Clarity -of- Traffic filtration

Gass

Member
Adguard uses a traffic interception module to automatically intercept and filter your browser traffic.

The traffic interception module is intended for automatic filtration of your browser traffic. If Adguard is enabled, it will automatically intercept all of your traffic. If you disable the traffic interception module, automatic filtration will become impossible and the only option you'll have is that of using Adguard as an HTTP proxy.
-----------------------------------------------------------------------------------------------------------------------
Is the interception module a fancier term for either one of these network drivers (below)? or is this the referred as "old filtering module" of the network driver just below in adgnetworktdi.sys?

network driver = AKA - TDI Network Driver (adgnetworktdi.sys) RIGHT? or WRONG?
Adguard now uses a network driver instead of an old filtering module. This helped us greatly with fixing all existing compatibility issues with other software products. In addition, it accelerates filtration and allows Adguard to filter secure connections.

WFP network driver (adgnetworkwfp.sys) or (adgnetworkwfpdrv.sys)
WFP driver is used primarily in Windows 8.x /10.x and provides filtering in Metro mode apps.
The advantage to using the WFP driver is being able to filter Internet Explorer 64-bit with Enhanced Protected Mode enabled and Metro IE on Windows 8.x.

Whats in the difference of the two - adgnetworkwfp.sys and adgnetworkwfpdrv.sys ?


Are they all 3 basically the same thing, or possibly an improvement by stair stepping up to delivering more in capability and quality? or as maybe required by an later OS?

NOTE:
Unless you face any problems that could be caused by TDI driver, there is really no reason to choose WFP over it.
THIS STILL HOLD TRUE? As it's set to on by default in some systems, unless other software conflicts.

https://msdn.microsoft.com/en-us/windows/hardware/drivers/network/porting-packet-processing-drivers-and-apps-to-wfp

ALL References like https://adguard.com/en/help/settings_network.htm
Really should be updated of information to current Adguard versions and then given a revision date posted of when this information was added/updated. The only way I can see to sum up where any changes has happened of something fazed out or updated, changed as being added is fine combing the Release notes https://adguard.com/en/adguard-windows/release-notes.html#releaseNotes
There's got to be a better system to being in the current know of what was and no more and what is that never was before.

NOTE2:
How much of what I've got in text in this post here is outdated in version Adguard 6.x and 6.1.x as well as all and any references information Adguard still has links to or found by search engines?
EX: extended interface
https://adguard.com/en/help/usage_appmodes.htm
https://adguard.com/en/help/usage_adblocker.htm
https://kb.adguard.com/index.php?/Knowledgebase/Article/View/19/9/how-to-enter-the-adguard-extended-interface

There is no Basic interface any more as the extended interface became the norm since 6.0 and stealth mode, I believe.

Thanks, Gass
 

avatar

Administrator
Staff member
Administrator
Adguard uses a traffic interception module to automatically intercept and filter your browser traffic.
At that time we have not used network drivers, instead we used an old traffic interception technique named LSP (layered service provider).

network driver = AKA - TDI Network Driver (adgnetworktdi.sys) RIGHT? or WRONG?
Both TDI and WFP are network drivers which use different windows API.

Whats in the difference of the two - adgnetworkwfp.sys and adgnetworkwfpdrv.sys ?
TDI is very old technology, MS promised to get rid of it since Windows 8. Despite of this, it still works and does it better than WFP which has some serious bugs.
 

avatar

Administrator
Staff member
Administrator
Are they all 3 basically the same thing, or possibly an improvement by stair stepping up to delivering more in capability and quality? or as maybe required by an later OS?
In that doc you've linked about porting drivers to WFP they suggest porting TDI driver to:
Transport layer, Stream layer, and/or ALE callout driver and optional user-mode application or service that uses the WFP Win32 API
We have chosen stream layer and callout driver approach. Which, in turn, appeared to be pretty buggy when it comes to multiple WFP drivers working simultaneously (compatibility issues with KIS for instance).

New driver we are working on works on the transport layer.
 

avatar

Administrator
Staff member
Administrator
Really should be updated of information to current Adguard versions and then given a revision date posted of when this information was added/updated
@aegis is working on a new better knowledge base about all Adguard products.

How much of what I've got in text in this post here is outdated in version Adguard 6.x and 6.1.x as well as all and any references information Adguard still has links to or found by search engines?
A lot is outdated. I guess last time this doc was updated in 2013.

Also you'd better use this link (https seems to be broken):
http://adguard.com/en/help/
 

Gass

Member
In that doc you've linked about porting drivers to WFP they suggest porting TDI driver to:


We have chosen stream layer and callout driver approach. Which, in turn, appeared to be pretty buggy when it comes to multiple WFP drivers working simultaneously (compatibility issues with KIS for instance).

New driver we are working on works on the transport layer.
I remember reading something in those lines - something about lowering Adguard WFP driver priority or answering order that's used (much over my head) but I still got the drift in concept I think whatever method, it's been days ago for me. To work with Anti-virus WFP drivers better was why the need. I must say with Adguard I actually started paying attention and trying to learn somethings NOT like any other software has had such an effect on me that I've installed since 2009/2010 my first PC.
Gass
 
Top