*********************************************************************
                          ExeBlock Sample
*********************************************************************
         (c)2000 Microsoft Corporation. All rights reserved.



This sample firewall filter demonstrates the use of data filters
and hooking into the proxy thread pool.

The filter hooks into the FTP control channel (TCP port 21).  The data
filter (CEBFTPDataFilter) identifies PORT and PASV commands, and calls the
SetDataFilterFactory method.

When a new connection is made or accepted, the ClassFactory will
create a data filter (CEBScannerDataFilter) that will be attached
by the proxy. The data filter scans the incoming file.


This sample will block all executable files (any file that begins with
MZ or ZM)

The scanner data filter creates a temporary file, and downloads the
whole file.  It then scans the file, and only if the file passes, will it
be transferred to the internal client.

Limitations:
   - The sample does not handle file uploads.
   - The sample does not handle transfer mode other than stream
   - The sample does not handle structure other than file.

Filter installation requirements are described in the "Filter Setup"
topic of the ISA SDK documentation.

The following is a summary of what you will find in each of the files that
make up this sample:

exeblock.vcproj
exeblock.sln
    Project and workspace files compatible with Visual C++ 7.0

exeblock.cpp
    This file was generated by the ATL COM AppWizard.  It contains the DLL
    entry point, DllCanUnloadNow, DllGetClassObject, DllRegisterServer
    and DllUnregisterServer.   All are generated by the wizard.  The
    wizard-generated code was modified to also register the filter
    class as a firewall filter.

exeblock.def
    Defines the functions that the DLL exports. This file was
    generated by the ATL COM AppWizard and was not modified.

exeblock.idl
    Defines classes and interfaces defined by this DLL. The file was
    generated by the ATL COM AppWizard, and is updated by Visual C++
    when new ATL classes or objects are added.  Some of the stuff that
    Visual C++ puts in this file needs to be deleted.

exeblock.rc
    This is a listing of all the Microsoft Windows resources that the
    program uses. The file was generated by the ATL COM
    AppWizard.  Some of the REGISTRY entries added by Visual C++ are
    not required, and were manually removed.

EBFilter.rgs
    This file is included as a Windows resource by exeblock.rc.  ATL
    uses this file to register the filter object class as a COM class.

EBFilter.cpp
EBFilter.h
    These files implement the filter object class - a class that
    implements IFWXFilter and IFWXPerRuleData interfaces.  A single instance of this object
    is generated by the proxy.

EBFTPDataFilter.cpp
EBFTPDataFilter.h
    These files implement a data-filter object - an object that
    implements IFWXDataFilter and IFWXIOCompletion interfaces.  The data filter in these
    files was written to handle the FTP control connection, and will
    parse the packets passed.  Packets sent by the FTP server may be
    modified in case the passed file is suspected.

EBScannerDataFilter.cpp
EBScannerDataFilter.h
    These files implement a data-filter object - an object that
    implements IFWXDataFilter, IFWXExternalIOCompletion and 
    IFWXIOCompletion interfaces. The data filter in these files is attached 
    only to connections that are identified as carrying FTP files.  The files 
    are first saved locally, then the file is scanned, and if the file is safe 
    it is passed to the FTP client.  Otherwise the controlling EBFTPDataFilter 
    is notified, and the FTP client receives an error message.

EBSessionFilter.cpp
EBSessionFilter.h
    These files implement a session filter object - an object that
    implements the IFWXSessionFilter interface.  The filter object 
    in this sample generates a session filter object only for sessions 
    that connect to the FTP port (21).  The session filter object will
    then also handle inbound connections and connections to other
    ports because these may be the data connection.

DataFilterfactory.cpp
DataFilterFactory.h
 These files implement the IClassFactory Interface. Whenever the
 IFWXSession::SetDataFilterFactory method is called the DataFilter 
 class is created and attached to this session.
 This method is used in order to control the secondary connections of the FTP.

Resource.h
    This is the standard header file, which defines new resource
    IDs. Visual C++ reads and updates this file.
    The file was generated by the ATL COM AppWizard

StdAfx.cpp
StdAfx.h
    These files are used to build a precompiled header (PCH) file
    named exeblock.pch and a precompiled types file named
    StdAfx.obj. The files are generated by the ATL COM AppWizard.