Forum Discussion

KalciumB's avatar
KalciumB
Copper Contributor
Sep 30, 2020

Firewall Unsufficient

Window 10 firewall manage IP addresses only.

I need it to block any outbound call with certain URL strings in either:

 

1) path example: /sys/loius.php

search 2) variable name or 3) variable content example: ?qweit= ... &...=paris

 

If none is familiar with this, is there an example how to create in C# programming?

 

 

  • What you need is Web Content Filtering, and not a firewall.

    A Firewall ist not meant to do this kind of work, and as such you will not find a good or easy way to do this with Windows Firewall alone (which is an endpoint network firewall).

     

    You could theoretically write a plugin for WF to do what you want, as it is extensible, but you are better of implementing this correctly with one of the following solutions:

    1. Do the filtering on your edge-device/internet gateway. Many modern firewall appliances that are meant to be used as edge firewall also include web content filtering engines.
    2. Do the filtering old-school with a web-proxy-server. There are a lot of different ways to install a proxy server on your network and use this as the only way to the internet for all your clients. You then can use the proxy to filter URLs.
    3. If you want the Microsoft solution for this, get Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection) which also includes web content filtering directly on the client without the need to install anything (https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering).

    KalciumB 

  • dretzer's avatar
    dretzer
    Iron Contributor

    What you need is Web Content Filtering, and not a firewall.

    A Firewall ist not meant to do this kind of work, and as such you will not find a good or easy way to do this with Windows Firewall alone (which is an endpoint network firewall).

     

    You could theoretically write a plugin for WF to do what you want, as it is extensible, but you are better of implementing this correctly with one of the following solutions:

    1. Do the filtering on your edge-device/internet gateway. Many modern firewall appliances that are meant to be used as edge firewall also include web content filtering engines.
    2. Do the filtering old-school with a web-proxy-server. There are a lot of different ways to install a proxy server on your network and use this as the only way to the internet for all your clients. You then can use the proxy to filter URLs.
    3. If you want the Microsoft solution for this, get Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection) which also includes web content filtering directly on the client without the need to install anything (https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering).

    KalciumB 

Resources