visual studio - NDIS and miniport driver -

-

i trying modify ethernet driver using wdk tools provided in visual studio 2012.

the samples provided in wdk 'miniport adapter' , 'ndis light weight filter' among others. still @ beginning of driver writing , hence finding tough navigate through code.

i able install miniport adapter after building in visual studio 2012 [shows 'microsoft virtual miniport adapter' in network adapters list.] able assign ip address , subnet mask also.[i found out not connect physical device on pc].

i setup 'debug view' software check driver messages adapter.[ used 'dbgprint' statements in code , built it.] but, debug messages printed repeatedly.

1- why messages printed again , again? messages 'datapath.c' file of program , function 'mpsendnetbufferlists'. ['net buffer' specifies data sent or received on network.]

2- setup wireshark capture data on adapter , shows there requests arp,http,ssdp,mdns etc coming out of it. not able understand talking adapter? , how can stop talking?

i can use 'ping' see if there connection on ip address have assigned adapter , responds success telling packets sent , there no packet loss.

my goal send , receive 'data' packets via ip address ethernet adapter. ie- want application connect ip address assigned adapter , talk it.

3- can samples provided in wdk?

any other suggestions or advice welcome.

ps- wasn't able use windows debugger built visual studio 2012. used 2 pcs , able connect , install driver onto 'target' pc couldn't breakpoints etc. code , program did nothing after installing driver on 'target' pc. suggestions on this?. thought step-by-step debugging of drivers also.[i know wrong].

thanks aditya

ndis miniport drivers, many low-level drivers, meant talk hardware. miniport's responsibility take send packets os, translate them whatever format required hardware, , instruct hardware send packet on wire.

the wdk (and in fact, used to) include real-world sample driver sends packets on real-world hardware. leads confusion, since real-world drivers have deal lots of hardware-specific details distract main point of sample. if starting real-world driver, first thing you'd have identify hardware-specific bits , rip out, replace them own hardware-specific bits.

instead, "netvmini" sample in wdk fake driver. means pretends have actual hardware, secretly it's lie. when os sends packets netvmini, netvmini driver broadcast packets other netvmini miniport adapters installed on machine. (in effect, installing 2 netvmini adapters on same machine simulates happen if had 2 real adapters plugged same ethernet hub.) in ascii-art, happens if install 2 netvmini adapters on same system:

       tcpip                       tcpip                      tcpip          |                           |                          | real physical miniport        netvmini #1           netvmini #2          |                           \                          /    [the internet]                     [the netvmini virtual hub]

as ascii-art illustrates, netvmini adapters don't have path internet. driver won't "real" ip address can route internet until add in details of hardware. until then, windows keep trying send arps , http requests never go anywhere.

to answer specific questions:

  1. the messages mpsendnetbufferlists printed every time os attempts send packet. because os thinks have real network connection, os make several attempts use it. should quiet down bit, when comes conclusion isn't useful link.

  2. the requests coming tcpip. if don't want tcpip send data, unbind adapter.

  3. you can send data adapter. in fact, you've observed you're sending random http packets , etc. data won't reach internet, until teach driver how talk real hardware.

if you're sitting there thinking "but don't have hardware!", might want create virtual miniport of sort. virtual miniports netvmini in don't have real hardware, still have way packets off machine. example, vpn miniports operate @ layer-2 (like l2tp) typically install second driver — ndis protocol driver — sends , receives data "real" physical miniport. virtual miniport talks protocol whenever needs packets off machine. result is:

        tcpip           |   virtual miniport           |    ndis protocol           | real physical miniport           |      internet

there alternative architectures; example, vpn operates @ layer-4 (like sstp) might decide open wsk socket instead of implementing ndis protocol driver:

        tcpip           |   virtual miniport           |       wsk socket           |         tcpip           | real physical miniport           |      internet

Comments

Post a Comment

Popular posts from this blog

All overlapping substrings matching a java regex -

-
is there api method returns (possibly overlapping) substrings match regular expression? for example, have text string: string t = 04/31 412-555-1235; , , have pattern: pattern p = new pattern("\\d\\d+"); matches strings of 2 or more characters. the matches are: 04, 31, 412, 555, 1235. how overlapping matches? i want code return: 04, 31, 41, 412, 12, 55, 555, 55, 12, 123, 1235, 23, 235, 35. theoretically should possible -- there obvious o(n^2) algorithm enumerates , checks substrings against pattern. edit rather enumerating substrings, safer use region(int start, int end) method in matcher . checking pattern against separate, extracted substring might change result of match (e.g. if there non-capturing group or word boundary check @ start/end of pattern). edit 2 actually, it's unclear whether region() expect zero-width matches. specification vague, , experiments yield disappointing results. for example: string line = "xx90xx"; strin...
Read more

c++ - Using OpenSSL in a multi-threaded application -

-
i have been writing soap client application in c++ on ubuntu using openssl https transport , pthreads threading. have number of threads - 1 central data acquisition thread periodically gets worker threads make soap requests via shared mutex protected queues. reading documentation openssl found is openssl thread-safe? in openssl faq describes mechanisms required ensure thread safety when using openssl. implemented , works fine. the reason question conceptual difficulty really. thinking implementing same functionality application has already, instead of using threads, create 2 seperate applications : 1 worker thread (of multiple copies running) , main data acquisition thread. use tcp sockets communicate between 2 rather mutex protected queues. may bad idea not important - confusing me would have implement same functions required ensure openssl thread safety in second approach or not? my guess not have , treated independent (indeed surely must many applications use openssl) re...
Read more

php - Deleting/Renaming a locked file -

-
with php, there way force unlock file (for renaming/deleting) locked running program on same server? more details: have image service running on server caches large pathology images web when try delete or rename images through php interface, cannot when image files locked , still being accessed web image service. i have no control on web service cannot tell close image. work around restart web service , delete/rename files cause service interruption other users trying access other images through web. os: windows server 2003
Read more