Win2k or Win32 IPTABLES

Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

Hi,
Does anyone know where I can find a Win32 or at least Win2k version of
iptables?

my apologies for the crossposting.
18 answers Last reply
More about win2k win32 iptables
  1. Archived from groups: microsoft.public.security,microsoft.public.win2000.networking,microsoft.public.win2000.security (More info?)

    The closest Windows firewall application to IPTABLES is Kerio WinRoute
    Firewall if you need NAT, routing, stateful inspection firewalling, Internet
    sharing, VPN pass-thru support, and AD integration.

    If you just need a desktop firewall, the best IPTABLES firewall for Win2k
    was TinyPersonal Firewall (it has a CheckPoint-like UI and has great logging
    ability). If you can find a copy of 2.1, that was the best CheckPoint-like
    version.
  2. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    In comp.os.linux.networking goonmunster <egon.phillips@sympatico.ca>:
    > Hi,
    > Does anyone know where I can find a Win32 or at least Win2k version of
    > iptables?

    No such thing, iptables is the Linux kernel 2.4/2.6 built-in
    state-full firewall (To be correct 'iptables' is just the name of
    the user-space tool to manipulate firewall settings). Simply
    install Linux if you want to enjoy all those great features.;)

    Good luck

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 17: fat electrons in the lines
  3. Archived from groups: microsoft.public.security,microsoft.public.win2000.networking,microsoft.public.win2000.security (More info?)

    Nice...Netfilter.

    "Michael Heiming" wrote:

    > In comp.os.linux.networking goonmunster <egon.phillips@sympatico.ca>:
    > > Hi,
    > > Does anyone know where I can find a Win32 or at least Win2k version of
    > > iptables?
    >
    > No such thing, iptables is the Linux kernel 2.4/2.6 built-in
    > state-full firewall (To be correct 'iptables' is just the name of
    > the user-space tool to manipulate firewall settings). Simply
    > install Linux if you want to enjoy all those great features.;)
    >
    > Good luck
    >
    > --
    > Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    > mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    > #bofh excuse 17: fat electrons in the lines
    >
  4. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    goonmunster wrote:
    > Hi,
    > Does anyone know where I can find a Win32 or at least Win2k version of
    > iptables?

    I think you will have to wait until Bill Gates steals the code from
    Netfilter and insert it in their *closed source* OS.

    Regards.

    --

    Jose Maria Lopez Hernandez
    Director Tecnico de bgSEC
    jkerouac@bgsec.com
    bgSEC Seguridad y Consultoria de Sistemas Informaticos
    http://www.bgsec.com
    ESPAÑA

    The only people for me are the mad ones -- the ones who are mad to live,
    mad to talk, mad to be saved, desirous of everything at the same time,
    the ones who never yawn or say a commonplace thing, but burn, burn, burn
    like fabulous yellow Roman candles.
    -- Jack Kerouac, "On the Road"
  5. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    Netfilter/iptables are the Linux kernel features and as such are only
    available for Linux, not even for Unices, let alone Windows.

    --
    Svyatoslav Pidgorny, MVP, MCSE
    -= F1 is the key =-

    "goonmunster" <egon.phillips@sympatico.ca> wrote in message
    news:RHwPd.35529$Ub4.1652621@news20.bellglobal.com...
    > Hi,
    > Does anyone know where I can find a Win32 or at least Win2k version of
    > iptables?
    >
    > my apologies for the crossposting.
  6. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,microsoft.public.win2000.networking (More info?)

    Thanks for your response. We been using iptables/netfilter on a
    community webserver for the past 8 months. Myself, I've used
    zonealarm and tpf in the past, but was hoping to find something that
    uses few resources, does not require a gui, takes advantage of text
    based script, and can send/write logs to event viewers logs. In any
    case thanks for your help.

    BTW, Assuming Netfilter/iptables is written in C, either a hook at one
    level or another, or binary instrumentation could be used as a
    mechanism to pass the necessary info into and out of a win32 IPTABLES
    DLL. Is there some reason why the netfilter/iptables code can't be
    ported to win32?

