UDP Filter

Home Forums Discussions Support UDP Filter

Tagged: 

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #10292
    Creater_X
    Participant

      Hi,
      Is there a way to use your firewall app to allow only certain type of udp packets and block the rest on kernel level?

      #10293
      Vadim Smirnov
      Keymaster

        Sure, it is possible using built-in WinpkFilter filter engine if the criteria for the packets is not too complex (UDP packets with particular IP/port information). If you need something more complex you can redirect UDP packets for the processing in the application and block the rest in the kernel.

        #10294
        Creater_X
        Participant

          I wanted to ask if we can create rules for udp like accept only packets containing a string lets say for example it contains string hi and i want to allow only it while blocking the rest and/or hex byte 2e on byte 30 or using u32 Binary for example 28=0xffffffff – which will block all packets containing /xff/xff/xff/xff after byte 28

          Also, If its possible to add alot of ips in a single rule in it to block packets from those ips.

          #10295
          Creater_X
          Participant

            If firewall cant do high level filtering, do you provide any app which allows it?
            I want only specified udp packets which match the rules to be allowed through kernel and block all other trash packets.

            #10296
            Creater_X
            Participant

              Also, i was trying to add multiple ips in a single rule in firewall, it only allows me to add one (or a range) i have a list of 8500 Ip addresses which i want to block using kernel filtering. Thanks.

              #10297
              Vadim Smirnov
              Keymaster

                You could use WinpkFilter library to redirect UDP packets for processing in user mode and pass everything else. In your application you can implement any sort of analyses for redirected UDP (including sub string search and etc. ) packets and decide to block/pass or even modify them.

                #10298
                Creater_X
                Participant

                  That’s the problem, We’re receiving a ddos attack and i wanted to filter them on kernel level like in linux, or block the list of ip addresses which is ddosing us.

                  #10299
                  Vadim Smirnov
                  Keymaster

                    block the list of ip addresses which is ddosing us

                    WinpkFilter built-in filters allow IP address based blocking.

                  Viewing 8 posts - 1 through 8 (of 8 total)
                  • You must be logged in to reply to this topic.