Problem with Winpkfilter

Home Forums Discussions Support Problem with Winpkfilter

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #5403
    siddappa
    Participant

      Hi,

      I have 3 adaptors in my system and my application which is based on Igateway source code is assigning 1st and 2nd card as provider and client. I’m succesfully getting the packets calling ReadPacket(). But i see there is packet drop on 3rd adaptor as well. What could be the reason for this? All these problems seems to be on Win7 and beyond OS.

      #7167
      siddappa
      Participant

        Please note that all the problems are seen only in costumer place. Please point out the possible causes for this kind of issues. It’s quite urgent as we are not able to trace the root cause yet.

        #7168
        Vadim Smirnov
        Keymaster

          If your application is slow in reading and processing packets and driver queue grows fast enough then this is possible to start loosing packets for other network interfaces.

          #7169
          siddappa
          Participant

            I don’t know if this makes any sense, this is the code we have added to Internet Gateway,so that we can allow users based on their MAC address.

            if(::SendARP(pIpHeader->ip_src.S_un.S_addr, INADDR_ANY, MACSource, &dwMacSize) != NO_ERROR)
            continue;

            pNatClient = pDlg->GetClientByMAC(MACSource);
            if(pNatClient == NULL)
            if(!hAdapters[dwIndex]->IsLocalAddress(&pIpHeader->ip_dst))
            {
            if(pIpHeader->ip_p == IPPROTO_TCP)
            {
            pTcpHeader = (tcphdr*)(((PUCHAR)pIpHeader) + sizeof(DWORD)*pIpHeader->ip_hl);
            if(ntohs(pTcpHeader->th_dport) != 80)
            {
            if(ntohs(pTcpHeader->th_dport) != 443)
            {

            continue;

            }

            }

            if(pTcpHeader->th_flags == TH_SYN)
            bTrack = TRUE;
            }
            }
            }

            if((bForceRouting) &&(hAdapters[dwIndex]->m_NATState == CLIENT) && (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_RECEIVE))
            {
            bNeedToBeRouted = pDlg->IsNeedToForceRouting(pEthHeader->h_dest, pIpHeader->ip_dst.S_un.S_addr, pProviderCard->m_Index);
            }

            // TCP packet processing
            if (pIpHeader->ip_p == IPPROTO_TCP)
            {
            // This is TCP packet, get TCP header pointer
            pTcpHeader = (tcphdr*)(((PUCHAR)pIpHeader) + sizeof(DWORD)*pIpHeader->ip_hl);

            // Outgoing TCP packets processing
            if(((bForceRouting) && (bNeedToBeRouted) &&(hAdapters[dwIndex]->m_NATState == CLIENT)&&(PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_RECEIVE))
            ||
            ((!bForceRouting) &&(hAdapters[dwIndex]->m_NATState == PROVIDER)&&(PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)))
            {
            CPortNATEntry* pTcpNE = NULL;

            if (pTcpHeader->th_flags == TH_SYN)
            {
            // New TCP connnection established, allocate dynamic NAT entry

            if((!bForceRouting) && bTrack)
            pTcpNE = pDlg->m_TcpNatTable.Allocate(pIpHeader->ip_src, pTcpHeader->th_sport, pIpHeader->ip_dst, pTcpHeader->th_dport, bTrack, MACSource);
            else if(bForceRouting && bTrack)
            pTcpNE = pDlg->m_TcpNatTable.Allocate(pIpHeader->ip_src, pTcpHeader->th_sport, pIpHeader->ip_dst, pTcpHeader->th_dport, bTrack, pEthHeader->h_source);
            else
            pTcpNE = pDlg->m_TcpNatTable.Allocate(pIpHeader->ip_src, pTcpHeader->th_sport, pIpHeader->ip_dst, pTcpHeader->th_dport, bTrack);

            if(pTcpNE)
            {
            pTcpNE->m_IpNAT = bForceRouting?pProviderCard->m_NATIp:hAdapters[dwIndex]->m_NATIp;
            }

            pDlg->CheckMTUCorrelation(&PacketBuffer, pIpHeader, pTcpHeader);
            }
            else
            {
            // Try to locate existing NAT entry
            pTcpNE = pDlg->m_TcpNatTable.Find(pIpHeader->ip_src, pTcpHeader->th_sport, pIpHeader->ip_dst, pTcpHeader->th_dport);

            if(pTcpNE && pTcpNE->m_bTracked && pTcpHeader->th_flags == (TH_ACK | TH_PSH))
            {
            // Add filtering URL here
            CHAR * pHttpMsg = (CHAR*)(((PUCHAR)pTcpHeader) + sizeof(DWORD)*pTcpHeader->th_off);
            INT maxLength = PacketBuffer.m_Length – ::abs((LONG)((DWORD)pHttpMsg – (DWORD)pEthHeader));
            CHAR* szHost = NULL;
            CHAR *pHttpHeaderLine = new char[1024];
            int i = 0, j;

            ::ZeroMemory(pHttpHeaderLine, 1024);

            do{
            j = 0;
            while( i < maxLength && pHttpMsg != ‘n’ && j < 1022)
            {
            pHttpHeaderLine[j] = pHttpMsg
            ;
            i++;
            j++;
            }
            pHttpHeaderLine[j++] = ‘n’;
            pHttpHeaderLine[j] = ‘’;
            i++;

            if(::_strnicmp(pHttpHeaderLine, “Host: “, 6) == 0)
            {
            pHttpHeaderLine[j-2] = ‘’;
            szHost = new CHAR[8 + strlen((char*)&pHttpHeaderLine[6])];
            ::sprintf(szHost, “http://%s&#8221;, (char*)&pHttpHeaderLine[6]);
            }

            }while( i < maxLength && !( pHttpHeaderLine[0] == 'r' && pHttpHeaderLine[1] == 'n')); delete pHttpHeaderLine; if(szHost != NULL && pDlg->GetAllowedURL(szHost, strlen(szHost)) == -1)
            pTcpNE->m_ack = pTcpHeader->th_ack;

            if(szHost != NULL)
            delete szHost;
            }
            }

          Viewing 4 posts - 1 through 4 (of 4 total)
          • You must be logged in to reply to this topic.