    Enjoy your Valantines day.
  7. Archived from groups: microsoft.public.security,microsoft.public.win2000.networking,microsoft.public.win2000.security (More info?)

    Try Kerio WinRoute.

    It operates like IPTables\Firestarter.

    "goonmunster" wrote:

    > Thanks for your response. We been using iptables/netfilter on a
    > community webserver for the past 8 months. Myself, I've used
    > zonealarm and tpf in the past, but was hoping to find something that
    > uses few resources, does not require a gui, takes advantage of text
    > based script, and can send/write logs to event viewers logs. In any
    > case thanks for your help.
    >
    > BTW, Assuming Netfilter/iptables is written in C, either a hook at one
    > level or another, or binary instrumentation could be used as a
    > mechanism to pass the necessary info into and out of a win32 IPTABLES
    > DLL. Is there some reason why the netfilter/iptables code can't be
    > ported to win32?
    >
    > Enjoy your Valantines day.
    >
    >
  8. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    goonmunster wrote:
    [snip]
    > BTW, Assuming Netfilter/iptables is written in C, either a hook at one
    > level or another, or binary instrumentation could be used as a
    > mechanism to pass the necessary info into and out of a win32 IPTABLES
    > DLL. Is there some reason why the netfilter/iptables code can't be
    > ported to win32?

    Besides the differences at the network API level between MSWindows and the
    unixish systems that use Netfilter, the only restriction would be one of licence.

    Netfilter is GPL open source, and any use of Netfilter must conform to the GPL
    licence. This means that, if Microsoft incorporated Netfilter into MSWindows,
    they most likely would have to release the entirety of MSWindows as Open
    Source GPL code. However, it might be possible for a third-party to build
    /just/ Netfilter as a DLL, and release it /alone/ as an Open Source product
    under the GPL without affecting the licence for MSWindows.


    - --
    Lew Pitcher

    Master Codewright & JOAT-in-training | GPG public key available on request
    Registered Linux User #112576 (http://counter.li.org/)
    Slackware - Because I know what I'm doing.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (GNU/Linux)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFCEBbBagVFX4UWr64RArrxAKCZMsqanEevq1HL4ecFq/VE1Q2rwgCgqDRq
    EbhifEpTETcyf4FvuP9vlGY=
    =zWdF
    -----END PGP SIGNATURE-----
  9. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    On Sun, 13 Feb 2005 14:46:01 -0800, goonmunster wrote:

    > BTW, Assuming Netfilter/iptables is written in C, either a hook at one
    > level or another, or binary instrumentation could be used as a
    > mechanism to pass the necessary info into and out of a win32 IPTABLES
    > DLL. Is there some reason why the netfilter/iptables code can't be
    > ported to win32?
    >

    Yes, It will become infested
  10. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    goonmunster wrote:
    > BTW, Assuming Netfilter/iptables is written in C, either a hook at one
    > level or another, or binary instrumentation could be used as a
    > mechanism to pass the necessary info into and out of a win32 IPTABLES
    > DLL. Is there some reason why the netfilter/iptables code can't be
    > ported to win32?

    Yes. The routing and the network stacks are so different and the
    Netfilter code it's so integrated with the Linux network stack and
    routing code that it makes it impossible to do something similar
    with Win32.

    > Enjoy your Valantines day.

    Thanks and Regards.

    --

    Jose Maria Lopez Hernandez
    Director Tecnico de bgSEC
    jkerouac@bgsec.com
    bgSEC Seguridad y Consultoria de Sistemas Informaticos
    http://www.bgsec.com
    ESPAÑA

    The only people for me are the mad ones -- the ones who are mad to live,
    mad to talk, mad to be saved, desirous of everything at the same time,
    the ones who never yawn or say a commonplace thing, but burn, burn, burn
    like fabulous yellow Roman candles.
    -- Jack Kerouac, "On the Road"
  11. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,microsoft.public.win2000.networking (More info?)

