ipfilter.asm

用win32asm写的防火墙...基本的功能实现了

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;	ml /nologo /c /coff IPFilter.asm
;	link /nologo /ALIGN:32 /subsystem:NATIVE /BASE:0x00010000
;		 /driver:WDM /release /out:IPFilter.sys IPFilter.obj
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
		.586P			;	保护模式
		.model flat,stdcall
		option casemap:none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Include 文件定义
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;include		windows.inc
;	Win2k驱动结构定义
include		ddk\ntddk.inc
include		ddk\ntstatus.inc
;	Win2k驱动相关文件
include		ddk\ntoskrnl.inc
includelib	ddk\ntoskrnl.lib
include		ddk\hal.inc
includelib	ddk\hal.lib
;====================================================================
include		IPFilter.inc
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 数据段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
		.data
;	字符串定义
DD_DEVICE_NAME	db	'\Device\IpFilter',0
DD_SYMBOL_NAME	db	'\DosDevices\IpFilter',0
DD_FLTRDV_NAME	db	'\Device\IpFilterDriver',0
DD_IPFLTRDRVR_NAME	db	5ch,0,44h,0,65h,0,76h,0,69h,0,63h,0,65h,0,5ch,0,\
						49h,0,50h,0,46h,0,49h,0,4ch,0,54h,0,45h,0,52h,0,\
						44h,0,52h,0,49h,0,56h,0,45h,0,52h,0,0,0,0
;DefaultIcmp		dd	PF_DROP	;	设置 ICMP 和 IGMP 的处理办法 (默认丢弃)
szRuleFile		db	'\SystemRoot\ipfilter.cfg',0
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
szBuffer		db	1600 dup(0)		;	100 * 16 可保存100条规则
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 代码段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
		.code
include	_Rule.asm		;	包过滤函数
include	_init.asm		;	初使化函数
include	_Dispatch.asm	;	驱动控制处理函数
;====================================================================
end DriverEntry
;====================================================================