/*
利用操作提供的API編寫防火牆.
該程序涉及到的API說明請訪問微軟的MSDN Library
代碼在C++ Builder 5編譯通過
如果您想和我交流請email:[email protected]
*/
#pragma hdrstop
#include "windows.h"
#include "Fltdefs.h"
// 需要加載"iphlpapi.lib"
//---------------------------------------------------------------------------
#pragma argsused
int main(int argc, char* argv[])
{
// 一個創建網絡包過濾接口
INTERFACE_HANDLE hInterface;
PfCreateInterface(0,
PF_ACTION_DROP,//PF_ACTION_FORWARD,
PF_ACTION_DROP,//PF_ACTION_FORWARD,
FALSE,
TRUE,
&hInterface);
// 綁定需要網絡包過濾的IP地址
BYTE localIp[] = {192,168,0,2};
PfBindInterfaceToIPAddress(hInterface, PF_IPV4, localIp);
// 現在我們開始過濾HTTP協議的的接口
FILTER_HANDLE fHandle;
// 填充過濾包的規則結構
PF_FILTER_DESCRIPTOR inFilter;
inFilter.dwFilterFlags = FD_FLAGS_NOSYN; //一直添這個值
inFilter.dwRule = 0; //一直添這個值
inFilter.pfatType = PF_IPV4; //用 ipV4 地址
inFilter.SrcAddr = localIp; //設置本地IP地址
inFilter.SrcMask = "\xff\xff\xff\xff"; //設置本地子網掩碼
inFilter.wSrcPort = FILTER_TCPUDP_PORT_ANY; //任意來源端口
inFilter.wSrcPortHighRange = FILTER_TCPUDP_PORT_ANY;
inFilter.DstAddr = 0; //任意目標地址
inFilter.DstMask = 0;
inFilter.wDstPort = 80; //目標端口 80(http 服務)
inFilter.wDstPortHighRange = 80;
inFilter.dwProtocol = FILTER_PROTO_TCP; // 過濾的協議
// 加入一個過濾接口
PfAddFiltersToInterface(hInterface, 1, &inFilter, 0, NULL, &fHandle);
// 請在這設置一個調試斷點,然後看看你的IE是否不能訪問WEB頁. :)
// 移除過濾接口
PfRemoveFilterHandles(hInterface, 1, &fHandle);
PfUnBindInterface(hInterface);
PfDeleteInterface(hInterface);
return 0;
}