Overview
NetFilter SDK is a framework for transparent filtering the data packets transmitted via network. This is a high performance proxy-less solution, compatible with all antiviruses/firewalls/other network filters. It perfectly suits for developing the content filters, basic application level firewalls, traffic analyzers/shapers, other software that requires viewing and modifying TCP/UDP traffic on Windows.
SDK consists of kernel mode and user mode parts. TDI and WFP level kernel drivers work on the top of TCP/IP stack and filter TCP/UDP protocols. Also IP level packet filtering is available with WFP driver. They have a simple user mode API, which can be used from C/C++/.NET/Delphi code.
Key features:
-
The solution allows filtering incoming/outgoing TCP connections and UDP datagrams in user mode application. It is possible to filter the specified subset of connections/datagrams, restricted by filtering rules. The outgoing TCP connections can be redirected to different address.
-
By default the filtering is transparent for other filters, because the driver allows viewing and changing TCP/UDP data without redirecting the traffic to proxy and modifying the addresses.
It reduces to minimum the probability of conflicts with antiviruses, firewalls and other filters.
-
The filtering driver operates on transport level, on the top of TCP/IP stack. In effect it automatically supports all kinds of TCP/IP capable network adapters: Ethernet, Dial-up/DSL/Cable modems, wireless adapters including Wi-Fi and Bluetooth, virtual adapters like loopback or VPN.
-
Both IPv6 and IPv4 are supported.
-
The process context (as process identifier) is available for all network activity.
-
The driver user level interface (API) is easy in use, but powerful.
-
It is possible to control the speed of data transmission.
-
The driver works in the same way on all 32-bit and 64-bit Windows operating systems
starting from Windows XP. It is possible to use 32-bit API for working with 64-bit driver.