Forum Replies Created
-
Posts
-
1) Yes, of course this is possible to do with WinpkFilter.
2) We don’t have defragment/fragment sample code we can send to you. Although we can develop one as a small consulting project if you agree to pay the development effort.GetAdapterPacketQueueSize was added on the customer request. Personally I never used it myself in WinpkFilter based projects. But it may have sense to use it an example when you have a single thread reading packets from several network interfaces. In this case you can use this call to determine the interface with the largest amount of packets queued and read that amount of packets in next API call.
NdisrdRequest is a wrapper around NdisRequest NDIS call. It only needed if you need to query some specific information from the network interface.
-1 means WAIT_FAILED and the problem is in hEvent[0] value which is NULL
You defined hEvent array indexed from 0, as below
hEvent: array[0..255] of THANDLE;But you fill it with event handles starting from index 1 (see below), so for index 0 you have an invalid event handle.
for dwAdIndex := 1 to AdList.m_nAdapterCount do
begin
...
hEvent[dwAdIndex] := CreateEvent(nil, TRUE, FALSE, nil);You have to install the correct driver into the system, 32 bit driver for 32 bit system and 64 bit driver for 64 bit one. Application can be the same, however 64 bit application may give some advantage on 64 bit platform.
WinpkFilter has an internal packet pool for 500 packets, if the network gets locked then may be there are already 500 packets waiting for you to read them out from the driver. Try to call GetAdapterPacketQueueSize for every adapter you have set into tunnel/listen modes to see how many packets are queued and not processed by your application yet.
You can’t load 32 bit driver on 64 bit system and vice versa, so you should use drivers according target architecture. However, you can use 32 bit application on 64 bit Windows, ndisapi.dll does all required conversions.
Well, we can’t be responsible for NAT32 behaviour because everything depends on how this application routes packets. If you can describe the problem with WinpkFilter itself I can try to help, but hardly likely I can help with NAT32. 🙄
When dealing with NDIS IM drivers you should sign both CAT file and driver binaries (embedded signing).
Normally all WAN connections in Windows go through the NDISWANIP (for IPv4)/NDISWANIPV6 (for IPv6) Ethernet 802.3 emulation on top of WAN miniports. So if you need to filter packets going through WAN connection you are supposed to filter on NDISWANIP (or NDISWANIPV6) network adapter listed by listadapters.
Update:
ndisrd.inf describes protocol part of NDIS IM driver and installed with hidden attribute.Hook driver is installed using the direct creation of the registry key. If you want to be able to install through command line you can create a simple console application to do that. Or alternatively you can use regini tool from the DDK along with appropriate INI file. Although I’m not sure if regeini supports removal of the registry keys.
It seems I have to use snetcfg.exe in order to make a silent install, right ?
Yes, that’s right.
In the mail I received, it is said I can send you new names for drivers and devices and information to include in the resource.What exactly can be changed, and where will I see it ? I mean, I don’t know exactly what I can custom.
It supposed that you provide the new name for driver binaries instead NDISRD (ndisrd.sys/ndisrd.vxd) used for the standard build. And any copyright/product name information you would like to include into the binaries resource.
By devices, does it mean that you can change the name of VirtNet adapter for us, or will we have to do it thank to its source code ?
We don’t customize VirtNet and you can do it yourself when needed. By the way, in order to get the source code for VirtNet please send a request to support(at)ntkernel.com along with your Plimus order ID.
Actually what exactly happens after calling SendPacketToAdapter or SendPacketToMstcp it will remove from the adapter queue or not also if i call FlushAdapterPacketQueue which packets will be clear exactly means the packets which are in queue or some other means new packets?
SendPacketToAdapter and SendPacketToMstcp don’t affect adapter packet queue, but ReadPacket does. The packet is added to the queue when it comes from the MSTCP or from the network and removed from the queue when you read it.
What exactly the flushadapterpacketqueue will do?
If there are packets queued for the particular network adapter they are removed from the queue and silently dropped.
Also at what frequency the packets will enter in queue means my packet processing is slow or what?
If the queue reaches its maximum size and causes newly coming packets to be dropped then probably your packet processing is slow. However, in reality packet queue size may vary depending of the system load.
Normally flushing packets is supposed to be used when you finish with packet processing and want to deallocate resources.
WinpkFilter orders are processed by Plimus e-commerce provider (http://www.plimus.com). I think it makes sense for you to contact their support regarding the bills you need from them.
Hook driver won’t be displayed in network connection properties. However, it worth to mention that NDIS IM driver also can be hidden from the network connection properties if needed.
Manual WinpkFilter driver installation is covered by my post above. As for possible network configuration problems it is not that easy to advise as I have no idea what may have happen. Most probably there was unsuccessful instillation of the driver which has left some remnants in the system registry and does not allow to install the driver once again. You can check if the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesndisrd exists on the target system.
