Forum Replies Created
-
Posts
-
In the sleep mode system may power down network interfaces thus changing the network adapters list. So in general after the system is back from the sleep mode you have to reinitialize adapters list and restart packet capturing using new adapter handles.
May the prblem is in your driver load order. If SendHandler was registered before you have had a chance to modify the results then your code will be never called.
During driver installation system caches INF files and even if you uninstall the driver the cached INF stil remains in the system and used by default. Note to use fresh OS installation or clean up the system including INF/PNF cached files removal before using an updated INF.
That depends from the virtual network adapter. WinpkFilter NDIS IM driver is installed for “ethernet, wan” interfaces while VMWare virtual adapters have “nolower” type. For research purposes you can modify WinpkFilter INF files and add “nolower” to “ethernet, wan” but note that this may add filtering for the network interfaces you were not supposed to filter on.
From your post it is difficult to understand what exactly did not work and what have you expected. If you need an answer please describe the problem in the details.
There is no difference except license terms. You can’t redistribute Free version modules or use it for any commercial needs.
Under Windows 3G mobile adapters normally appear as WAN adapter under NDISWANIP device of install their own virtual miniport (visible as LAN or WiFi connection). For the first case it is enough to filter NDSWANIP device, for the second you must track when new network connection becomes available and capture on this newly added network interface.
Another type of mobile broadband drivers (NDIS 6.2) was added by Windows 7. In the meantime these adapters can’t be intercepted by WinpkFilter NDIS IM driver. We are working on the adding NDIS LWF driver to WinpkFilter set of drivers to support this new stack.
If i just copied the sys file to system32 folder but not created the entries. In that case what will happen.
Nothing, driuver won’t be loaded.
Also tell me how to uninstall a hook driver.
Remove registry key and driver binary from the system.
VirtNet should work fine on Windows 7, however I have never tested Ethernet Bridge under this OS and I don’t know how it may behave. Initially Ethernet Bridge was designed for WIndows NT/2000 where was no native Windows bridging functionality.
May be this helps a bit http://www.ntkernel.com/w&p.php?id=14
NDIS IM driver consists of two parts, protocol and miniport. It does bind to lowe layer as protocol and exports NDIS miniports to upper layer.
usually,i like to got the net packet in the windows service.the code is almost from your sample code. but when i stop the service, and start the service, the windows is disconnect from my mstsc.exe. so bad.
why? so server are ok, but some work are abnormality.It is rather some kid of problem in your packet processing code. Probably you miss proper cleanup when packet processing thread is stopped.
i will stop all the traffica atfer install the drivers.
Note to reboot after drivers installation. Although you are right, MS support of NDIS IM drivers under Windows 7 is not perfect and I do plan to release a new version this summer.
