| 基于Windows200x的WDM体系的IP过滤实现技术 |
| |
| 引用本文: | 廖永红,李洛,黄战.基于Windows200x的WDM体系的IP过滤实现技术[J].计算机工程与设计,2007,28(22):5425-5427. |
| |
| 作者姓名: | 廖永红 李洛 黄战 |
| |
| 作者单位: | 广东轻工职业技术学院计算机工程系 广东广州510300(廖永红,李洛),暨南大学信息技术学院计算机科学系 广东广州510300(黄战) |
| |
| 摘 要: | 基于内容的IP包过滤技术涉及到操作系统的内核态技术.通过对比用户态及内核态的特征,分析了Windows内核态的网络编程接口,采用了WDM的驱动程序模式体系及NDIS的层次架构.遵循IRP(I/O request packet)规范,实现了具有Miniport和Protocol层的中间驱动程序,并透明钩挂,截取、分析IP包.具体给出了Windows 200X系统中实现IP包过滤的鳊程技术方案.
|
| 关 键 词: | 包过滤 驱动模式 网络驱动接口规范 过滤钩挂 内核态 模式体系 包过滤 实现技术 based content 技术方案 操作系统 截取 中间驱动程序 Protocol Miniport 规范 request packet 架构 层次 NDIS 网络编程接口 Windows 分析 |
| 文章编号: | 1000-7024(2007)22-5425-03 |
| 收稿时间: | 2007-04-28 |
| 修稿时间: | 2007年4月28日 |
Technology of IP content based on Windows200x WDM |
| |
| LIAO Yong-hong,LI Luo,HUANG Zhan.Technology of IP content based on Windows200x WDM[J].Computer Engineering and Design,2007,28(22):5425-5427. |
| |
| Authors: | LIAO Yong-hong LI Luo HUANG Zhan |
| |
| Abstract: | The technology of packet filter based on IP content is related to the kernel-mode of Window operation system.By comparing the characteristic of user-mode and kernel-mode,analyzing the network programming interface of Window kernel,adopting the Windows driver model(WDM) and the architecture complying with the network driver interface specification(NDIS),the intermediate driver with miniport and protocol interface is realized according to the I/O request packet(IRP) protocol.It is transparently hooked,which intercept and analyze the IP packet.The programming solution of implementing IP packet filter is provided in WDM model of windows 200x system. |
| |
| Keywords: | IP filter WDM NDIS filter hook kernel-mode |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
