Hello,
I’ve written a driver which uses Winsock Kernel to receive multicast UDP packets in a datagram socket. Normally these packets are dropped by the firewall, except I have defined a firewall rule to let the packets pass, when arriving at a special port for all applications. Now I want to receive unicast packets, which arrive at random ports and I don’t want to open all the ports. My driver works if I disable the firewall. Is there a way to define firewall rules for a certain driver, as you normally do for applications? My sockets are opened inside a kernel thread. Does this matter? So when I open the socket inside the call from my user mode app, does the firewall use the rules defined for this user mode app?
Thanks and best regards,
J. Freyberger