    In comp.os.linux.networking goonmunster <egon.phillips@sympatico.ca>:
    > Thanks for your response. We been using iptables/netfilter on a
    > community webserver for the past 8 months. Myself, I've used
    > zonealarm and tpf in the past, but was hoping to find something that
    > uses few resources, does not require a gui, takes advantage of text
    > based script, and can send/write logs to event viewers logs. In any
    > case thanks for your help.

    > BTW, Assuming Netfilter/iptables is written in C, either a hook at one
    > level or another, or binary instrumentation could be used as a
    > mechanism to pass the necessary info into and out of a win32 IPTABLES
    > DLL. Is there some reason why the netfilter/iptables code can't be
    > ported to win32?

    "iptables" is only the user-space tool to manipulate the linux
    kernel firewall.

    These are the kernel modules concerning iptables loaded on my
    box:

    Module Size Used by
    ipt_TCPMSS 3840 1
    ipt_REJECT 5696 7
    ipt_LOG 6784 7
    ipt_limit 2368 8
    ipt_state 1920 40
    iptable_mangle 2496 0
    iptable_nat 22108 1
    ip_conntrack 42376 2 ipt_state,iptable_nat
    iptable_filter 2624 1
    ip_tables 21456 8 ipt_TCPMSS,ipt_REJECT,ipt_LOG,ipt_limit,ipt_state,
    iptable_mangle,iptable_nat,iptable_filter

    It's highly doubt-able you could port this, but why bother?
    Simply install Linux if you want iptables.;)

    > Enjoy your Valantines day.

    Thx!

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 111: The salesman drove over the CPU board.
  12. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,microsoft.public.win2000.networking (More info?)

    "Jose Maria Lopez Hernandez" <jkerouac@bgsec.com> wrote:

    Xposts without fup2 are EVIL; fup2 microsoft.public.security set!

    > goonmunster wrote:
    > > BTW, Assuming Netfilter/iptables is written in C, either a hook at one
    > > level or another, or binary instrumentation could be used as a
    > > mechanism to pass the necessary info into and out of a win32 IPTABLES
    > > DLL. Is there some reason why the netfilter/iptables code can't be
    > > ported to win32?
    >
    > Yes. The routing and the network stacks are so different and the
    > Netfilter code it's so integrated with the Linux network stack and
    > routing code that it makes it impossible to do something similar
    > with Win32.

    You should take a deep breath and have a look at:

    - IPF from http://www.thehackerschoice.com/

    - wipfw by Ruslan Staritsin from http://www.ntkernel.com/

    - TPckFilter by Jesús Oliva

    - PktFilter by Jean-Baptiste Marchand from http://www.hsc.fr/
    (you'll find his name under the credits on one of the latest MS05-0xx
    security bulletins!)

    They all use the (since NT4!) builtin IPv4 filter and are interfaces to
    define it's rules!

    Stefan
  13. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    Hi Lew:

    "Lew Pitcher" <lpitcher@sympatico.ca> wrote in message
    news:PEUPd.136$4I5.89855@news20.bellglobal.com...

    > Besides the differences at the network API level between MSWindows and the
    > unixish systems that use Netfilter, the only restriction would be one of
    licence.

    There is awful lot of GPL software available for Windows. That is definitely
    not a problem - but the network API is.

    --
    Svyatoslav Pidgorny, MVP, MCSE
    -= F1 is the key =-
  14. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    In comp.os.linux.networking, S. Pidgorny <MVP> wrote:
    > Hi Lew:
    >
    > "Lew Pitcher" <lpitcher@sympatico.ca> wrote in message
    > news:PEUPd.136$4I5.89855@news20.bellglobal.com...
    >
    >
    >>Besides the differences at the network API level between MSWindows and the
    >>unixish systems that use Netfilter, the only restriction would be one of
    >>licence.
    >
    > There is awful lot of GPL software available for Windows.
    > That is definitely not a problem

    It might be, especially with something like Netfilter. Netfilter is GPL'ed
    software, which means that any software that incorporates it must also be
    GPL'ed software.

