UDP Filter

Home Forums Discussions Support Portal UDP Filter

Tagged: 

This topic contains 7 replies, has 2 voices, and was last updated by  Vadim Smirnov 6 months, 3 weeks ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #10292

    Creater_X
    Participant

    Hi,
    Is there a way to use your firewall app to allow only certain type of udp packets and block the rest on kernel level?

    #10293

    Vadim Smirnov
    Moderator

    Sure, it is possible using built-in WinpkFilter filter engine if the criteria for the packets is not too complex (UDP packets with particular IP/port information). If you need something more complex you can redirect UDP packets for the processing in the application and block the rest in the kernel.

    #10294

    Creater_X
    Participant

    I wanted to ask if we can create rules for udp like accept only packets containing a string lets say for example it contains string hi and i want to allow only it while blocking the rest and/or hex byte 2e on byte 30 or using u32 Binary for example 28=0xffffffff – which will block all packets containing /xff/xff/xff/xff after byte 28

    Also, If its possible to add alot of ips in a single rule in it to block packets from those ips.

    #10295

    Creater_X
    Participant

    If firewall cant do high level filtering, do you provide any app which allows it?
    I want only specified udp packets which match the rules to be allowed through kernel and block all other trash packets.

    #10296

    Creater_X
    Participant

    Also, i was trying to add multiple ips in a single rule in firewall, it only allows me to add one (or a range) i have a list of 8500 Ip addresses which i want to block using kernel filtering. Thanks.

    #10297

    Vadim Smirnov
    Moderator

    You could use WinpkFilter library to redirect UDP packets for processing in user mode and pass everything else. In your application you can implement any sort of analyses for redirected UDP (including sub string search and etc. ) packets and decide to block/pass or even modify them.

    #10298

    Creater_X
    Participant

    That’s the problem, We’re receiving a ddos attack and i wanted to filter them on kernel level like in linux, or block the list of ip addresses which is ddosing us.

    #10299

    Vadim Smirnov
    Moderator

    block the list of ip addresses which is ddosing us

    WinpkFilter built-in filters allow IP address based blocking.

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.