数据包过滤端口80 [英] Packet filtering port 80
本文介绍了数据包过滤端口80的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我尝试使用此代码拒绝在端口80上进行浏览,但仍然可以通过此端口进行浏览.源代码:
I tried this code to deny browsing on port 80 but I still able to browse via this port. Source code:
if(::PfCreateInterface(0,PF_ACTION_FORWARD,PF_ACTION_FORWARD,false,true,&ihandle)==NO_ERROR)
{
AfxMessageBox("Step 1 Done");
BYTE ip[4]={202,165,250,50};
BYTE msk[4]={255,255,255,0};
BYTE dm[4]={0,0,0,0};
inFilter.dwFilterFlags = FD_FLAGS_NOSYN; //always this value
inFilter.dwRule = 0; //always this value
inFilter.pfatType = PF_IPV4; //using ipV4 addresses
inFilter.SrcAddr = (PBYTE)dm;
inFilter.SrcMask = (PBYTE)dm; //mask for local ip
inFilter.DstAddr = (PBYTE)ip; //any destination
inFilter.DstMask = (PBYTE)msk;
inFilter.wSrcPort =0;//any source port
inFilter.wSrcPortHighRange=4000;
inFilter.wDstPort = 80; //destination port 80(http service)
inFilter.wDstPortHighRange=80;
inFilter.dwProtocol =(DWORD)FILTER_PROTO_ANY; //Tcp protocol
DWORD err;
err=::PfAddFiltersToInterface(ihandle,1,&inFilter,0,NULL,&fHandle);
if(err==NO_ERROR)
{
if(::PfBindInterfaceToIPAddress(ihandle,PF_IPV4,(PBYTE)ip)==NO_ERROR)
{
AfxMessageBox("IP Adress Binded");
}
}
}
推荐答案
这不是过滤网络流量的正确方法.
过滤网络流量的最佳方法如下:
1. NDIS协议驱动程序与NDIS中间驱动程序结合使用.
2.钩子. (我认为是一种解决方法)
祝你好运!
D,Kurt.
This not the right way to filter network traffic.
The best ways to filter network Traffic is as follows:
1. NDIS Protocol Driver Combined with NDIS Intermediate Drivers.
2. Hooks. (kind of a workaround in my humble opinion)
Good Luck!!
D,Kurt.
这篇关于数据包过滤端口80的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文