NetFilter SDK is a framework for transparent filtering the data packets transmitted via network. It suits for developing the content filters, basic application level firewalls, traffic analyzers/shapers, other software that requires viewing and modifying TCP traffic, and control access for UDP and other IP packets.

Key features:

  • The solution allows filtering TCP connections and allow/block UDP datagrams in user mode applications. It is possible to filter the specified subset of connections/datagrams, restricted by filtering rules. The outgoing TCP connections can be redirected to different address.
  • On Linux the filtering uses iptables, on the top of TCP/IP stack. On Mac OS a kernel extension filters TCP/UDP traffic and redirects TCP to a local proxy. In effect it automatically supports all kinds of TCP/IP capable network adapters: Ethernet, Dial-up/DSL/Cable modems, wireless adapters including Wi-Fi and Bluetooth, virtual adapters like loopback or VPN.
  • The process context (as process identifier) is available for TCP network activity.
  • The API is easy in use, but powerful.
  • It is possible to use the solution with ProtocolFilters to filter HTTP, SSL(TLS) and other high level protocols.
  • On Linux it can be used on a router machine to filter the forwarded TCP traffic from all devices using the machine as a gateway.

System requirements:

Linux, Mac OS.

The kernel extension must be signed with a digital certificate to work properly on recent versions of Mac OS.

Source code of NetFilter SDK for Linux and Mac OS.