问题
Presently I am doing a project on designing and implementing a firewall. Everything is working fine. Here I am filtering all packets going through a TCP port. But I need to send a custom page if a page is being blocked. Like "Your page is blocked by admin". I don't have any idea how to do it. Can I do it using raw sockets? If so please tell me, how to? But as I know raw socket does not work for sending on Windows XP SP2 and later, is there any other solution?
EDIT: I used C++ to create a DLL for an IP address filter. Then I imported it in my C++ program. IP addresses are blocking fine. But my customer needs the custom message when a browser is not finding its page.
回答1:
If you're selectively allowing access to certain web pages, you're essentially acting like a proxy. And you'll need to act more like one if you want to respond to clients with an error page.
A browser making an HTTP request will expect the response on the same connection it opened. In order to return a "blocked" page, you'll need to determine whether the connection is to someplace you don't want the user to go, and if not, return a valid HTTP response (even if that response is an HTTP error like "403 Forbidden" or something more appropriate to a proxy) on that same connection.
If you're blocking the connection before it's even opened, ie: blocking access to certain IP addresses, then you're kind of stuck. The most you could do is return an ICMP message saying the host isn't available. You need to at least accept the connection if you can, accept the incoming request, and reply with your error message. Anything less, and a browser typically won't know what to do with it.
回答2:
Hey, Since you're working on that low level
Can't you redirect the request by modifying its HTTP header?
来源:https://stackoverflow.com/questions/4138472/c-custom-error-message-for-my-firewall