这个  驱动层应该会好一点   R3太困难了。。。不会帮顶。
可以参考下360的网络监控模块。。

之前找到一个 Open Source Firewall For Windows
不过测试的结果 => 无效
也许是我的平台的问题
(VMware Network Adapter 两个)

217K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6X3K9i4u0W2N6$3q4D9L8s2m8S2M7r3W2Q4x3V1j5`.
873K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3W2F1N6r3g2J5j5$3g2^5i4K6u0W2k6i4y4Q4x3V1k6@1P5r3q4C8P5h3&6W2N6s2N6G2M7X3E0Q4x3V1j5`.

刚找的, 未测试过:
f68K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3!0K6M7%4N6A6L8W2)9J5k6i4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3
Firewall & NAT =>
83dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7X3y4W2i4K6u0W2j5$3!0J5k6i4y4W2j5%4g2J5K9i4c8&6i4K6u0W2j5$3!0E0i4K6u0r3
0b3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8V1K9h3k6%4i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4c8Q4x3V1j5`.
481K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8W2L8r3g2Y4j5i4c8W2i4K6u0W2L8%4u0Y4i4K6u0r3k6r3g2D9k6h3N6S2N6r3g2Q4x3V1j5`.
8c9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3S2K6j5#2)9J5k6h3k6J5i4K6u0r3M7X3g2K6M7$3!0#2M7X3y4W2M7#2)9J5c8X3!0#2N6r3W2D9M7#2)9J5c8Y4m8C8N6r3k6A6L8s2c8W2M7W2)9J5c8R3`.`.
c55K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6H3K9%4c8X3K9h3I4@1k6i4u0Q4x3V1j5`.
748K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3M7s2u0G2K9X3g2U0N6q4)9J5c8Y4y4Z5L8%4N6X3K9h3I4W2M7#2)9J5k6i4m8Z5M7q4)9K6c8X3N6J5L8%4g2H3i4K6g2X3K9h3c8Q4x3@1b7$3y4o6b7J5y4l9`.`.
e38K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6e0q4^5i4K6u0W2k6r3E0Q4x3V1j5`.
7b5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6A6M7r3k6%4i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4c8Q4x3V1j5`.
a2cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3W2K6j5h3k6W2M7W2)9J5k6i4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3

新人帮顶····支持楼上！

感觉这个比较简洁, 易于研究.
不过仍然使用失败, 不知道是不是 NOD32 防毒的问题.

489K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3S2K6j5#2)9J5k6h3k6J5i4K6u0r3M7X3g2K6M7$3!0#2M7X3y4W2M7#2)9J5c8X3!0#2N6r3W2D9M7#2)9J5c8Y4m8C8N6r3k6A6L8s2c8W2M7W2)9J5c8X3c8G2N6$3&6D9L8$3q4V1i4K6u0r3f1r3E0@1c8X3W2D9N6r3g2J5i4K6u0W2P5X3W2H3
含源码 .exe rules.txt
VC 6.0

pktctl.exe -I

eth0: (NVIDIA nForce Networking Controller - Packet Scheduler Miniport):
10.0.4.103
eth1: (VMware Virtual Ethernet Adapter for VMnet1): 192.168.88.1
eth2: (VMware Virtual Ethernet Adapter for VMnet8): 192.168.213.1

pktfltsrv.exe

放到 c:\pkt

C:\pkt>pktfltsrv.exe -i rules.txt log.txt
Packet Filtering service installation was successful

IMPORTANT:

Do _not_ forget to change the Startup Type of PktFilter to Automatic in the
Services Manager if you want PktFilter to start automatically at system startup
(recommended)

(rules.txt 中的 IP 无效果)

C:\pkt>pktctl.exe -l eth0
error: unable to connect to named pipe

C:\pkt>pktfltsrv.exe -u
Uninstallation of Packet Filtering service was successful

C:\pkt>pktctl.exe
usage:
       pktctl -a filtering_rule: add a filtering rule
       pktctl -d rule interface: delete a rule on specificied interface
       pktctl -f filters_file: source filters file
       pktctl -i : interactive mode
       pktctl -F filters_file: flush all interfaces and load filters file
       pktctl -l interface: list rules on specified interface
       pktctl -L interface: list rules with rule numbers on specified
       interface
       pktctl -s interface: get brief statistics on specified interface
       pktctl -S interface: get detailed statistics on specified interface
       pktctl -Fa interface: flush all rules on specified interface
       pktctl -I: list mapping of Ethernet interfaces

我想用 delphi实现这样的功能 ,所有连接或先触发我的软件,我软件过滤后才能连接,这样的

楼上的思路应该也可以。

支持楼上········

我看过了,也测试了下,感觉还行,但是经常无法启动.不知道那里问题,
我也找到相关api了,想用delphi实现,但是怎么弄都是有问题,希望
晓得的朋友帮忙下,上面的代码是C的,我看不懂,
const
  localIp : array[0..3] of BYTE = (192,168,0,2);
  FILTER_TCPUDP_PORT_ANY : WORD = $0000;
  FD_FLAGS_NOSYN = $1;
var
  hInterface : INTERFACE_HANDLE;
  fHandle : FILTER_HANDLE;
  inFilter : PF_FILTER_DESCRIPTOR;
  FILTER_PROTO_TCP : DWORD;
  dwSrcMask : DWORD;
begin
  FILTER_PROTO_TCP := MAKELONG(MAKEWORD(($06),$00),$00000);
  dwSrcMask := $FFFFFFFF;

  PfCreateInterface(0,
  PF_ACTION_DROP,//PF_ACTION_FORWARD, 要么是全部拦截 要么就是全部放行,到底应该怎么设置呢?
  PF_ACTION_DROP,//PF_ACTION_FORWARD,
  FALSE,
  TRUE,
  hInterface);

  PfBindInterfaceToIPAddress(hInterface, PF_IPV4, @localIp);

  inFilter.dwFilterFlags := FD_FLAGS_NOSYN;
  inFilter.dwRule := 0;
  inFilter.pfatType := PF_IPV4;
  inFilter.SrcAddr := @localIp;
  inFilter.SrcMask := @dwSrcMask;
  inFilter.wSrcPort := FILTER_TCPUDP_PORT_ANY;
  inFilter.wSrcPortHighRange := FILTER_TCPUDP_PORT_ANY;
  inFilter.DstAddr := nil;
  inFilter.DstMask := nil;
  inFilter.wDstPort := 80;
  inFilter.wDstPortHighRange := 80;
  inFilter.dwProtocol := FILTER_PROTO_TCP;
  PfAddFiltersToInterface(hInterface, 1, @inFilter, 0, nil, @fHandle);
  PfRemoveFilterHandles(hInterface, 1, @fHandle);
  PfUnBindInterface(hInterface);
  PfDeleteInterface(hInterface);

做个LSP啊，DELPHI可以做DLL，也就可以做LSP,这样就可以拦截网络连接的操作，LSP网上有很多资料，给个地址，虽说教程是VC的，但是DELPHI也可以实现：
5fdK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0A6j5h3&6U0k6h3&6Y4i4K6u0W2j5$3&6Q4x3V1k6b7M7X3!0Y4M7X3q4E0L8h3W2F1k6#2)9J5c8Y4k6U0i4K6u0r3x3U0l9I4x3o6l9J5i4K6u0r3x3e0f1J5y4K6k6Q4x3X3g2Z5N6r3@1`.

新人顶一个努力学习天天向上