For Rllibby regarding firewall

Ok I WAS going to say it does not work but i tried something and i fixed it, ok the problem is that the code is failing because when it gets the IP it gets the network address, not the assigned IP address, so this is what i did

  if GetLocalIPAddr(@ipLocal) then
     begin
         IpLocal[0]:=StrToInt('203');
         IpLocal[1]:=StrToInt('217');
         IpLocal[2]:=StrToInt('3');
         IpLocal[3]:=StrToInt('209');
        // Create the interface
        PfCreateInterface(0, PF_ACTION_FORWARD, PF_ACTION_FORWARD, False, True, hIF);

        // Add some filters - these are just examples
        AddFilter(ioIn, '66.102.7.104', protoTcp, nil);
        AddFilter(ioOut, '66.102.7.104', protoTcp, '80');
        AddFilter(ioOut, '216.239.53.99', protoTcp, '80');
        AddFilter(ioIn, '66.218.70.48', protoUdp, '1024');

        // Example of blocking all outbound to web sites
        AddFilter(ioOut, nil, protoTcp, '80');

        AddFilter(ioOut, '203.217.3.209', protoTcp, '80');
        AddFilter(ioOut,  Nil, protoTcp, '80');

//etc etc


and it fixed it, it blocked the page, ok then i wrote some code years ago, probably could do with a little cleaning up, but it gets the real IP address and not the network address, if you want to use this code in your code it should fix a lot of peoples problems

you see this machine reads 0.0.0.0 127.0.0.1 and ISP IP (which is in the example above but it's alright now, i can finish off the firewall to prevent you from h4<>0ring me :P just kiddin...)



unit GetIp;


interface

Uses
  WinSock,Windows, Dialogs, SysUtils ;

Type

 PMIB_IPADDRROW = ^TMIB_IPADDRROW;
 TMIB_IPADDRROW = record
    dwAddr: dword;
    dwIndex: dword;
    dwMask: dword;
    dwBCastAddr: dword;
    dwReasmSize: dword;
    unused1: word;
    unused2: word;
   end;  { TMIB_IPADDRROW }

  PMIB_IPADDRTABLE = ^TMIB_IPADDRTABLE;
 TMIB_IPADDRTABLE = record
     dwNumEntries: dword;
    Table: array[0 .. 0] of TMIB_IPADDRROW;
 end; { TMIB_IPADDRTABLE }

Type
 TName = array[0..100] of Char;
  PName = ^TName;



  function GetIpAddrTable(pIpAddrTable: PMIB_IPADDRTABLE;
        var pdwSize:  dword;
    bOrder: BOOL): dword; stdcall; external 'IPHLPAPI.DLL';
   function GetHostIP(var sHostName, sIPAddr, sWSAError: string): Boolean;
   Function GetIpAddress: String;

implementation

Function GetIpAddress: String;
  var
  IpAddrTable: PMIB_IPADDRTABLE;
  Size, dwResult: dword;
  ErrorMessage: array[0 .. 256] of char;
  LibH: THandle;
  CountIp: Integer;
  theipaddy: array[1..10] of string;
  Res,tmpname,tmpclass,s1 : string;
  C: Integer;
//  countip: integer;
begin
  { Confirm that the IP Helper API DLL exists }
        LibH := LoadLibrary('IPHLPAPI.DLL');
if LibH = 0
  then Exit
  else FreeLibrary(LibH);
//Memo1.Lines.Clear;
 Size := 1;
GetMem(IpAddrTable, Size);
FillChar(IpAddrTable^, Size, #0);
 dwResult := GetIpAddrTable(IpAddrTable, Size, true);
  if dwResult = ERROR_INSUFFICIENT_BUFFER
 then
begin
 FreeMem(IpAddrTable);
 GetMem(IpAddrTable, Size);
 FillChar(IpAddrTable^, Size, #0);
 dwResult := GetIpAddrTable(IpAddrTable, Size, true);
 end
   else
begin
 FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, nil, dwResult, 0,
  @ErrorMessage, Sizeof(ErrorMessage) - 1, nil);
showmessage('Function GetIpAddrTable failed - ' + ErrorMessage);
  end;

