问题
I am charged with determining what would be involved with creating our own firewall.
Something that can intercept each and every connection, and decide whether to permit it based on which exe is initiating the connection. We would either block or hang the connection until the user said to permit or deny.
I am interested in XP, Vista, Win7.
I know how to program in Java, Perl and JavaScript. I am assuming that I am going to need to get Java to interface with some C or C# executable in order to make this work. I expect the GUI alerts will be Java based, but the big thing is knowing what interfaces with Windows would be needed, and if there is a major difference between XP and Vista/7.
I assume there are certain decisions to make, perhaps some compatibility issues. Please describe what would be involved.
I also posted a related question for the possibility of simply tapping into the built in Windows Firewall because I want to hear about both options separately.
回答1:
See this stackoverflow question. To paraphrase the answer given in that post, you would need to make use of the Windows Filtering Platform API. As it's OS based, you would need to either write or find API wrappers that translate the C/C++ into something Java could call if you want to go that route.
If you need a network level firewall, you can start by looking at either ipcop or Symantec Endpoint for freebie and commercial solutions respectively. Endpoint does client side protection as well and other products exist such as Avast or ESET/NOD32 that offer firewall capabilities for free or at decent cost.
Unless it's an absolute necessity, I would advise looking into commercially available options before diving into writing your own.
回答2:
Writing a driver in C, in other words, not Java.
回答3:
Are you really sure that your only two options are to code one or use the one from Microsoft?
There are others, you know: http://lifehacker.com/5061933/five-best-windows-firewalls
来源:https://stackoverflow.com/questions/7572852/windows-what-would-be-involved-with-creating-our-own-firewall-for-distribution