过滤主机名/ URL
您好
目标是在Windows中按主机名过滤/观看网络流量。示例块"www.yahoo.com"
有没有办法使用WFP过滤器或NDIS或LSP或任何其他过滤层来实现此目的?
即使没有直接的方法,是否有间接的方法呢?可能是,请注意"www.yahoo.com"。在某个过滤层的名称解析,保留名称/ IP地址的地图,并最终使用相应的IP阻止。
任何帮助/信息/网站链接都表示赞赏。
谢谢你
gxn
Aim is to filter/watch network traffic by hostname in Windows. Example block "www.yahoo.com"
Is there a way to use the WFP filters or NDIS or LSP or any other filter layer to achieve this?
Even if there is no direct way of doing it, is there an indirect way of doing it? May be like, watch for "www.yahoo.com" name resolution at some filter layer, keep a map of name/ip address and block eventually using the corresponding IP.
Any help/information/web links is appreciated.
Thank you
gxn
您需要间接地这样做。 您可以使用WFP并通过检查DNS回复来维护您自己的查找表。 这最好在FWPM_LAYER_INBOUND_TRANSPORT_V {4/6}完成。
You would need to do this indirectly. You can use WFP and maintain your own table of lookups by inspecting DNS replies. This would be best done at FWPM_LAYER_INBOUND_TRANSPORT_V{4/6}.
希望这会有所帮助,