{ Display all IP addresses }
countip:=0;
for C := 0 to IpAddrTable.dwNumEntries - 1 do
 begin
 inc(countip);
   theipaddy[c+1]:=inet_ntoa(in_addr(IpAddrTable.Table[C].dwAddr));
  end;
 FreeMem(IpAddrTable);
 Res:='';

 for c:=1 to countip do
  Begin
   If (Pos('127.0.0.1',theipaddy[c])=0) And (Pos('0.0.0.0',theipaddy[c])=0) And (Pos('192.168.',theipaddy[c])=0)  Then
     Res:=Res+theipaddy[c]+', ';
  End;
 Res:=Copy(Res,1,Length(Res)-2);
 Result:=Trim(Res);
End;

function GetHostIP(var sHostName, sIPAddr, sWSAError: string): Boolean;
var
  HEnt: pHostEnt;
  HName: PName;
  WSAData: TWSAData;
  iCnt: Integer;
begin
  Result := False;
  if WSAStartup($0101, WSAData) <> 0 then begin
    sWSAError := 'WSAStartup error';
    Exit;
  end;
  sHostName := '';
  sIPAddr := '';
  sWSAError := '';
  New(HName);
  if GetHostName(HName^, SizeOf(TName)) = 0 then begin
    Result := True;
    sHostName := StrPas(HName^);
    HEnt := GetHostByName(HName^);
    for iCnt := 0 to HEnt^.h_length - 1 do
      sIPAddr := sIPAddr + IntToStr(Ord(HEnt^.h_addr_list^[iCnt])) + '.';
    SetLength(sIPAddr, Length(sIPAddr) - 1);
  end
  else begin
    case WSAGetLastError of
      WSAEFAULT        : sWSAError := 'WSAEFault';
      WSANOTINITIALISED: sWSAError := 'WSANotInitialised';
      WSAENETDOWN      : sWSAError := 'WSAENetDown';
      WSAEINPROGRESS   : sWSAError := 'WSAEInProgress';
    end;
  end;
  Dispose(HName);
  WSACleanup;
end;


end.


//yeah sorry about the mess, i got the winsock code from somewhere and extended it to get the IP back when i did not really know what i was doing lol

// sample

program Project1;
{$APPTYPE CONSOLE}
uses SysUtils,GetIP;

begin
  // Insert user code here
   Writeln(GetIPAddress);
   Readln;
end.


So if you could merge the two together, that would be great :) unless you know a reason why these two should not be lawfully wed in holy ma... i was at wedding on Saturday lol...

and here's 100 points for you to do it :P
LVL 4
tobjectpascalAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tobjectpascalAuthor Commented:
ProtoUDP does not seem to work either, just TCP. i'm trying to block UDP port 5001 (Yahoo Voice)
0
tobjectpascalAuthor Commented:
OK it seems that whatever you had with nil and blocking all ip addresses seems to exist for the UDP part as well... it's strange, if you can fix it that would be great :)


Thanks...


Craig C.
0
tobjectpascalAuthor Commented:
damn it, i thought that would fix it...

AddFilter(ioIn, 'v5.vc.dcn.yahoo.com', ProtoUDP, '5001');

still nothin, is it even possible to block UDP?
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

tobjectpascalAuthor Commented:
lmao


Netstat


v6.vc.scd.yahoo.com:5001

 AddFilter(ioIN,  Nil, protoUDP, '5000'); <<blocks the UDP port 5001, i created a for next loop from 5000 to 6000 and blocked them all in and out... after some messing around i figured out that it's 1 less than what netstat displays...
0
Russell LibbySoftware Engineer, Advisory Commented:

Seems like you have it working, and have merged the source in the other question,so....
not sure if there is much I can help you with at this point.

Regarding the udp handling, I'm not sure why it is the way it is. Like I said in the prior q, the documentation from MS is poor to none. And trying to find examples on this stuff provides very few examples to go from.

But, if there is anything that I can help you with, just give a holler.
 
Russell
0
tobjectpascalAuthor Commented:
the UDP handling worked, '5001' blocks port '5000' it's always one less, i blocked 5001 no problem with 5000,.
0
tobjectpascalAuthor Commented:
i do have 1 question though, just the theory, not after any code :)

this code blocks the port completely, from all programs which i think is excellent, but firewalls manage to prevent certain applications from connecting on certain ports... do you know the idea behind that? as in what's the difference between this code and code to do that? completely different method? different DLLs to call?

injecting dlls into the proccess space? i can't really see how,  just a thought...
0
Russell LibbySoftware Engineer, Advisory Commented:

The "idea" behind it actually translates to software code running at a lower level than the user mode packet filtering. Its called NDIS filtering, and it allows you to selectively pass or drop selectd tcp packets. To be honest, the guts of it are way beyond anything I have looked at; though the MSDN should contain (in C) some sample miniport drivers that contain the bare minimum for implementing this.

Regarding the process injection though, that would be the best way (in user mode) to perform the same thing without writing driver code.

Regards,
Russell



0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Delphi

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.