IP包过滤 | |
---|---|
| |
2004-05-27 zzwinner | |
/* 利用操作系统提供的API编写防火墙. 该程序涉及到的API说明请访问微软的MSDN Library 代码在C++ Builder 5编译通过 如果您想和我交流请email:zzwinner@163.com */ #pragma hdrstop #include "windows.h" #include "Fltdefs.h" //需要加载"iphlpapi.lib" #pragma argsused int main(int argc, char* argv[]) { //一个创建网络包过滤接口 INTERFACE_HANDLE hInterface; PfCreateInterface(0, PF_ACTION_DROP,//PF_ACTION_FORWARD, PF_ACTION_DROP,//PF_ACTION_FORWARD, FALSE, TRUE, &hInterface); //绑定需要网络包过滤的IP地址 BYTE localIp[] = {192,168,0,2}; PfBindInterfaceToIPAddress(hInterface, PF_IPV4, localIp); //现在我们开始过滤HTTP协议的的接口 FILTER_HANDLE fHandle; //填充过滤包的规则结构 PF_FILTER_DESCRIPTOR inFilter; inFilter.dwFilterFlags = FD_FLAGS_NOSYN; //一直添这个值 inFilter.dwRule = 0; //一直添这个值 inFilter.pfatType = PF_IPV4; //用 ipV4 地址 inFilter.SrcAddr = localIp; //设置本地IP地址 inFilter.SrcMask = "/xff/xff/xff/xff"; //设置本地子网掩码 inFilter.wSrcPort = FILTER_TCPUDP_PORT_ANY; //任意来源端口 inFilter.wSrcPortHighRange = FILTER_TCPUDP_PORT_ANY; inFilter.DstAddr = 0; //任意目标地址 inFilter.DstMask = 0; inFilter.wDstPort = 80; //目标端口 80(http 服务) inFilter.wDstPortHighRange = 80; inFilter.dwProtocol = FILTER_PROTO_TCP; // 过滤的协议 //加入一个过滤接口 PfAddFiltersToInterface(hInterface, 1, &inFilter, 0, NULL, &fHandle); //请在这设置一个调试断点,然后看看你的IE是否不能访问WEB页. :) //移出过滤接口 PfRemoveFilterHandles(hInterface, 1, &fHandle); PfUnBindInterface(hInterface); PfDeleteInterface(hInterface); return 0; } |
IP包过滤
最新推荐文章于 2021-09-13 17:27:23 发布