<p><font face="宋体">/*<br />
利用操作系统提供的API编写防火墙.<br />
该程序涉及到的API说明请访问微软的MSDN Library<br />
代码在C++ Builder 5编译通过<br />
如果您想和我交流请email:zzwinner@163.com<br />
*/<br />
#pragma hdrstop<br />
#include "windows.h"<br />
#include "Fltdefs.h"<br />
// 需要加载"iphlpapi.lib"<br />
//---------------------------------------------------------------------------</font></p>
<p><font face="宋体">#pragma argsused<br />
int main(int argc, char* argv[])<br />
{<br />
// 一个创建网络包过滤接口<br />
INTERFACE_HANDLE hInterface;<br />
PfCreateInterface(0, <br />
PF_ACTION_DROP,//PF_ACTION_FORWARD,<br />
PF_ACTION_DROP,//PF_ACTION_FORWARD, <br />
FALSE, <br />
TRUE, <br />
&hInterface);</font></p>
<p><font face="宋体"> // 绑定需要网络包过滤的IP地址<br />
BYTE localIp[] = {192,168,0,2};<br />
PfBindInterfaceToIPAddress(hInterface, PF_IPV4, localIp);<br />
// 现在我们开始过滤HTTP协议的的接口<br />
FILTER_HANDLE fHandle;<br />
// 填充过滤包的规则结构<br />
PF_FILTER_DESCRIPTOR inFilter;<br />
inFilter.dwFilterFlags = FD_FLAGS_NOSYN; //一直添这个值<br />
inFilter.dwRule = 0; //一直添这个值<br />
inFilter.pfatType = PF_IPV4; //用 ipV4 地址<br />
inFilter.SrcAddr = localIp; //设置本地IP地址<br />
inFilter.SrcMask = "\xff\xff\xff\xff"; //设置本地子网掩码<br />
inFilter.wSrcPort = FILTER_TCPUDP_PORT_ANY; //任意来源端口<br />
inFilter.wSrcPortHighRange = FILTER_TCPUDP_PORT_ANY;<br />
inFilter.DstAddr = 0; //任意目标地址<br />
inFilter.DstMask = 0;<br />
inFilter.wDstPort = 80; //目标端口 80(http 服务)<br />
inFilter.wDstPortHighRange = 80;<br />
inFilter.dwProtocol = FILTER_PROTO_TCP; // 过滤的协议<br />
// 加入一个过滤接口<br />
PfAddFiltersToInterface(hInterface, 1, &inFilter, 0, NULL, &fHandle);<br />
// 请在这设置一个调试断点,然后看看你的IE是否不能访问WEB页. :)<br />
// 移除过滤接口<br />
PfRemoveFilterHandles(hInterface, 1, &fHandle);<br />
PfUnBindInterface(hInterface);<br />
PfDeleteInterface(hInterface);<br />
return 0;<br />
}</font></p>
关注我们
