如何阻止选定的应用程序访问 Internet(C++、Win32)
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/423345/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do you block selected applications from accessing the internet (C++, Win32)
提问by MarkS
I want to have an application or service that is running that, on some schedule, can disable access to the internet for all applications except for specific ones.
我想要一个正在运行的应用程序或服务,按照某个时间表,可以禁用除特定应用程序之外的所有应用程序访问互联网。
I'm trying to create a filter that can be turned on or off under programmatic control. Not just IP addresses and ports, but I want to be able to block specific applications as well, much like Zone Alarm and other software firewalls let you block.
我正在尝试创建一个可以在程序控制下打开或关闭的过滤器。不仅仅是 IP 地址和端口,我还希望能够阻止特定的应用程序,就像 Zone Alarm 和其他软件防火墙让您阻止一样。
For example, iexplore.exe, skype.exe, firefox.exe, aim.exe. But still need to allow other applications to connect as needed.
例如,iexplore.exe、skype.exe、firefox.exe、aim.exe。但是仍然需要允许其他应用程序根据需要进行连接。
It has to work on Vista as well as XP, but I kind of expect that the method will be different on each of those platforms.
它必须在 Vista 和 XP 上都可以运行,但我希望该方法在每个平台上都会有所不同。
Basically, the filter has to tie the network communication back to the executable that is making the request and then allow or deny it.
基本上,过滤器必须将网络通信与发出请求的可执行文件联系起来,然后允许或拒绝它。
Update:
更新:
On Vistaat least, it looks like I want to use filters in the ALE layers of the WFP.
至少在Vista上,看起来我想在 WFP的ALE 层中使用过滤器。
On XP, I'm still looking for the best way to do it. Do I reallyneed to be writing device drivers and dealing with kernel stuff? I'm just a lowly application developer. Kill me now.
在XP 上,我仍在寻找最好的方法。我真的需要编写设备驱动程序并处理内核内容吗?我只是一个低级的应用程序开发人员。现在杀了我。
Update 2:
更新 2:
Currently looking at the PfCreateInterface and related Pf* API's for pre-Vista systems.
目前正在研究 PfCreateInterface 和相关的 Pf* API,用于 pre-Vista 系统。
回答by Max Caceres
You can change both Vista and XP's firewall policies dynamically using the INetFwAuthorizedApplicationsinterface from the Windows Firewall API.
您可以使用Windows 防火墙 API 中的INetFwAuthorizedApplications接口动态更改 Vista 和 XP 的防火墙策略。
Also see this question.
另请参阅此问题。
回答by 2001
by limiting its access to internet using firewall. go to firewall setting advanced tab (win 7) and do that
通过使用防火墙限制其对互联网的访问。转到防火墙设置高级选项卡(win 7)并执行此操作
回答by Paul Whitehurst
You'll have to write a device driver that filters traffic based on the executable requesting the traffic.
您必须编写一个设备驱动程序,根据请求流量的可执行文件过滤流量。
回答by Head Geek
You'll need to redirect all (or at least many) calls to the WinSock API functions of any running program to your own replacement functions. That means getting into the memory of each running program and hiHymaning those functions, which is an... interesting... exercise. :-)
您需要将对任何正在运行的程序的 WinSock API 函数的所有(或至少许多)调用重定向到您自己的替换函数。这意味着进入每个正在运行的程序的内存并劫持这些函数,这是一个……有趣的……练习。:-)
That might be enough of a pointer to get you started, or at least to suggest some more specific questions to ask.
这可能足以让您入门,或者至少建议一些更具体的问题要问。
回答by timday
Could you move aside (ie rename) the system's winsock DLL and replace it with your own ? Yours should provide the same API, but check the the process name of incoming requests... return an error code to blocked applications and forward the calls from allowed apps onto the real DLL.
您能否将系统的 winsock DLL 移到一旁(即重命名)并用您自己的 DLL 替换它?你应该提供相同的 API,但检查传入请求的进程名称......向被阻止的应用程序返回错误代码,并将来自允许的应用程序的调用转发到真实的 DLL。
回答by Jesse Pepper
I'm not sure, but I think you'd need to do it by getting the program to run as a user that has limited permissions, the question is, can you make a user account that stops such things?
我不确定,但我认为您需要通过让程序以具有有限权限的用户身份运行来实现,问题是,您能否创建一个用户帐户来阻止此类事情?
