监控本地pc网络和阻止ip的是winpcap是工具吗? [英] to monitor local pc network and block ip's is winpcap is the tool?
问题描述
您好
i需要构建网络监视器来嗅探网络并保留
ip策略,这将使我能够根据此策略阻止网络
例如:
如果从ip中传入http协议在我的ip策略黑名单
,现在我喜欢阻止它,例如重定向这个http请求,所以它可以
现在包含我的http包(包注入?)
dose winpcap可以做这项工作吗?
更重要的是
基本上我需要的是构建简单的url阻止应用程序。
我应该使用哪种方法?
Hello
i need to build network monitor that sniff the network and to hold
ip policy that will enable me to block the network based on this policy
for example:
if im getting incoming http protocol from ip that is in my ip policy black list
and now i like to block it and for example redirect this http request so it could
contain now my http packet ( packet injection ? )
dose winpcap can do the job ?
To be more to the point
basically what i need is to build simple url blocking app ..
Which approach should i use?
推荐答案
winpcap可以为您嗅探,但阻止或重定向将需要安装新的 null-routes 阻止的地址,或其他形式的防火墙。
winpcap can sniff for you, but blocking or redirecting will require either installing new null-routes for the blocked addresses, or some other form of firewalling. winpcap won't help you with the firewalling.
当空路由时,你基本上告诉你的TCP / IP协议栈到目的地的错误路由;许多系统为此提供简单的语法,但它出现在Windows下你的最佳选择空路由主机或网络是将数据包转发到不存在的网关。正方向空路由是非常简单,快速,并且在TCP / IP堆栈中使用非常高度优化的重路由查找路径。
When null-routing, you're basically telling your TCP/IP stack a false route to a destination; many systems provide simple syntax for this, but it appears under Windows your best bet for null-routing a host or network is to forward the packets to a non-existent gateway. The plus-side to null-routing is that it is very simple, quick, and uses pathways in the TCP/IP stack that are very highly optimized for heavy lookups.
你也可以使用防火墙规则丢弃数据包,但是你可能使用你的防火墙用于更重要的政策决定,并使你的防火墙表与您不想再谈论的主机列表混在一起可能使检查防火墙规则更加困难;或者,您可能必须启用防火墙,从而导致您可能不需要的性能损失。
You could just as well use firewall rules to drop packets, but you might be using your firewall for 'more important' policy decisions, and cluttering your firewall tables with a list of hosts you don't want to talk with any longer might make inspecting the firewall rules more difficult; or, you might have to enable the firewall, incurring a performance penalty that you might not otherwise need.
这篇关于监控本地pc网络和阻止ip的是winpcap是工具吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