    The internal hooks in MSWindows that an MSWindows port of Netfilter would have
    to connect to would not be licenced under the GPL. The interface sources (i.e.
    the .H files, for instance) would not be licenced under the GPL. Some of the
    necessary dependant services (i.e. MSWindows service DLLs) would not be
    licenced under the GPL. The person who ports Netfilter to MSWindows would have
    to reconcile the various licences, such that the released MSWindows Netfilter
    still conforms to the GPL, but this might not be possible if those other
    licences forbid their component's use in GPL'ed code.

    In other words, the implementor would have to be /very/ carefull about licence
    issues.

    FWIW, the part of the GPL that I'm thinking of reads...
    "These requirements apply to the modified work as a whole. If
    identifiable sections of that work are not derived from the Program,
    and can be reasonably considered independent and separate works in
    themselves, then this License, and its terms, do not apply to those
    sections when you distribute them as separate works. But when you
    * ------------
    distribute the same sections as part of a whole which is a work based
    * ---------------------------------------------------------------------
    on the Program, the distribution of the whole must be on the terms of
    * ---------------------------------------------------------------------
    this License, whose permissions for other licensees extend to the
    * -----------------------------------------------------------------
    entire whole, and thus to each and every part regardless of who wrote it."
    * -------------------------------------------------------------------------

    This paragraph refers to the requirements in incorporating GPL'ed software into
    a new program, such as a GPL'ed Linux Netfilter into a new MSWindows Netfilter.

    > - but the network API is.

    That would be my bet as the critical problem to implementing Netfilter for
    MSWindows.

    - --
    Lew Pitcher

    Master Codewright and JOAT-in-training
    Registered Linux User #112576 (http://counter.li.org/)
    Slackware - Because I know what I'm doing.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (GNU/Linux)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFCFAlragVFX4UWr64RAtDtAJsHU3NI57Szqr2dbLpBxhECLAzuOQCfR88c
    0YsI24VwNmkKMOhUSJof5/M=
    =EUjK
    -----END PGP SIGNATURE-----
  15. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    "Lew Pitcher" <lpitcher@sympatico.ca> wrote in message
    news:EITQd.18087$4I5.884210@news20.bellglobal.com...

    >>>Besides the differences at the network API level between MSWindows and
    >>>the
    >>>unixish systems that use Netfilter, the only restriction would be one of
    >>>licence.

    >> There is awful lot of GPL software available for Windows.
    >> That is definitely not a problem

    Right. The API is a license boundary. It's like two books sitting on
    your bookshelf.

    > It might be, especially with something like Netfilter. Netfilter is GPL'ed
    > software, which means that any software that incorporates it must also be
    > GPL'ed software.

    Correct, where 'incorporates' means that there is no boundary between
    the two bits.

    > The internal hooks in MSWindows that an MSWindows port of Netfilter would
    > have
    > to connect to would not be licenced under the GPL.

    Doesn't matter. The hooks are a license boundary.

    > The interface sources (i.e.
    > the .H files, for instance) would not be licenced under the GPL.

    The way you usually resolve this is you either put the header files into
    the public domain or you write your own header files under a totally open
    license.

    > Some of the
    > necessary dependant services (i.e. MSWindows service DLLs) would not be
    > licenced under the GPL.

    That doesn't matter. So long as there's an API, there's a license
    boundary.

    Imagine what would happen if you assume that the program has to be under
    the same license as the service DLLs. Now someone else makes another set of
    service DLLs that implements the same API. Which one does the program have
    to have the same license as?

    > The person who ports Netfilter to MSWindows would have
    > to reconcile the various licences, such that the released MSWindows
    > Netfilter
    > still conforms to the GPL, but this might not be possible if those other
    > licences forbid their component's use in GPL'ed code.

    I have never seen a EULA or shrink-wrap agreement that did this. No
    other type of license would have that power, because ordinary licenses
    cannot restrict ordinary use, which this is.

    > In other words, the implementor would have to be /very/ carefull about
    > licence
    > issues.

