Pascal binding for WinDivert.
This Unit can be used with Delphi and Free Pascal.
Copied from the Website: WinDivert is a user-mode packet capture-and-divert package for Windows Vista, Windows 2008, Windows 7, Windows 8.
WinDivert allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack.
WinDivert can be used to implement user-mode packet filters, packet sniffers, firewalls, NAT, VPNs, tunneling applications, etc.
GitHub repository of WinDivert: https://github.com/basil00/Divert
You need the binary distribution from the WinDivert homepage. Since we use it with Pascal/Delphi you can use any distribution (VS, DDK or MinGW), this does not matter because we do not need the lib files for linking.
On Windows 64 put
amd64\WinDivert.dll in the program directory.
On Windows 32 put
x86\WinDivert.dll in the program directory.
Please run these examples as Administrator. To debug them with Delphi run Delphi as Administrator.
passthruThis program does nothing except divert packets and re-inject them.
netdumpThis is a simple traffic monitor. It uses a WinDivert handle in SNIFF mode. The SNIFF mode copies packets and does not block the original.
webfilterThis is a simple web (HTTP) filter using WinDivert.
netlimitSimulates bad networks.
Is a simple web (HTTP) filter using WinDivert.
It works by intercepting outbound HTTP GET/POST requests and matching the URL against a blacklist. If the URL is matched, we hijack the TCP connection, reseting the connection at the server end, and sending a blockpage to the browser.
webfilter blacklist.txt [blacklist2.txt ...]
blacklist.txt will block all HTTP requests to Google and Facebook domains.
This doesn’t work for HTTPS traffic, because it can not read the domain from the HTTP header. If you want to be able to block even HTTPS traffic, you will need to create some IP blocking program, i.e. block all traffic from/to certain IP addresses. This is also possible with WinDivert/pasdivert, but it’s an entirely different program.
A Program to simulate bad networks. Can add latency and drop packets.
The server and client runs on the same computer. Without
netlimit you would have a response time of 0 ms and 0 dropped packets.
This program is useful when you have to test client/server programs (such as online games) which must be able to deal with bad/unreliable networks (e.g. the Internet). For example, you can’t test lag compensation, server/client prediction when you have an almost perfect network (localhost, LAN).
netlimit -f "outbound and udp.DstPort == 3337" -t 1 -l 1000 -d 20
- Filter outbound UDP traffic on port 3337
- Use 1 worker thread
- Simulate a average ping of ~1000 ms (between 500 ms and 1500 ms)
- Drop 20 % packets
To compile the examples on Windows 64 with Free Pascal, download the latest 32-Bit Lazarus distribtution (at the moment of this writing, it’s Lazarus 1.4.2 and FPC 2.6.4) and the
cross-x86_64-win64-win32 crosscompile add on and install both. Open the project file (*.lpi), select the configuration (Win64-Debug, Win64-Release, Win32-Debug or Win32-Release) and click Start → Compile.