/tdifw

back up for study

Primary LanguageC

Welcome to TDI-based Open Source Personal Firewall (TdiFw)


INSTALLATION

1. Run install.bat or install_nt4.bat for NT4

2. Edit %SystemRoot%\system32\drivers\etc\tdifw.conf for your taste

3. Restart Windows


RULES

Edit file %SystemRoot%\system32\drivers\etc\tdifw.conf
Description of file format is in it.

To reload rules you have to restart tdifw service:
C:\>net stop tdifw
C:\>net start tdifw

Errors are written in log (see below).


LOGS

There are two types of logs and three types of records to write.

The first type of logs is text log files. They're in
%SystemRoot%\system32\LogFiles\tdifw directory.
File name consists of year, month and date: YYYYMMDD.log

The second type of logs is Windows' "Event Log". Records are writing to 
Application log with "tdifw" event source. You can use "Event Viewer" 
to view events.

By default all events are written to text log files. If you want specify what
kind of events are to be written in "Event Log" see [_config_] section of
tdi_fw.conf file.

See also log_format.txt


STATE INFO

You can get list of listening ports with processes owning them by:

 tdifw listen

You can get list of opening connections with processes owning them and
even direction of connections by:

 tdifw conn


BUGS

Check the latest version at http://sf.net/projects/tdifw

Mail to iptables@mail.ru


DEBUGGING

First you have to disable autostarting of driver and helper service.

1. Remove autostart of driver by executing: bin\install remove drv
or by starting uninstall_nt4.reg for NT4
2. Uninstall service by executing: tdifw remove
3. Restart Windows

And now see debug.txt file