Hello,
I was busy some other project that why I could not continue this. Now I’m back to this. About
If you want to develop a “Personal Firewall” you need two drivers:
1. NDIS filter doing the main tasks: Block/Allow ether-packets…Reading/modifying the packets by parsing the underlaying services (e.g. http, dns)
2. TDI filter for keeping track of local connections and processes.
Can you please help me in understanding this. I have NDIS filter (winpkfilter SDK) and TDI filter ( Localhost Minitor API ). Now I need to know which packet is associated with which application. Based on application the firewall (Which I’m writting) will decide to drop or continue packet. Can you please provide me a sample for the same.
Thanks in advance..