    Well, that's certainly true. But most likely it would turn out not to be
    a problem unless you did something unusual.

    > FWIW, the part of the GPL that I'm thinking of reads...
    > "These requirements apply to the modified work as a whole. If
    > identifiable sections of that work are not derived from the Program,
    > and can be reasonably considered independent and separate works in
    > themselves, then this License, and its terms, do not apply to those
    > sections when you distribute them as separate works. But when you
    > * ------------
    > distribute the same sections as part of a whole which is a work based
    > * ---------------------------------------------------------------------
    > on the Program, the distribution of the whole must be on the terms of
    > * ---------------------------------------------------------------------
    > this License, whose permissions for other licensees extend to the
    > * -----------------------------------------------------------------
    > entire whole, and thus to each and every part regardless of who wrote
    > it."
    >
    > -------------------------------------------------------------------------
    >
    > This paragraph refers to the requirements in incorporating GPL'ed software
    > into
    > a new program, such as a GPL'ed Linux Netfilter into a new MSWindows
    > Netfilter.

    Except that this does not constitute a 'whole work'. An operating system
    and the program running on it are not a 'whole work' even if they're
    distributed together. License boundaries (such as defined APIs) separate
    distinct works.

    >> - but the network API is.
    >
    > That would be my bet as the critical problem to implementing Netfilter for
    > MSWindows.

    I don't know enough about the specifics. Does there exist a header file
    that has a GPL-compatible license? Or is it easy to create one? So long as
    there is an API and the Netfilter could theoretically work with another
    implementation of that same API, there's no problem.

    DS
  16. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    David Schwartz wrote:
    > "Lew Pitcher" <lpitcher@sympatico.ca> wrote in message
    > news:EITQd.18087$4I5.884210@news20.bellglobal.com...
    >
    >
    >>>>Besides the differences at the network API level between MSWindows and
    >>>>the
    >>>>unixish systems that use Netfilter, the only restriction would be one of
    >>>>licence.
    >
    >
    >>>There is awful lot of GPL software available for Windows.
    >>>That is definitely not a problem
    >
    >
    > Right. The API is a license boundary. It's like two books sitting on
    > your bookshelf.
    >
    >
    >>It might be, especially with something like Netfilter. Netfilter is GPL'ed
    >>software, which means that any software that incorporates it must also be
    >>GPL'ed software.
    >
    >
    > Correct, where 'incorporates' means that there is no boundary between
    > the two bits.
    >
    >
    >>The internal hooks in MSWindows that an MSWindows port of Netfilter would
    >>have
    >>to connect to would not be licenced under the GPL.
    >
    >
    > Doesn't matter. The hooks are a license boundary.
    >
    >
    >>The interface sources (i.e.
    >>the .H files, for instance) would not be licenced under the GPL.
    >
    >
    > The way you usually resolve this is you either put the header files into
    > the public domain or you write your own header files under a totally open
    > license.
    >
    >
    >>Some of the
    >>necessary dependant services (i.e. MSWindows service DLLs) would not be
    >>licenced under the GPL.
    >
    >
    > That doesn't matter. So long as there's an API, there's a license
    > boundary.
    >
    > Imagine what would happen if you assume that the program has to be under
    > the same license as the service DLLs. Now someone else makes another set of
    > service DLLs that implements the same API. Which one does the program have
    > to have the same license as?
    >
    >
    >>The person who ports Netfilter to MSWindows would have
    >>to reconcile the various licences, such that the released MSWindows
    >>Netfilter
    >>still conforms to the GPL, but this might not be possible if those other
    >>licences forbid their component's use in GPL'ed code.
    >
    >
    > I have never seen a EULA or shrink-wrap agreement that did this. No
    > other type of license would have that power, because ordinary licenses
    > cannot restrict ordinary use, which this is.

    IIRC, Microsoft has already issued EULAs on some of it's products that forbid
    the use of the products to create GPL'ed software. I assume that (for
    instance) a developer porting Netfilter to MSWindows would have to check the
    EULA of his MS Visual C++ installation for restrictions if he were to use
    MSVC++ to recompile Netfilter for distribution.

