[Vadim Smirnov]

From your post it is difficult to understand what exactly did not work and what have you expected. If you need an answer please describe the problem in the details.

[Vadim Smirnov]

There is no difference except license terms. You can’t redistribute Free version modules or use it for any commercial needs.

[Vadim Smirnov]

Under Windows 3G mobile adapters normally appear as WAN adapter under NDISWANIP device of install their own virtual miniport (visible as LAN or WiFi connection). For the first case it is enough to filter NDSWANIP device, for the second you must track when new network connection becomes available and capture on this newly added network interface.

Another type of mobile broadband drivers (NDIS 6.2) was added by Windows 7. In the meantime these adapters can’t be intercepted by WinpkFilter NDIS IM driver. We are working on the adding NDIS LWF driver to WinpkFilter set of drivers to support this new stack.

[Vadim Smirnov]

If i just copied the sys file to system32 folder but not created the entries. In that case what will happen.

Nothing, driuver won’t be loaded.

Also tell me how to uninstall a hook driver.

Remove registry key and driver binary from the system.

[Vadim Smirnov]

http://www.ntkernel.com/wpfk-help/install.htm

[Vadim Smirnov]

VirtNet should work fine on Windows 7, however I have never tested Ethernet Bridge under this OS and I don’t know how it may behave. Initially Ethernet Bridge was designed for WIndows NT/2000 where was no native Windows bridging functionality.

[Vadim Smirnov]

May be this helps a bit http://www.ntkernel.com/w&p.php?id=14

[Vadim Smirnov]

NDIS IM driver consists of two parts, protocol and miniport. It does bind to lowe layer as protocol and exports NDIS miniports to upper layer.

[Vadim Smirnov]

usually,i like to got the net packet in the windows service.the code is almost from your sample code. but when i stop the service, and start the service, the windows is disconnect from my mstsc.exe. so bad.
why? so server are ok, but some work are abnormality.

It is rather some kid of problem in your packet processing code. Probably you miss proper cleanup when packet processing thread is stopped.

i will stop all the traffica atfer install the drivers.

Note to reboot after drivers installation. Although you are right, MS support of NDIS IM drivers under Windows 7 is not perfect and I do plan to release a new version this summer.

[Vadim Smirnov]

The structure referred in listadapters sample for assigned IP address is not documented, so I cant’t say wether server IP can be found there or not. By the way can’t you use for that RAS API or IP Helper API?

[Vadim Smirnov]

Thank you for the information. We will change declaration of GetRasLinks for the next release.

[Vadim Smirnov]

When driver receives the memory block it checks if it has the correct size before filling it with data. If you shrinked the RAS_LINKS structure and passed smaller memory block to driver then it just has failed the operation. Is there a problem in C# with allocating large block of unmanaged memory?

[Vadim Smirnov]

Do you mean to filter OpenVPN virtual adapter?

[Vadim Smirnov]

Are you sure that you need these kind of loopback packets? In WinpkFilter context loopback packets are the packets indicated by NDIS layer to bound protocols in response of outgoing packet from one of the bound protocols. An example, TCP/IP sends a packet without NDIS_FLAGS_DONT_LOOPBACK. In this case packets does not only go out on the network media, but normally it is also indicated back to protocol layer as it would be received from the network. Some additional information on loopback packets you can find here http://www.ndis.com/ndis-ndis5/loopback/loopback.htm

[Vadim Smirnov]

I’m not aware much about you firewall code, but I would start with loging data out of your firewall solkution and running network sniffer in parallel in order to catch the situation and analyze what hapens.

[Author]

Posts