #endif //SAMPLE_APP

Alles anzeigen

Packetfilter.h

C-Quellcode

1. /******************************************************************************
2. PacketFilter.h - PacketFilter class declaration.
4. Mahesh S
5. swatkat_thinkdigit@yahoo.co.in
6. http://swatrant.blogspot.com/
9. ******************************************************************************/
11. #ifndef _PACKETFILTER_H_
12. #define _PACKETFILTER_H_
14. #define SAMPLE_APP // Comment this line to disable the main().
16. // Standard includes.
17. #include <Winsock2.h>
18. #include <windows.h>
19. #include <stdio.h>
20. #include <conio.h>
21. #include <strsafe.h>
22. #include <fwpmu.h>
23. #include <list>
25. // Firewall sub-layer names.
26. #define FIREWALL_SUBLAYER_NAME "MyVistaFirewall"
27. #define FIREWALL_SUBLAYER_NAMEW L"MyVistaFirewall"
28. #define FIREWALL_SERVICE_NAMEW FIREWALL_SUBLAYER_NAMEW
30. // Byte array IP address length
31. #define BYTE_IPADDR_ARRLEN 4
33. // String format IP address length
34. #define STR_IPADDR_LEN 32
36. // Vista subnet mask
37. #define VISTA_SUBNET_MASK 0xffffffff
39. // Structure to store IP address filter.
40. typedef struct _IPFILTERINFO {
41. BYTE bIpAddrToBlock[BYTE_IPADDR_ARRLEN];
42. ULONG uHexAddrToBlock;
43. UINT64 u64VistaFilterId;
44. } IPFILTERINFO, *PIPFILTERINFO;
46. // List of filters.
47. typedef std::list<IPFILTERINFO> IPFILTERINFOLIST;
49. class PacketFilter
50. {
51. private:
52. // Firewall engine handle.
53. HANDLE m_hEngineHandle;
55. // Firewall sublayer GUID.
56. GUID m_subLayerGUID;
58. // List of filters.
59. IPFILTERINFOLIST m_lstFilters;
61. // Method to get byte array format and hex format IP address from string format.
62. bool ParseIPAddrString( char* szIpAddr, UINT nStrLen, BYTE* pbHostOrdr, UINT nByteLen, ULONG& uHexAddr );
64. // Method to create/delete packet filter interface.
65. DWORD CreateDeleteInterface( bool bCreate );
67. // Method to bind/unbind to/from packet filter interface.
68. DWORD BindUnbindInterface( bool bBind );
70. // Method to add/remove filter.
71. DWORD AddRemoveFilter( bool bAdd );
73. public:
75. // Constructor.
76. PacketFilter();
78. // Destructor.
79. ~PacketFilter();
81. // Method to add IP addresses to m_lstFilters list.
82. void AddToBlockList( char* szIpAddrToBlock );
84. // Method to start packet filter.
85. BOOL StartFirewall();
87. // Method to stop packet filter.
88. BOOL StopFirewall();
89. };
91. #endif

Alles anzeigen

Damit kann hier eh 99% nichts anfangen. :>
Naja ist ja nett das du den nicht Programmierern helfen willst, aber wer nichtmal einen Simplen Packet Filter hinkriegt sollte auch deinen Code nicht viel bringen.
mfg. seeby

Also echt nice sowas

Nice :P i will look trough it soon ^^

wenn du zu viel zeit hast meld dich ma per pn ;>
wollte eh grad c++ "lernen", könntest mir ja bissl was erklären, ich lern schnell xD

Wobei hier wiederum die Frage nach dem Grund ist...
An alle, die es wohl nicht verstehen:

Dieser Filter kann bestimmte IPs / Ranges / Protokolle etc blockieren und funktioniert quasi wie eine Firewall.
Schädigende Packets wie z.b. Penya Bug oder invalid Namechange können nicht verhindert werden. ^^

Alle Features hier sind ohne Probleme auch mit der Windoof-Firewall zu bewerkstelligen.

Joa auserdem ist das nen source von codeprojekt, also mal wieder geklaut :P

Danke :thumbsup:

Hat das jemand schon versucht^^ ?
Wenn ich das versuche zu Compilern, dann findet er iwie gleich 26 Fehler im Code :x ! Kann mir jemand evt. helfen. :D ?

Thx im Vorraus. =)

CriticalByte;132228 schrieb:

Hat das jemand schon versucht^^ ?
Wenn ich das versuche zu Compilern, dann findet er iwie gleich 26 Fehler im Code :x ! Kann mir jemand evt. helfen. :D ?

Thx im Vorraus. =)

Poste die fehler dann kann dir auch geholfen werden xD

Ich hab mal ein Foto von den Fehlern gemacht. :3