Hey guys, I ran into this problem trying to set up the following scenario – i used the C# packet filter code sample as my base and modified it (by the way – thank you for adding the C# filter code sample in the latest driver release)
filter 1 – allow IP4 traffic to and from a particular ip/port (let’s say, 192.168.7.22 port 80) to pass
Filter 2 – redirect all ipv4 TCP packets for processing in user mode
filter 3 – pass all other packets
What ends up happening is that the 192.168.7.22:80 packets are still passed to the second filter and therefore passed into user mode.
I’m guessing the default behavior of a packet when it is getting filtered is to go filter by filter until it finds a “redirect” or “block” behavior
If I try to switch filter 1 and 2 – i get the same behavior, because the packet is caught for a redirect in the tcp filter.
Is there a way to set up thee filters so that the packets respond to the first filter they match up to – so that the 3 filter scenario described above is possible?
Or is there an alternate way to set up the filters so that the desired behavior is achieved?