Forum Replies Created
-
Posts
-
To resolve an issue with DNS you can change all your filters from blocking to redirect and check filter ID in the DNS packets. So you can identify filter which selects DNS packets.
From what I can see filter 2 is supposed to block incoming packets on local port 80. If this is what you want to do and still incoming packets on port port 80 are not blocked then there is only one possibility – these packets are passed by filter 1.
I don’t have the filters code under hand at the moment but for the second filter I would add that it should be applied to TCP protocol.
Please clarify, are using an application build on top of WinpkFilter driver and this application reports that driver is missing?
Windows Packet Filter Kit 3.1.3 released:
– Changed approach to disable TCP task offload in NDIS LWF. Previous method had some known issues.If you are eligible for a free update, please send the following details to support@ntkernel.com tо receive an update instruction:
1) Your order ID.
2) An approximate date of purchasing.I’m not familier with IPSECVPN software you use, but yes, there are two possibilities:
1) IPSEC driver above WinpkFilter: in this case instead normal TCP/IP packets (all or only part of them depending on IPSEC policy) you intercept encrypted IPSEC packets. I’m not sure how your WinpkFilter software would deal with these packets (tries to tunnel or ignores).
2) IPSEC driver below WinpkFilter: in this case your UDP tunnel packets can be encrypted by IPSEC driver (depending on the policy).I would check what packet you get in your WinpkFilter software and check what packet go out on the network media with network sniffer to discover the details.
Under Linux you can use http://www.netfilter.org/projects/libnetfilter_queue/
Windows Packet Filter Kit 3.1.2 released:
– Added Filter ID for the packets redirected by built-in filters
– Updated C# samplesIf you are eligible for a free update, please send the following details to support@ntkernel.com tо receive an update instruction:
1) Your order ID.
2) An approximate date of purchasing.Internet Gateway code simply treats all adapters with media different from NdisMedium802_3 as WAN. This is not correct of course, but works for most cases and good enough for the sample. I think your intrface reports media different from 802.3 and this causes described misbehave. NDIS_MEDIUM is defined as following:
typedef enum _NDIS_MEDIUM
{
NdisMedium802_3,
NdisMedium802_5,
NdisMediumFddi,
NdisMediumWan,
NdisMediumLocalTalk,
NdisMediumDix, // defined for convenience, not a real medium
NdisMediumArcnetRaw,
NdisMediumArcnet878_2,
NdisMediumAtm,
NdisMediumWirelessWan,
NdisMediumIrda,
NdisMediumBpc,
NdisMediumCoWan,
NdisMedium1394,
NdisMediumInfiniBand,
#if ((NTDDI_VERSION >= NTDDI_VISTA) || NDIS_SUPPORT_NDIS6)
NdisMediumTunnel,
NdisMediumNative802_11,
NdisMediumLoopback,
#endif // (NTDDI_VERSION >= NTDDI_VISTA)#if (NTDDI_VERSION >= NTDDI_WIN7)
NdisMediumWiMAX,
NdisMediumIP,
#endifThere are too many things to improve in this sample to build a real NAT aplication suitable for different environments and it would take plenty of time to build a desired list. You’d better look at some solutions alreaddy available on market to see what features can be implemented.
Thank you for reporting this, but the more detailed network configuration would be appreciated. Like what network adapters do you have, what type and which of them are connected (ipconfig output?). And how Internet Gateway identifies these ones (may be screenshot?).
Although, I have to note that Internet Gateway is just a sample coded in a day to demonstrate usage of WinpkFilter driver for NAT solutions. And of course it does not pretend to be a well tested end user application.
Ndisrdmp is a miniport part of WinpkFilter NDIS IM driver. However, if you use one of the latest versions (starting 3.0.8) of WinpkFilter then it is supposed to install NDIS LWF driver on Windows Vista and later which does not have that part. Probably the WinpkFilter version you use is out-of-date.
Yes, you can fragment the resulted packet and send out two packets instead one, server will reassemble it. However, please note that fragmented packets often are blocked by firewalls.
There was one fix in 3.1.1 (LWF unload/unbind bug) which may be related to your problem. It was very difficult to reproduce and caused various side effects one of those is network lock.
Have you started command line (under which you execute snetcfg) under Administrator account?
Normally when you install LWF driver the network is temporary disconnected and then reconnected. Do you mean that in your case the network is permanently disabled?
Windows Packet Filter Kit 3.1.1 released:
– Updated C# samples and interface header
Bug fixes:
– Unload LWF driver hang problem fixed. As a side issue this bug has also caused network lock with Windows Hardware Certification Kit on some systemsIf you are eligible for a free update, please send the following details to support@ntkernel.com tо receive an update instruction:
1) Your order ID.
2) An approximate date of purchasing.
