tdifw是一款基于TDI过滤驱动的开源防火墙..
官方网站:
http://tdifw.sourceforge.net
官方简介:TdiFw is a simple TDI-Based Open Source Personal Firewall for Windows NT4/2000/XP/2003
官方说明:
INSTALLATION
1. Run install.bat or install_nt4.bat for NT4
2. Edit %SystemRoot%\system32\drivers\etc\tdifw.conf for your taste
3. Restart Windows
RULES
Edit file %SystemRoot%\system32\drivers\etc\tdifw.conf
Description of file format is in it.
To reload rules you have to restart tdifw service:
C:\>net stop tdifw
C:\>net start tdifw
Errors are written in log (see below).
LOGS
There are two types of logs and three types of records to write.
The first type of logs is text log files. They're in
%SystemRoot%\system32\LogFiles\tdifw directory.
File name consists of year, month and date: YYYYMMDD.log
The second type of logs is Windows' "Event Log". Records are writing to
Application log with "tdifw" event source. You can use "Event Viewer"
to view events.
By default all events are written to text log files. If you want specify what
kind of events are to be written in "Event Log" see [_config_] section of
tdi_fw.conf file.
See also log_format.txt
STATE INFO
You can get list of listening ports with processes owning them by:
tdifw listen
You can get list of opening connections with processes owning them and
even direction of connections by:
tdifw conn
BUGS
Check the latest version at
http://sf.net/projects/tdifw
Mail to
iptables@mail.ru
DEBUGGING
First you have to disable autostarting of driver and helper service.
1. Remove autostart of driver by executing: bin\install remove drv
or by starting uninstall_nt4.reg for NT4
2. Uninstall service by executing: tdifw remove
3. Restart Windows
And now see debug.txt file
