A Python package for Windows Filtering Platform management
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Project description
PyWFP
PyWFP is a Python interface for working with Windows Filtering Platform (WFP), allowing creation of network traffic filters using a similar Windivert-style syntax.
Note: PyWFP requires administrator privileges to run. Running without admin rights will result in a
WFPErrorwith code0x00000005(Access Denied).
Installation
pip install pywfp
Usage
from pywfp import PyWFP
from pprint import pprint
def main():
# Create PyWFP instance
pywfp = PyWFP()
# Example filter string
filter_string = (
"outbound and tcp and remoteaddr == 192.168.1.3-192.168.1.4 " "and tcp.dstport == 8123 and action == allow"
)
try:
# Use context manager to handle WFP engine session
with pywfp.session():
# Add the filter
filter_name = "PyWFP Allow Filter"
pywfp.add_filter(filter_string, filter_name=filter_name, weight=1000)
# List existing filters
filters = pywfp.list_filters()
print(f"Found {len(filters)} WFP filters")
# Find our specific filter
if filter := pywfp.get_filter(filter_name):
print(f"Found filter: {filter}")
pprint(filter)
# Keep the filter active until interrupted
print("Press Ctrl+C to exit and remove the filter")
try:
while True:
input()
except KeyboardInterrupt:
print("Received Ctrl+C, cleaning up")
except Exception as e:
print(f"Error: {e}")
if __name__ == "__main__":
main()
Supported Filters
PyWFP supports a variety of filter conditions that can be combined using logical AND operations. Here are the supported filter types:
Basic Filter Syntax
"outbound and tcp and remoteaddr == 192.168.1.3-192.168.1.4 and tcp.dstport == 8123 and action == allow"
Supported Conditions
| Field | Description | Example Values |
|---|---|---|
| inbound/outbound | Direction of traffic | inbound, outbound |
| tcp/udp/icmp | Protocol type | tcp, udp, icmp |
| remoteaddr | Remote IP address (supports ranges) | 192.168.1.1, 10.0.0.1-10.0.0.255 |
| localaddr | Local IP address (supports ranges) | 127.0.0.1, 192.168.1.1-192.168.1.255 |
| tcp.dstport | TCP destination port | 80, 443 |
| tcp.srcport | TCP source port | 5000, 8080 |
| udp.dstport | UDP destination port | 53, 123 |
| udp.srcport | UDP source port | 5000, 8080 |
| action | Filter action (allow/block) | allow, block |
IP Address Ranges
You can specify IP ranges using hyphen notation:
"remoteaddr == 192.168.1.1-192.168.1.255"
Multiple Conditions
Combine conditions using AND:
"outbound and tcp and remoteaddr == 192.168.1.1 and tcp.dstport == 80"
Filter Management
# You can set the weight of the filter to determine its priority. If weight is not specified, the highest priority will be given.
pywfp.add_filter("inbound and udp", filter_name="Block UDP", weight=500)
# List all filters
for filter in pywfp.list_filters():
print(filter["name"])
)
# Maybe more to be added here
Project details
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pywfp-0.1.2.tar.gz.
File metadata
- Download URL: pywfp-0.1.2.tar.gz
- Upload date:
- Size: 15.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ba72253c4db4f0f5a652e0fedbb246f8d1fcf249bb07e56b8680620028b2b786
|
|
| MD5 |
5bbdcf91b9ed892574b5d0228a432d62
|
|
| BLAKE2b-256 |
0db96923b545b54b5b5e8a999f76671708cf109455f02aa0acfe9bab09c6d277
|
Provenance
The following attestation bundles were made for pywfp-0.1.2.tar.gz:
Publisher:
publish.yml on adrianpitigoi/pywfp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
pywfp-0.1.2.tar.gz -
Subject digest:
ba72253c4db4f0f5a652e0fedbb246f8d1fcf249bb07e56b8680620028b2b786 - Sigstore transparency entry: 168183636
- Sigstore integration time:
-
Permalink:
adrianpitigoi/pywfp@bedf69bc66c2ba2972769b1a1c2e5efeaec01a24 -
Branch / Tag:
refs/tags/0.1.2 - Owner: https://github.com/adrianpitigoi
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@bedf69bc66c2ba2972769b1a1c2e5efeaec01a24 -
Trigger Event:
release
-
Statement type:
File details
Details for the file pywfp-0.1.2-py3-none-any.whl.
File metadata
- Download URL: pywfp-0.1.2-py3-none-any.whl
- Upload date:
- Size: 15.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e17ee31c5e62370064fd22df1f6a0bb967d17402ea2f57b743cd2404638e443d
|
|
| MD5 |
c609446a4498daef4425267e2c08016a
|
|
| BLAKE2b-256 |
2697e1bdcd13c6f42888f9524f5f7f454ff1ba69550e1ac9fa124da5f6f4f6ff
|
Provenance
The following attestation bundles were made for pywfp-0.1.2-py3-none-any.whl:
Publisher:
publish.yml on adrianpitigoi/pywfp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
pywfp-0.1.2-py3-none-any.whl -
Subject digest:
e17ee31c5e62370064fd22df1f6a0bb967d17402ea2f57b743cd2404638e443d - Sigstore transparency entry: 168183638
- Sigstore integration time:
-
Permalink:
adrianpitigoi/pywfp@bedf69bc66c2ba2972769b1a1c2e5efeaec01a24 -
Branch / Tag:
refs/tags/0.1.2 - Owner: https://github.com/adrianpitigoi
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@bedf69bc66c2ba2972769b1a1c2e5efeaec01a24 -
Trigger Event:
release
-
Statement type:
