Developing NDIS driver for XP, starting help
From: Steve Jackowski (Stevej_at_deterministicnetworks.com)
Date: 05/27/04
- Next message: Pavel A.: "Re: how to redirect a DeviceControl Irp"
- Previous message: Andrey: "how to redirect a DeviceControl Irp"
- In reply to: JaffaLink: "Developing NDIS driver for XP, starting help"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 27 May 2004 03:05:58 -0700
Hi,
You have a couple of issues here. If you want to do
socket level capture and redirection, the approved model
is to use a Layered Service Provider which sits between
Winsock and the stack. Unfortunately, there are a number
of applications, particularly MS applications and
services that skip WinSock and use a direct TDI interface
to the stack, so you'd miss all the packets sent by
these. In addition, there are ordering problems with
other LSPs. We built a product to avoid this, but the
model is weak and it appears MS will be doing something
else at this layer soon.
A TDI shim is possible, but complex and it varies between
platforms.
Below the stack, you have issues with reassembly of
packets. Assuming you can live with that, you might want
to take a look at our DNE product
(www.deterministicnetworks.com/Products/dne.asp) which
facilitates development of capture applications by
providing a cross-platform (all windows from 95->W2K,
CE/PocketPC, Linux, Solaris, etc) filtering (capture,
redirect, modify, delete, insert) framework for these
types of drivers. It's likely we'll be doing an OS X
version soon since we're getting a lot of request for
this.
DNE also has a consistent interface to user space and
lets you avoid going through the WHQL process (you run
under our signature).
Major vendors like Microsoft, Bluecoat and Cisco are
using DNE for applications like yours.
Email me directly if you're interested.
Steve
>-----Original Message-----
>Hi,
>
>I am trying to port my application over from Mac OS X,
windows is the better way to go now.
>
>I have the DDK and been looking at PassThru, and would
like to modify it to my needs.
>I need the driver to intercept all outgoing TCP traffic,
kind of like a firewall but different, put the packets on
a queue or block them
>till they get feed back from a Service that will be
running and waiting for these type of events, If it
doesn't like the outgoing traffic a pop-up window will
come up and ask yes or no to allow or block it.
>
>How would I go about starting to make the passthru work
like this?
>I am totally new to windows programming.
>
>Matt
>.
>
- Next message: Pavel A.: "Re: how to redirect a DeviceControl Irp"
- Previous message: Andrey: "how to redirect a DeviceControl Irp"
- In reply to: JaffaLink: "Developing NDIS driver for XP, starting help"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
