mirror of
https://github.com/safing/portmaster
synced 2025-09-07 13:09:17 +00:00
32 lines
889 B
Markdown
32 lines
889 B
Markdown
# Notes
|
|
|
|
## Interception
|
|
|
|
- use windivert DLL
|
|
- cgo or loadDLL?
|
|
|
|
- netfilter exmaple: https://reqrypt.org/samples/netfilter.html
|
|
- v1.4 docs: https://reqrypt.org/windivert-doc.html#divert_recv_ex
|
|
- source: https://github.com/basil00/Divert
|
|
|
|
- other GO package wrapping this: https://github.com/clmul/go-windivert/blob/master/divert_windows.go
|
|
|
|
## Packet/Process Attribution
|
|
|
|
- use Iphlpapi.dll
|
|
- GetExtendedTcpTable
|
|
- GetOwnerModuleFromTcpEntry
|
|
- GetExtendedUdpTable
|
|
- GetOwnerModuleFromUdpEntry
|
|
- for generic IP?
|
|
|
|
## Helpful resources
|
|
|
|
Calling Windows APIs
|
|
https://stackoverflow.com/questions/33709033/golang-how-can-i-call-win32-api-without-cgo#33709631
|
|
|
|
GetExtendedTcpTable (from Iphlpapi.dll)
|
|
https://msdn.microsoft.com/en-us/library/windows/desktop/aa365928(v=vs.85).aspx
|
|
|
|
GetUdpTable Example
|
|
https://stackoverflow.com/questions/49167311/how-to-convert-uintptr-to-go-struct
|