    Similarly, Microsoft (or others) might have licenced their DLLs such that they
    are not legally usable with GPLed software. Are you /sure/ you read and
    understood /every/ EULA for every DLL on your system?

    >>In other words, the implementor would have to be /very/ carefull about
    >>licence
    >>issues.
    >
    >
    > Well, that's certainly true. But most likely it would turn out not to be
    > a problem unless you did something unusual.

    This is system level code, which would run in MSWindows. That puts this
    proposal square in the middle of 'something unusual' ;-)

    >>FWIW, the part of the GPL that I'm thinking of reads...
    >> "These requirements apply to the modified work as a whole. If
    >> identifiable sections of that work are not derived from the Program,
    >> and can be reasonably considered independent and separate works in
    >> themselves, then this License, and its terms, do not apply to those
    >> sections when you distribute them as separate works. But when you
    >>* ------------
    >> distribute the same sections as part of a whole which is a work based
    >>* ---------------------------------------------------------------------
    >> on the Program, the distribution of the whole must be on the terms of
    >>* ---------------------------------------------------------------------
    >> this License, whose permissions for other licensees extend to the
    >>* -----------------------------------------------------------------
    >> entire whole, and thus to each and every part regardless of who wrote
    >>it."
    >>
    >> -------------------------------------------------------------------------
    >>
    >>This paragraph refers to the requirements in incorporating GPL'ed software
    >>into
    >>a new program, such as a GPL'ed Linux Netfilter into a new MSWindows
    >>Netfilter.
    >
    >
    > Except that this does not constitute a 'whole work'. An operating system
    > and the program running on it are not a 'whole work' even if they're
    > distributed together. License boundaries (such as defined APIs) separate
    > distinct works.

    No, but the Netfilter program and any of it's dependant DLLs would be
    considered a "whole work". And if the program uses code with an incompatable
    licence, or the DLLs are not licenced for use with a GPL program, then legal
    h*ll breaks loose.

    >>>- but the network API is.
    >>
    >>That would be my bet as the critical problem to implementing Netfilter for
    >>MSWindows.
    >
    >
    > I don't know enough about the specifics. Does there exist a header file
    > that has a GPL-compatible license? Or is it easy to create one? So long as
    > there is an API and the Netfilter could theoretically work with another
    > implementation of that same API, there's no problem.

    A translation of a header file (i.e changing variable names, etc.) or a
    transcription of a header file (i.e. typing it in from a copy) would be
    considered "derived works" of the original header file, and fall under the
    requirements of the original header's copyright and licence. Thus, an
    MSWindows header (say for WinSock), even if rewritten by someone else, likely
    could not be used in a GPL'ed work.

    - From what I've heard, the Linux Kernel gurus have debated this same issue, but
    from the Linux side. Their conclusion seems to be that, if a kernel module
    uses a Linux kernel header, then the module must be GPL'ed. /Only/ if the
    module uses no kernel code (including headers) can it be propriatary
    (although, they dislike propriatary modules in the kernel).


    - --
    Lew Pitcher

    Master Codewright & JOAT-in-training | GPG public key available on request
    Registered Linux User #112576 (http://counter.li.org/)
    Slackware - Because I know what I'm doing.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (GNU/Linux)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFCFBPtagVFX4UWr64RAvJpAJ0WvbqzM2cA2Qnx5U+DdjcgyBQ3RgCfesYL
    IooQczeX2xsFVSXSk4U0N/g=
    =Q7mv
    -----END PGP SIGNATURE-----
  17. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Lew Pitcher wrote:
    > David Schwartz wrote:
    [snip]
    >>> I have never seen a EULA or shrink-wrap agreement that did this. No
    >>>other type of license would have that power, because ordinary licenses
    >>>cannot restrict ordinary use, which this is.
    >
    >
    > IIRC, Microsoft has already issued EULAs on some of it's products that forbid
    > the use of the products to create GPL'ed software.

