C#,防火墙的自定义错误消息 [英] C#, custom error message for my firewall
问题描述
目前,我正在做一个有关设计和实现防火墙的项目.一切正常.在这里,我正在过滤通过TCP端口的所有数据包.但是,如果某个页面被阻止,我需要发送一个自定义页面.就像您的页面被管理员阻止"一样.我不知道该怎么做.我可以使用原始套接字吗?如果是这样,请告诉我,怎么办?但是据我所知,原始套接字无法在Windows XP SP2和更高版本上发送,还有其他解决方案吗?
Presently I am doing a project on designing and implementing a firewall. Everything is working fine. Here I am filtering all packets going through a TCP port. But I need to send a custom page if a page is being blocked. Like "Your page is blocked by admin". I don't have any idea how to do it. Can I do it using raw sockets? If so please tell me, how to? But as I know raw socket does not work for sending on Windows XP SP2 and later, is there any other solution?
我使用C ++为IP地址过滤器创建DLL.然后,将其导入到我的C ++程序中. IP地址阻塞正常.但是当浏览器找不到其页面时,我的客户需要自定义消息.
I used C++ to create a DLL for an IP address filter. Then I imported it in my C++ program. IP addresses are blocking fine. But my customer needs the custom message when a browser is not finding its page.
推荐答案
如果您有选择地允许访问某些网页,则本质上就像是代理.而且,如果您想用错误页面来响应客户,您将需要像一个人那样做.
If you're selectively allowing access to certain web pages, you're essentially acting like a proxy. And you'll need to act more like one if you want to respond to clients with an error page.
发出HTTP请求的浏览器将在打开的同一连接上获得响应.为了返回已阻止"页面,您需要确定连接是否连接到您不希望用户访问的地方,如果不是,则返回有效的HTTP响应(即使该响应是HTTP错误)例如"403禁止访问"或更适合代理使用的内容)在同一连接上.
A browser making an HTTP request will expect the response on the same connection it opened. In order to return a "blocked" page, you'll need to determine whether the connection is to someplace you don't want the user to go, and if not, return a valid HTTP response (even if that response is an HTTP error like "403 Forbidden" or something more appropriate to a proxy) on that same connection.
如果在连接尚未打开之前就阻止了该连接,即:阻止对某些IP地址的访问,那么您就有点卡住了.您最多可以做的是返回 ICMP 消息,指出主机不可用.如果可能的话,您至少需要接受连接,接受传入的请求,并以错误消息进行回复.几乎没有什么了,浏览器通常不知道该怎么做.
If you're blocking the connection before it's even opened, ie: blocking access to certain IP addresses, then you're kind of stuck. The most you could do is return an ICMP message saying the host isn't available. You need to at least accept the connection if you can, accept the incoming request, and reply with your error message. Anything less, and a browser typically won't know what to do with it.
这篇关于C#,防火墙的自定义错误消息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
