- This topic has 9 replies, 4 voices, and was last updated 16 years, 4 months ago by Vadim Smirnov. 
- 
		AuthorPosts
- 
		
			
				
January 2, 2009 at 7:05 pm #5251Hi. Happy New Year first of all. I have downloaded latest version of WinpkFilter and installed it on my server. This driver seems to be the absolutely perfect solution for my server setup. I intend to write a very small firewall that filters specific TCP packets used in a NMDC CTM DDoS attack and logs incoming information such as destination IP and the actual content of blocked packet. I have already put together a GUI in Delphi, but have ran into a problem with the code. The OpenFilterDriver(‘NDISRD’) function fails to load the driver for some reason; Helper driver failed to load or was not installed First I thought that I wrote something wrong in my code, so I compiled one of sample projects that comes together with WinpkFilter, listadapters. It compiled very well, without a single warning or error. But it does output same error about helper driver load failure when I run it. I know that helper driver is hooked to the system and is properly running, because I’m able to run pre-built version of ListAdapters from bin subfolder and get a list of available adapters. So my question is.. What could possibly be wrong? Why does function OpenFilterDriver fail and how can I debug / try to fix it? I use CodeGear Delphi 2009 on Windows Server 2003 R2 SP2 (32 bit). 
 (ndisapi.dll is included in same directory as newly compiled program)Thank you. January 3, 2009 at 8:10 am #6739Happy New Year to you too! Very strange issue, if standard samples run fine and you use standard build of the WinpkFilter driver (named NDISRD) then there should not be any problems with using it from Delphi. However, Delphi samples originally were developed and tested from Delphi 7 environment. I don’t know how it is different from CodeGear Delphi 2009. Does Delphi 2009 .NET based or it still generates pure Win32 code? I have attached Delphi 7 compiled binaries. If these binaries also run fine on your system then this is probably something relative to Delphi 2009 code generation/project settings. Let me know how it works. January 3, 2009 at 7:02 pm #6740Thank you for reply. Your precompiled programs work all together; D:Downloadstest>ListAdapters 1) WAN Network Interface (IP) 
 Internal Name: DEVICENDISWANIP
 Current MAC: 000000000000
 Medium: 0x00000003
 Current MTU: 0
 Current adapter mode: 02) Local Area Connection 
 Internal Name: DEVICE{53179067
 Current MAC: 0010DCF85C9B
 Medium: 0x00000000
 Current MTU: 1500
 Current adapter mode: 0Current system wide MTU decrement = 0 
 Default adapter startup mode = 0Looks like Delphi 2009 issue. Current Delphi version I’m using is pure Win32, .NET version wasn’t even installed with RAD Studio installation. I wonder what I should be looking for in order to solve this. ❓ January 10, 2009 at 12:08 am #6741Ешкин кот, не могу найти проблему, люди, помогите пожалуйста. Мне вобщето много не надо, только чтобы программа блокировала (не впускала) входящие TCP пакеты содержащие текст $MyNick или $Lock на заданный локальный порт, и впускала (не блокировала) все остальные. Пробывал WwwCensor, но он сканирует только HTTP трафик с запросами GET и POST как я понял. 😐 January 12, 2009 at 8:40 am #6742Да вообще странно как-то, косяк компилятора, разбираться не особенно хочется. WWWCensor ищет по всему пакету, он не разбирает запросы. Но проверяет только пакеты пришедшие с 80 порта или уходящие на 80 порт. Так что в общем-то в нем нужно поменять только номер порта или сделать порт параметром командной строки. Ну и соответственно сделать так чтобы он на две строчки проверял а не на одну. February 23, 2009 at 8:07 pm #6743hello, yes my case is the same, i explain it: the compiled code runs only when it is launched under console, but not if it is running under IDE enviroment, 
 it stops when reach isDriverLoaded fn, wich always returns false, ntapidll is always visible in path, and drivers is succesfully installed in network adapter. The code runs fine but under console.February 23, 2009 at 8:30 pm #6744i note that when i get the last error, it says: “the file cannot be found..” June 29, 2009 at 4:19 am #6745I’ve located the problem. 
 Since Delphi 2009 using unicode in every place, now PChar need to be modify to PANSIChar when calling external DLLs.so do not use ‘String’ (or PChar) parameters in DLLs at all. Use PAnsiChar instead. As a fast test, I changed : 
 OpenFilterDriver: function(pszFileName : PChar): THANDLE; stdcall;
 in winpkf.pas to 
 OpenFilterDriver: function(pszFileName : PANSIchar): THANDLE; stdcall;
 and it works. 
 but the result is broken:
 C:Program FilesWinpkFiltersamplesDelphibin>ListAdapters.exe
 1) ??敎睴牯?湉整晲捡???
 Internal Name: ?噅?居?卉??P
 Current MAC: 000000000000
 Medium: 0x00000000
 Current MTU: 0
 Current adapter mode: 0
 
 2) 楗敲敬獳丠瑥潷歲?湯敮瑣潩nrk Connection
 Internal Name: ?噅?居??????????????????終
 Current MAC: 000000000000
 Medium: 0x00000000
 Current MTU: 0
 Current adapter mode: 0
 
 3) 楗敲敬獳丠瑥潷歲?湯敮瑣潩nrk Connection
 Internal Name:
 Current MAC: 000000000000
 Medium: 0x00000000
 Current MTU: 0
 Current adapter mode: 0
 
 Current system wide MTU decrement = 0
 Default adapter startup mode = 0
 
 C:Program FilesWinpkFiltersamplesDelphibin>
 sure there are more modified should be made. Would the developers please try test it in Delphi 2009? and it looks like a easy issue. 
 Delphi 2009 is the first usable version since D7, and I see lots of company have been shifted from D7 to D2009. I believe delphi is back.June 29, 2009 at 5:53 am #6746after change every ‘char’ -> ‘ansiChar’, ‘string’ ->’ansiString’, ‘PChar’ ->’PAnsiChar’, now the ListAdapater sample runs. 
 C:Program FilesWinpkFiltersamplesDelphibin>ListAdapters.exe
 1) WAN Network Interface (IP)
 Internal Name: DEVICENDISWANIP
 Current MAC: 000000000000
 Medium: 0x00000003
 Current MTU: 0
 Current adapter mode: 0
 
 2) Local Area Connection
 Internal Name: DEVICE{9210E6AE-195F-4FBE-AA56-C1929254C9CD}
 Current MAC: 00155830A804
 Medium: 0x00000000
 Current MTU: 1500
 Current adapter mode: 0
 
 3) Wireless Network Connection
 Internal Name: DEVICE{F7A11532-EEC1-43FB-A8A3-453DB2C2BD6B}
 Current MAC: 0013027B1097
 Medium: 0x00000000
 Current MTU: 1500
 Current adapter mode: 0
 
 Current system wide MTU decrement = 0
 Default adapter startup mode = 0
 But i ‘m not sure how did you guys treat unicode in other languages such as C#? 
 Since I’m planning to work with winpkf, I think I need to dig a bit more on unicode support.June 29, 2009 at 9:06 am #6747For the cross platform compatibility WinpkFilter driver returns adapter names as ANSI strings (actually only ANSI set used for internal adapter names). On user mode level you can operate with UNICODE strings if needed, just remember that strings from driver are in ANSI. 
- 
		AuthorPosts
- You must be logged in to reply to this topic.
