• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 402
  • Last Modified:

Windows firewall packet filtering

I've been looking for ways to block a particular UDP packet on windows, but need to look into the payload. Something like if (udp[34]==0xaa and udp[45]==0xbb) then PF_DROP.

Are there firewalls/proxies that can do this? The ones I've come across only filter on IP/port. I can do this on linux with iptables but have yet to find a solution on Windows.

I'm open to writing my own app if someone can give me pointers to the windows kernel hooks for packet filtering. Thanks.
0
zyca
Asked:
zyca
  • 2
2 Solutions
 
theoaksCommented:
yes... ms isa server can do packet level filtering, not just port based.


0
 
jkrCommented:
I am not aware of an existig FW for that purpose, but you could adapt the one presented in http://www.codeproject.com/KB/IP/FwHookDrv.aspx ("An Adventure: How to implement a Firewall-Hook Driver?") to suit your needs. This article comes with full source code.
0
 
jkrCommented:
I'd object against a split, since 'yes [...] a server can do that' is too vague.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now