code review of WinDivert, new OSS WFP driver?

WinDivert is a recently-announced open source WFP (Windows Filtering
Platform) driver. WinDivert is used by TorWall to redirect untorified
traffic via Tor (and Privoxy).

If anyone with experience in the WFP driver model has time to do a code
review of this new WinDivert driver for system stability issues, it
would be appreciated!


-------- Original Message --------
Subject: [tor-talk] TorWall - experimental transparent Tor proxy for Windows
Date: Thu, 04 Jul 2013 20:34:35 -0700
From: reqrypt

Hi all,

I thought I’d introduce an experimental mini-project of mine: TorWall
(Tor fireWall) - transparent Tor for Windows.

In a nutshell, TorWall does two things:
1) It (transparently) reroutes all HTTP traffic through the Tor
anonymity network; and
2) It blocks all non-Tor traffic (including DNS) to and from your computer.

TorWall is similar to running Tor as a transparent proxy under Linux.
Whilst Linux uses iptables, the TorWall implementation uses WinDivert
(, which is also a project of mine.

The main advantage of TorWall is that it works with any web browser
(without re-configuration), including Chrome, Internet Explorer, etc.
The firewall component is can also prevent leaks (e.g. DNS leaks) whilst
TorWall is running. Note that TorWall blocks all other traffic, so
(for example) a corrupt plugin cannot leak information via a non-HTTP
traffic. To help prevent leaks via HTTP TorWall also routes web traffic
through Privoxy.

There are some disadvantages to this approach as well. The
TorBorwserBundle contains a browser specifically designed for Tor. Also,
the current TorWall prototype does not support HTTPS.

Anyway, this was written mostly for fun. Try it out if you want to:
- Website:
- Repository:

Note that the current implementation is a prototype, so obviously it
should not be relied on.


tor-talk mailing list