Link to home
Create AccountLog in
Avatar of nabilhammoud

asked on

What is the best way to accomplish a firewall application?


I am intending to complete a firewall appliaction project.

I have completed the Network monitor library which retreive all reuired information from data packet on the Layer 2.

According to my plan, I do need to start the second phase which focus on:

1- VPN connection
2- Drop, allow and deny packets
3- Drop, allow and Deny applications and attachments such as pop3 and smtp service.  
4- All types filtering and parsing(content filtering)

So please, I do need a good refernce to assist in completing my project such as:

What is the best language?
Is there any Dll library that could be accomodated to accomplish my project such as wincap.
I do need some applications with source code(preferable

Avatar of kooswillem

Avatar of btan
There is quite a few of the libraries to leverage on. For example, in Windows there is the Windows Filtering Platform for the quick prototype

There are also wrappers available that is closely related to Winpcap, or I should say interfaces to it

However, I understand Winpcap's documentation page states that WinPcap isn't able to block, filter or manipulate the traffic generated by other programs on the same machine: it simply "sniffs" the packets that transit on the wire. Therefore, it does not provide the appropriate support for applications like traffic shapers, QoS schedulers and personal firewalls. Refer to the section "What WinPcap can't do" in Winpcap's documentation. Here is the link @

Therefore, you want to explore WinpkFilter which is is more than just a firewall development kit for Windows. With WinpkFilter you can make an application that inserts itself into the Windows network stream: custom firewall solution, internet connection sharing (NAT), IP shaper, VPN and many other low-level network solutions completely in user-mode using your favorite development environment: Visual C++, Delphi, Visual Basic, C++ Builder and etc.


Overall in term of preference of language, I will say see which is the most comfortable for you and then determine the SDK you need. Something you need those shim dll or interoperable dll between language especially when dealing with recognising protocols and till application level for content filter. There are commercial SDKs

a) Qomos' ixengine  that does all that for you in inspecting the raw traffic (including metadata), you focus on the after action of detections and policy checks. @
b) ProtocolFilters supports filtering outgoing HTTP, POP3, SMTP, SSL, FTP, NNTP, ICQ and raw data.  @

There is also other open source for considerations
a) filtering engine called exefilter (python) @
b) VPN related @

It also depends on your system to decide the language e.g. Unix, go for C, Apache Commons component, go for Java, and if needed wireshark integration, go for C++

Avatar of nabilhammoud


Dear breadtan,

Thank you for the valuable information but one more question:

I am intending to embed the prospected application into a hardware router system which will be manufactured as new so what is the best language and OS that could help?

Thanks in Advance ...
Avatar of btan

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Dear Breadtan,

I intend to write a complete study on the project so that I can succeed in accurately accomplished. So may I ask you for help, so I put this project on the right path.

I will close the question now, but I need from you your email address:

my email is:

Could you work as a freelancer?

Thanks in Advance
Thanks Breadtan ....