I am looking for information on traffic filtering options on the
Android platform. That is, filtering Internet traffic such as HTTP,
and IM. For example, on the desktop this can be achieved via a device
driver such as NDIS, Windows Filtering Platform (WFP) or a Layered
Service Provider (LSP).

What options exist on the Android platform? Is it possible to access
the network / TCP/IP stack?

We would like to initially create a Web/HTTP filter then move on to a
Instant Messaging filter as well. We would like to do this via
filtering 3rd party applications (e.g. any application installed on a
Android device) or via a custom browser & prevent usage/installation
of external browsers.

Thank you for any pointers / input!

Only if you are creating your own firmware or are contributing
modifications to the Android open source project:

http://source.android.com

Ordinary Java applications can use Java sockets, but only for their own
application -- they cannot affect other applications' network activity
(e.g., filtering).

Discussion of such firmware changes are best suited for one of that
project's lists:

http://source.android.com/discuss

Note that "prevent usage/installation of external browsers" runs counter
to Android's user-centric model. That's not to say it cannot be done,
but you definitely will be swimming uphill.

--
Mark Murphy (a Commons Guy)
http://commonsware.com | http://twitter.com/commonsguy

Android 1.5 Programming Books: http://commonsware.com/books.html

Fair enough. I will look into this.

The reason I am asking these types of questions is that we are looking
to write parental control software for the Android. A custom browser
that we control and filter is certainly a option. However, it doesn't
do much good to have a parental control enabled browser if the user
(child) simply has to launch the pre-installed or other alternative
browser to get around it. I'm not asking to "hijack" a Android, but
are there legit methods for "locking down" a device?

Bryan

Unfortunately, one man's "locking down" is another man's "hijacking".

The "legit methods" pretty much would involve core firmware
modifications. Android, as it stands today, is definitely
user-empowering and not especially designed for "locking down".

What follows is random musings on where you could go from here, and are
probably worth about what you're paying for them... ;-)

I don't know who "we" is in your "we are looking to write parental
control software for the Android". I feel fairly confident that there
will be device manufacturers interested in such software, either truly
for parental control or possibly for enterprise settings. There have
been a few comments on these lists suggesting interest in those
capabilities.

Assuming you are with some ISV, I can see two strategies, not mutually
exclusive:

1. Work with an existing third-party Android browser (e.g., Steel) to
offer a "parental control" edition, mostly as a proof of concept.
Simultaneously, figure out how to implement those same hooks into the
native browser as part of a firmware build. Pitch the result to device
manufacturers, using the publicly-available edition as the "take home" demo.

2. Figure out ways to add a filtering API to Android's WebKit browser,
usable only by applications that hold such-and-so permission. Submit
that to the open source project. If successful, you can ship a filtering
product that works on off-the-shelf hardware once that patch hits devices.

Discussion on the strategy side would probably be best over on
[android-discuss]. Discussion of the firmware side would be best on one
of the firmware lists:

http://source.android.com/discuss

--
Mark Murphy (a Commons Guy)
http://commonsware.com | http://twitter.com/commonsguy

Android Development Wiki: http://wiki.andmob.org