Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Windows Filtering Platform Callout Drivers - Samples, Tutorials, Help

Tags:

language-agnostic

windows

networking

driver

I'm trying to write a Windows Filtering Platform Callout Driver for a parental control program. Unfortunately, I've never written a driver before, and the MSDN documentation on it isn't too helpful unless you already know the basics (I'm guessing).

Does anyone know of any good resources on the subject? Books, online samples, documentation, examples in the Driver Development Kit?

I'm not asking anyone to do my Google searches for me. I just need advice on the subject. If someone has been down this road before or knows of a good resource, I would greatly appreciate a nudge in the right direction; even if it's just a good book on developing drivers for Windows.

Thanks.

like image 558
Andrew Ensley Avatar asked Jun 01 '09 19:06

Andrew Ensley

People also ask

What is a callout driver?

A callout driver is a kernel-mode driver that implements one or more callouts. A callout driver registers its callouts with the filter engine so that the filter engine can call the callout functions for the callout when the computer processes connections or packets.

What is WFP driver?

Windows Filtering Platform (WFP) is a set of system services in Windows Vista and later that allows Windows software to process and filter network traffic. Microsoft intended WFP for use by firewalls, antimalware software, and parental controls apps.

What is WFP callout?

WFP callouts are functions that are registered by kernel mode WFP filters with the networking stack (NETIO. sys). This document describes a technique to find a list of WFP callouts registered on the system. The variable netio! gWfpGlobal is the starting point for most WFP data structures.

1 Answers

OSR (here) is a good resource for information and has some useful tools. The CodeProject (here) has several good series on WDM and WDF drivers with code.

Since the WFP seems to be for Win2k8, Vista, or better, you can use WDF - when you see references to UMDF (user mode) and KMDF, (kernel mode) this is what they are talking about. Using those acronyms may make googling easier.

Using WDF will make things easier.

Do any testing in a virtual machine.

like image 134
R Ubben Avatar answered Oct 07 '22 05:10

R Ubben
Sign in to Comment

Related questions

Visual Studio parameter alignment restrictions and Windows x64 ABI
Cross Process Event - Release all waiters reliably
Sharing git repo on NTFS partition between Linux/Windows dualboot
Saving password in rdp file | Windows 7 [closed]
Eclipse - parseSdkContent failed error - not recognizing XML Files
Is it possible to send the content of text file over PuTTY over a serial port?
How to set cmake CXX variable on windows
Python subprocess introduces spaces
How to get system image list icon index of an IShellItem?
python read file non blocking on windows
Set grid column or grid row in C# code behind
Anyone successfully bundled data files into a single file with Pyinstaller?
change windows kit common installation path
Windows-build-tools installation failed
Azure and local number of TCP connections are very different
What can I query to see if Windows is booted and done with updates?
How does the Sun JVM map Java threads to Windows threads?
Apache rotate Access and Error logs Windows
Find which drive corresponds to which USB mass storage device in WinXP
How can i set an icon for my own file extension

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!