nabilhammoud
asked on
What is the best way to accomplish a firewall application?
Dear,
I am intending to complete a firewall appliaction project.
I have completed the Network monitor library which retreive all reuired information from data packet on the Layer 2.
According to my plan, I do need to start the second phase which focus on:
1- VPN connection
2- Drop, allow and deny packets
3- Drop, allow and Deny applications and attachments such as pop3 and smtp service.
4- All types filtering and parsing(content filtering)
So please, I do need a good refernce to assist in completing my project such as:
What is the best language?
Is there any Dll library that could be accomodated to accomplish my project such as wincap.
I do need some applications with source code(preferable VB.net)
I am intending to complete a firewall appliaction project.
I have completed the Network monitor library which retreive all reuired information from data packet on the Layer 2.
According to my plan, I do need to start the second phase which focus on:
1- VPN connection
2- Drop, allow and deny packets
3- Drop, allow and Deny applications and attachments such as pop3 and smtp service.
4- All types filtering and parsing(content filtering)
So please, I do need a good refernce to assist in completing my project such as:
What is the best language?
Is there any Dll library that could be accomodated to accomplish my project such as wincap.
I do need some applications with source code(preferable VB.net)
There is quite a few of the libraries to leverage on. For example, in Windows there is the Windows Filtering Platform for the quick prototype
@ http://www.microsoft.com/whdc/device/network/WFP.mspx
There are also wrappers available that is closely related to Winpcap, or I should say interfaces to it
@ http://www.codeproject.com/KB/IP/sharppcap.aspx
@ http://pcapdotnet.codeplex.com/
However, I understand Winpcap's documentation page states that WinPcap isn't able to block, filter or manipulate the traffic generated by other programs on the same machine: it simply "sniffs" the packets that transit on the wire. Therefore, it does not provide the appropriate support for applications like traffic shapers, QoS schedulers and personal firewalls. Refer to the section "What WinPcap can't do" in Winpcap's documentation. Here is the link @ http://www.winpcap.org/docs/docs_40_2/html/main.html
Therefore, you want to explore WinpkFilter which is is more than just a firewall development kit for Windows. With WinpkFilter you can make an application that inserts itself into the Windows network stream: custom firewall solution, internet connection sharing (NAT), IP shaper, VPN and many other low-level network solutions completely in user-mode using your favorite development environment: Visual C++, Delphi, Visual Basic, C++ Builder and etc.
@ http://www.ntkernel.com/w&p.php?id=7
Overall in term of preference of language, I will say see which is the most comfortable for you and then determine the SDK you need. Something you need those shim dll or interoperable dll between language especially when dealing with recognising protocols and till application level for content filter. There are commercial SDKs
a) Qomos' ixengine that does all that for you in inspecting the raw traffic (including metadata), you focus on the after action of detections and policy checks. @ http://www.qosmos.com/products/ixengine
b) ProtocolFilters supports filtering outgoing HTTP, POP3, SMTP, SSL, FTP, NNTP, ICQ and raw data. @ http://netfiltersdk.com/ProtocolFilters.html
There is also other open source for considerations
a) filtering engine called exefilter (python) @ http://www.decalage.info/exefilter
b) VPN related @ http://openvpn.net/
It also depends on your system to decide the language e.g. Unix, go for C, Apache Commons component, go for Java, and if needed wireshark integration, go for C++
@ http://www.microsoft.com/whdc/device/network/WFP.mspx
There are also wrappers available that is closely related to Winpcap, or I should say interfaces to it
@ http://www.codeproject.com/KB/IP/sharppcap.aspx
@ http://pcapdotnet.codeplex.com/
However, I understand Winpcap's documentation page states that WinPcap isn't able to block, filter or manipulate the traffic generated by other programs on the same machine: it simply "sniffs" the packets that transit on the wire. Therefore, it does not provide the appropriate support for applications like traffic shapers, QoS schedulers and personal firewalls. Refer to the section "What WinPcap can't do" in Winpcap's documentation. Here is the link @ http://www.winpcap.org/docs/docs_40_2/html/main.html
Therefore, you want to explore WinpkFilter which is is more than just a firewall development kit for Windows. With WinpkFilter you can make an application that inserts itself into the Windows network stream: custom firewall solution, internet connection sharing (NAT), IP shaper, VPN and many other low-level network solutions completely in user-mode using your favorite development environment: Visual C++, Delphi, Visual Basic, C++ Builder and etc.
@ http://www.ntkernel.com/w&p.php?id=7
Overall in term of preference of language, I will say see which is the most comfortable for you and then determine the SDK you need. Something you need those shim dll or interoperable dll between language especially when dealing with recognising protocols and till application level for content filter. There are commercial SDKs
a) Qomos' ixengine that does all that for you in inspecting the raw traffic (including metadata), you focus on the after action of detections and policy checks. @ http://www.qosmos.com/products/ixengine
b) ProtocolFilters supports filtering outgoing HTTP, POP3, SMTP, SSL, FTP, NNTP, ICQ and raw data. @ http://netfiltersdk.com/ProtocolFilters.html
There is also other open source for considerations
a) filtering engine called exefilter (python) @ http://www.decalage.info/exefilter
b) VPN related @ http://openvpn.net/
It also depends on your system to decide the language e.g. Unix, go for C, Apache Commons component, go for Java, and if needed wireshark integration, go for C++
ASKER
Dear breadtan,
Thank you for the valuable information but one more question:
I am intending to embed the prospected application into a hardware router system which will be manufactured as new so what is the best language and OS that could help?
Thanks in Advance ...
Thank you for the valuable information but one more question:
I am intending to embed the prospected application into a hardware router system which will be manufactured as new so what is the best language and OS that could help?
Thanks in Advance ...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Dear Breadtan,
I intend to write a complete study on the project so that I can succeed in accurately accomplished. So may I ask you for help, so I put this project on the right path.
I will close the question now, but I need from you your email address:
my email is: nabil.manara@gmail.com
Could you work as a freelancer?
Thanks in Advance
I intend to write a complete study on the project so that I can succeed in accurately accomplished. So may I ask you for help, so I put this project on the right path.
I will close the question now, but I need from you your email address:
my email is: nabil.manara@gmail.com
Could you work as a freelancer?
Thanks in Advance
ASKER
Thanks Breadtan ....
http://www.codeproject.com/KB/cpp/firewallpapi.aspx