Design And Implementation Of Firewall System Based On NDIS

The current Internet Protocol is still based on TCP / IP protocol suite, in the application and development of several decades in which, TCP / IP protocol flaws and loopholes exposed more and more, which makes based on TCP / IP protocols computer networks vulnerable to attacks and intrusions from the network. TCP / IP protocol itself has been unable to guarantee basic security mechanisms in computer network information security, therefore, must help in this specialized firewall intrusion blocking tools(software or hardware) to solve the problem down network security.Most of the current personal firewall implementations are based on LSP and TDI packet filtering mechanism, limited functionality, reduce safety performance. By studying the core packet filtering firewall technology, focusing on the use of filters and NDIS intermediate driver SPI application layer filtering technology combined with design. The program proposed in kernel mode using NDIS intermediate driver technology to be intercepted by the original data packets through the network card, and packet filtering rules for data by accessing the Control Manager is completed, greatly improves the firewall system and data filtering capabilities cut package It is a useful attempt new personal firewall technology development.Paper first analyzes and design work is based on NDIS firewall systems. In the system implementation part, introduced the NDIS driver interception capabilities, achieve regulatory rules governing the work function, log management, communication module interface and an intermediate layer filtering and other core functions and modules. Also completed a user management system and interface design and implementation work. Realization of the system is also driving the firewall installation and commissioning work were introduced.This paper studied the firewall using visual studio 2008, DDK development tools to develop, debug using Debug View operating system platform used for Windows7. After the system design, implementation and follow-up testing showed that the firewall can run under Windows desktop operating system platform, and the system provides a good user management interface, has set up the Control Manager IP packet filtering rules and basic functions.