TCP/IP packet processing path, understanding Windows Firewall, better protection system

Source: Internet
Author: User
Tags filter interface pack access firewall

Brief introduction

With the addition of Windows Firewall to MICROSOFT®WINDOWS®XP Service Pack 2 and Windows server™2003 Service Pack 1, and Internet Protocol security (IPSEC) in public Division Intranet, Information Technology (IT) professionals need to understand the specific ways in which TCP/IP protocols and related components in Windows handle unicast Internet Protocol (IP) packets. The detailed knowledge of IP packet processing paths makes it easier for you to master configuration packet processing and filtering components, as well as specific ways to troubleshoot related issues.

The contents of this article are as follows:

• The basic architecture of the TCP/IP protocol for version 4 and other components for processing packets.

• Packet processing path for unicast traffic sent, received, and forwarded by windows-based computers

Note for the sake of brevity, this article will not discuss multicast, broadcast, staging, or tunneling packets.

The following components can handle IP packets:

IP forwards the next hop interface and address for packets sent or forwarded.

TCP/IP filtering allows you to specify the type of traffic that can be accepted for incoming local host traffic (packets destined for the host) by IP protocol, TCP port, or UDP port. You can configure TCP/IP filtering in the Network Connections folder, from the Options tab of the advanced properties of the Internet Protocol (TCP/IP) component.

• Filter Hook Driver This Windows component uses the filter hook API to filter incoming and outgoing IP packets. On a computer running Windows Server 2003, the filter hook driver is Ipfltdrv.sys and belongs to a component of Routing and Remote Access. When enabled, Routing and Remote Access allows users to configure separate inbound and outbound IP packet filters for each interface using the Routing and Remote Access snap-in. Ipfltdrv.sys will also check the local host and transit IP traffic (packets not destined for the host).



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.