firewall

  • Thread starter Thread starter Skur
  • Start date Start date
S

Skur

i need to know if it's possible to write a full firewall with c#. Not just
closing/opening ports , but application capable of what can be achieved by
using norton firewall, zone alarm, kerio etc. , or EVEN iptables (linux
:> ). Please, answer me. All knowledge will be extremely precious.
slawekg
p.s.
sorry for cross-posting
 
Sure, you can do it with C# along with a generous portion of Platform Invoke
.. But why would you want to? Those organizations have teams of developers
who are experts in the field. What their team of a dozen people can do in 2
years, would take you at least 24 years. Imagine how that would look if you
compare to an organization like Norton who may have 100 or more engineers
writing firewall products.

DalePres
 
Decent Firewall's operate at the driver level, and you can't use C# or any
other managed language at that level, so the answer is no.

Willy.
 
ok, what about managed c++ ?
and i sure know i can't compare with norton, i was more asking for
possibility to achieve the same abilities.
thanks!!
 
Managed C++ is also a managed language, right?
The core of a Firewall is a Packet filter driver, so your only option on
Windows is C/C++ and the DDK.

Willy.
 
Managed C++ is also a managed language, right?
The core of a Firewall is a Packet filter driver, so your only option on
Windows is C/C++ and the DDK.

sorry! i didn't see that, my fault...
if it's only about packet filter, why can't use the one from windows 2000?
this articles it all:
http://www.codeproject.com/tools/firewallpapi.asp
http://www.codeproject.com/managedcpp/packetfilteringnet.asp

http://www.txakynetwork.tk/

so again: if it only would be packet filter, it wouldn't be a problem. but
it's not. for example, what's the way to open/close ports (have all the
control over them)...
so Willy?
 
uru said:
sorry! i didn't see that, my fault...
if it's only about packet filter, why can't use the one from windows 2000?
this articles it all:
http://www.codeproject.com/tools/firewallpapi.asp
http://www.codeproject.com/managedcpp/packetfilteringnet.asp

http://www.txakynetwork.tk/

so again: if it only would be packet filter, it wouldn't be a problem. but
it's not. for example, what's the way to open/close ports (have all the
control over them)...
so Willy?

No it's not simply about packet filtering. What you should do is develop a
NDIS Intermediate driver (what I called a Packet Filter Driver). Such driver
sits between the protocol driver and the NDIS miniport driver, anything else
runs to high in the network protocol stack to be effective.
The articles you are refering to expain how one can use the W2K/W2K3 Packet
filter API's to edit the blocked IP/Port tables in the "Protocol Filter
Driver" (only available on W2K/W2K3), this is however not enough to
implement a decent firewall. This is the reason why W2K3 SP1 will include a
Firewall just like Windows XP SP2.
So, why would you write one yourself?

Willy.
 
Back
Top