\ DOCS \ Basic concepts \ Filters

Thinking behind Filters is simple. On average machine there are lots of connections and Filters will allow you select only those you are interested in. For example if you would like to monitor (or control) internet traffic generated by Internet Explorer, you have to create Filter which puts together all connections generated by IE main executable - the iexplore.exe. Then if you apply any Rules to this filter, they will be applied to all connections created by IE.

Custom Filters

If you want to control IE you don't need to create a Filter - this does NetLimiter Client for you automaticaly - it keeps all active connections in Activity view sorted by processes where they were created. You can just click and set limits.

But if would like to monitor traffic generated in all web browsers and to a specific site, you have to create a custom Filter.

Filter editor

If you would like to create a custom Filter, you have use Filter editor. You can open by clicking Filters Tab in Activity View which displays list of current Filters and then select Add filter.

After you create your Filter it will appear on Filter Tab and it will be also displayed in the Activity tab.

There are several available options:

  • Filter name: Just give you Filter a name to find more easily among other Filters.
  • Filter type: Thera are three options: Zone, Composite and Filter. If you choose Zone then this filter will be treated like a Zone - will appear in a list of Zones and you will be able to use as other Zones which are all the Filters as well. By selecting Composite you will be allowed to create from other Filters. Finally, if you choose Filter you will create a normal Filter without any special purposes.
  • Filter functions: Set of Filter functions defines the Filter. It is most important part and we will cover it next sub-chapter.

Filter functions

To add a single Filter Function (FF) to your Filter just click Add button in Filter functions section of Filter editor. It opens Filter Function editor.

First of all you have choose a type of FF. Names of FFs are quite self-explanatory. For example if you select Application path is not and add path to IE executable (iexplore.exe) as a Value then final Filter will work (monitor or control) with all connections, except for those which originated in IE.

If you add multiple values to a FF then they will work in conjuction... they will be evaluated with logical OR. So if choose FF Application path is and Add a path to IE executable and path to Firefox exe, then the final Filter will catch all connections from IE OR Firefox.

On the other hand - if you add multiple Filter functions to your Filter then they will be evaluated with logical AND. If you add one FF Application path is with value of IE executable and second FF {Remote address in range} with value - (IP address range) then the final filter will catch all connections that are from IE AND the remote machine (a web server - in most cases) has IP address from the defined Range.


Yours Locktime Software