Overview

Overview

NetFilter SDK is a framework for transparent filtering the data packets transmitted via network. This is a high performance proxy-less solution, compatible with all antiviruses/firewalls/other network filters. It perfectly suits for developing the content filters, basic application level firewalls, traffic analyzers/shapers, other software that requires viewing and modifying TCP/UDP traffic on Windows.

SDK consists of kernel mode and user mode parts. TDI and WFP level kernel drivers work on the top of TCP/IP stack and filter TCP/UDP protocols. Also IP level packet filtering is available with WFP driver. They have a simple user mode API, which can be used from C/C++/.NET/Delphi code.

Key features:

The solution allows filtering incoming/outgoing TCP connections and UDP datagrams in user mode application. It is possible to filter the specified subset of connections/datagrams, restricted by filtering rules. The outgoing TCP connections can be redirected to different address.
By default the filtering is transparent for other filters, because the driver allows viewing and changing TCP/UDP data without redirecting the traffic to proxy and modifying the addresses. It reduces to minimum the probability of conflicts with antiviruses, firewalls and other filters.
The filtering driver operates on transport level, on the top of TCP/IP stack. In effect it automatically supports all kinds of TCP/IP capable network adapters: Ethernet, Dial-up/DSL/Cable modems, wireless adapters including Wi-Fi and Bluetooth, virtual adapters like loopback or VPN.
Both IPv6 and IPv4 are supported.
The process context (as process identifier) is available for all network activity.
The driver user level interface (API) is easy in use, but powerful.
It is possible to control the speed of data transmission.
The driver works in the same way on all 32-bit and 64-bit Windows operating systems starting from Windows XP. It is possible to use 32-bit API for working with 64-bit driver.