Getting an NDIS driver to send packets back up the stack

Discussion in 'Windows Vista Drivers' started by Lyle Coder, Oct 24, 2003.

  1. Lyle Coder

    Lyle Coder Guest

    Hi,
    Since my LSP cant see "all" tcp or udp traffic, I wrote an NDIS
    intermediate driver to send packets that my loop back hasnt seen back
    up the stack to a different port where I have a listener application
    that will re attempt to send that data using winsock

    Using a sniffer (ethereal and etherpeek) im able to verify that I can
    modify the packets correctly and change the destination IP addr and
    port to be the sending machine and some other port where my listener
    app is running

    However, my listener app never sees a socket connection

    Is what im trying to do possible?

    Thanks
    Lyle
     
    Lyle Coder, Oct 24, 2003
    #1
    1. Advertisements

  2. There was a change between Windows 2000 and Windows XP on loopback and
    self-directed packets. If you're trying this on XP, try adding to your
    current packet filter (NdisRequest/Set/OID_GEN_CURRENT_PACKET_FILTER)
    NDIS_PACKET_TYPE_ALL_LOCAL.

    This will result in your protocol driver receiving all outbound packets
    from the other protocol (TCPIP), which will mean that you will have to
    filter out the ones you don't want.

    Bryan S. Burgin


    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Bryan S. Burgin [MSFT], Oct 24, 2003
    #2
    1. Advertisements

  3. Lyle Coder

    Calvin Guan Guest

    Using a sniffer (ethereal and etherpeek) im able to verify that I can
    I didn't understand what you meant by "to send packets that my loop back
    hasnt seen back up the stack to a different port".

    Anyways, did you re-calculate the checksum after you modify the packet?

    /calvin
     
    Calvin Guan, Oct 24, 2003
    #3
  4. Lyle Coder

    bumper

    Joined:
    Jul 1, 2009
    Messages:
    4
    Likes Received:
    0
    Ndis driver

    Yes it work for me just fine for XP.
    just indicate up an outgoing packet insted of sending it using ndissend....


    please note that you have to calculate and set the new checksum
    of the # IP and the #TCP frame

    Thanks,

    Bumper.
     
    bumper, Jul 1, 2009
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.