    Specifically, the licence for "Microsoft Mobile Internet Toolkit Beta 2"
    contained a restriction that said

    "(c) Open Source. Recipient's license rights to the Software are conditioned
    upon Recipient (i) not distributing such Software, in whole or in part, in
    conjunction with Potentially Viral Software (as defined below); and (ii) not
    using Potentially Viral Software (e.g. tools) to develop Recipient software
    which includes the Software, in whole or in part. For purposes of the
    foregoing, "Potentially Viral Software" means software which is licensed
    pursuant to terms that: (x) create, or purport to create, obligations for
    Microsoft with respect to the Software or (y) grant, or purport to grant, to
    any third party any rights to or immunities under Microsoft's intellectual
    property or proprietary rights in the Software.

    By way of example but not limitation of the foregoing, Recipient shall not
    distribute the Software, in whole or in part, in conjunction with any Publicly
    Available Software.

    "Publicly Available Software" means each of (i) any software that contains, or
    is derived in any manner (in whole or in part) from, any software that is
    distributed as free software, open source software (e.g. Linux) or similar
    licensing or distribution models; and (ii) any software that requires as a
    condition of use, modification and/or distribution of such software that other
    software distributed with such software (A) be disclosed or distributed in
    source code form; (B) be licensed for the purpose of making derivative works;
    or (C) be redistributable at no charge. Publicly Available Software includes,
    without limitation, software licensed or distributed under any of the
    following licenses or distribution models, or licenses or distribution models
    similar to any of the following: (A) GNU's General Public License (GPL) or
    Lesser/Library GPL (LGPL), (B) The Artistic License (e.g., PERL), (C) the
    Mozilla Public License, (D) the Netscape Public License, (E) the Sun Community
    Source License (SCSL), and (F) the Sun Industry Standards License (SISL)."


    > I assume that (for
    > instance) a developer porting Netfilter to MSWindows would have to check the
    > EULA of his MS Visual C++ installation for restrictions if he were to use
    > MSVC++ to recompile Netfilter for distribution.
    >
    > Similarly, Microsoft (or others) might have licenced their DLLs such that they
    > are not legally usable with GPLed software. Are you /sure/ you read and
    > understood /every/ EULA for every DLL on your system?

    [snip]

    - --
    Lew Pitcher

    Master Codewright & JOAT-in-training | GPG public key available on request
    Registered Linux User #112576 (http://counter.li.org/)
    Slackware - Because I know what I'm doing.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (GNU/Linux)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFCFBUkagVFX4UWr64RAiocAJ4lhpMCUDVwROFYImaQAe1D1FFn/QCdHFrx
    LQYYTfutIjauNHm2DXicBWw=
    =Dv9Y
    -----END PGP SIGNATURE-----
  18. Archived from groups: comp.os.linux.networking,microsoft.public.security,microsoft.public.win2000.security,comp.os.ms-windows.networking,microsoft.public.win2000.networking (More info?)

    G'day:

    "Lew Pitcher" <lpitcher@sympatico.ca> wrote in message
    news:EITQd.18087$4I5.884210@news20.bellglobal.com...

    > The internal hooks in MSWindows that an MSWindows port of Netfilter would
    have
    > to connect to would not be licenced under the GPL. The interface sources
    (i.e.
    > the .H files, for instance) would not be licenced under the GPL. Some of
    the
    > necessary dependant services (i.e. MSWindows service DLLs) would not be
    > licenced under the GPL. The person who ports Netfilter to MSWindows would
    have
    > to reconcile the various licences, such that the released MSWindows
    Netfilter
    > still conforms to the GPL, but this might not be possible if those other
    > licences forbid their component's use in GPL'ed code.

    Nope - I only need to "reconcile" licenses if I'm redistributing Microsoft
    or 3rd-party components, libraries etc. If I'm just calling Windows APIs, I
    can use GPL, LGPL, PRCL, BSD license or whatever I want.

    --
    Svyatoslav Pidgorny, MVP, MCSE
    -= F1 is the key =-
Ask a new question

Read More

Win32 Security Networking Microsoft Windows