Hi friends, i’m developing a personnel firewall for which i have started writing TDI driver. I’m very new to network drivers and have no prior experience in writing NDIS or TDI drivers. My plan is to supply rules from interface which i check inside TDI and decide whether to allow IRP to pass down the device stack or to complete the request in my driver itself. By following the discussions here in OSR and by studying MSDN documentation i have written the basic driver to handle all the Major functions and Minor functions. It just does nothing but to print the messages in the debugger and ofcourse after attaching it to device stack no connections are being sent or recieved as it sits on top. Now it would be very helpfull for me if you guys give me a rough idea about how i should proceed to process the IRP and how i should check the IP and other parameters from rules supplied from user space in TDI to decide whether to deny or allow the connections. Thanks
I would like someone to give me a billion U.S. dollars. I think it is very
unlikely that it is going to happen. The major antivirus/firewall companies
have spent many years developing the rules to examine packets and determine
how to find those that need to be blocked. There is one possibility and
that is to look at one or more of the open source firewalls. Otherwise look
at ndis.com (?) for some hints. I don’t and never have worked in this area,
so I can’t provide any more information.
wrote in message news:xxxxx@ntdev…
> Hi friends, i’m developing a personnel firewall for which i have started
> writing TDI driver. I’m very new to network drivers and have no prior
> experience in writing NDIS or TDI drivers. My plan is to supply rules from
> interface which i check inside TDI and decide whether to allow IRP to pass
> down the device stack or to complete the request in my driver itself. By
> following the discussions here in OSR and by studying MSDN documentation i
> have written the basic driver to handle all the Major functions and Minor
> functions. It just does nothing but to print the messages in the debugger
> and ofcourse after attaching it to device stack no connections are being
> sent or recieved as it sits on top. Now it would be very helpfull for me
> if you guys give me a rough idea about how i should proceed to process the
> IRP and how i should check the IP and other parameters from rules supplied
> from user space in TDI to decide whether to deny or allow the connections.
> Thanks
>
check tdi_fw - an open source firewall, it should answer your basic
questions
–
Volodymyr M. Shcherbyna, blog: http://www.shcherbyna.com/
(This posting is provided “AS IS” with no warranties, and confers no
rights)
wrote in message news:xxxxx@ntdev…
> Hi friends, i’m developing a personnel firewall for which i have started
> writing TDI driver. I’m very new to network drivers and have no prior
> experience in writing NDIS or TDI drivers. My plan is to supply rules from
> interface which i check inside TDI and decide whether to allow IRP to pass
> down the device stack or to complete the request in my driver itself. By
> following the discussions here in OSR and by studying MSDN documentation i
> have written the basic driver to handle all the Major functions and Minor
> functions. It just does nothing but to print the messages in the debugger
> and ofcourse after attaching it to device stack no connections are being
> sent or recieved as it sits on top. Now it would be very helpfull for me
> if you guys give me a rough idea about how i should proceed to process the
> IRP and how i should check the IP and other parameters from rules supplied
> from user space in TDI to decide whether to deny or allow the connections.
> Thanks
>