Vadim Smirnov

Forum Replies Created

Viewing 15 posts - 871 through 885 (of 1,486 total)
  • Author
    Posts
  • in reply to: DELPHI PACKET MANIPLATION AND ROUTING #6733
    Vadim Smirnov
    Keymaster

      Of course you can implement the routing by yourself. You can read packet from one interface, check/modify and forward to another using NDISAPI interface. You have to support you own routing table and etc.. to implement this properly. IHMO it is doable, but there is easier way…

      Personally I prefer to let the MSTCP to do the routing work like it is done in Internet Gateway advanced sample http://www.ntkernel.com/w&p.php?id=31. This is very similar to what you need but the routing operation is performed by MSTCP, so probably it should help you to start.

      in reply to: QoS custom bits #6760
      Vadim Smirnov
      Keymaster

        Can I use WinpkFilter run-time libraries (from the site) to make such application?

        Yes, these libraries are fully functional and you can use them for the development.

        in reply to: SendPacketToAdapter() causes crash… #6761
        Vadim Smirnov
        Keymaster

          On my computer, the list of available adapters includes a “WAN Network Interface (IP)” adapter. If I attempt to send a generic Ethernet packet through this adapter, using SendPacketToAdapter(), it causes my Windows XP SP3 VMware Server instance to fault and reboot. I didn’t test for this on other computers.

          This is a know issue. If you try to send packet with incorrect Ethernet header on the NDISWANIP (WAN Network Interface (IP)) it may crash the NDIS.SYS. NDISWAN uses Ethernet addresses from the packet header to identify the exact WAN link (actually bytes from Ethernet header used as an index in the WAN links table). If the index for the table is wrong NDISWAN references incorrect memory and crashes. So you should be very careful with what packet you send on NDISWANIP.

          The only way it can be fixed is checking Ethernet header for WAN interface in driver and dropping packets with incorrect headers (not associated with any active WAN links). However, from other side this would add some sort of limitation to what you can do with WInpkFilter (I can imagine the situation with layered filters which uses Ethernet addresses for some sort of remapping). So dealing with this issue was left to developers who use WInpkFilter. By request this special check can be added to the driver custom build.

          in reply to: NeT Firewall on win 2008 #6756
          Vadim Smirnov
          Keymaster

            Well, do U have any schedule when to ship a vista/2008 version?

            Hopefully in the next couple of months 🙂

            in reply to: QoS custom bits #6758
            Vadim Smirnov
            Keymaster

              1) can I make mentioned miniport driver using WinPkFilter?

              In case of using WinpkFilter you even don’t need to create an extra miniport driver. You can intercept RTP packets between the physical network card and TCP/IP stack, set the QOS bits, recalculate checksums and re-inject packets back into the stack.

              2) Does application need admin rights to load this driver?

              You need admin rights to install the driver, not to use.

              in reply to: DELPHI PACKET MANIPLATION AND ROUTING #6731
              Vadim Smirnov
              Keymaster

                Explain what you don’t understand, otherwise it is difficult to advise…

                in reply to: _INTERMEDIATE_BUFFER.m_Length Question… #6751
                Vadim Smirnov
                Keymaster

                  Interesting behavior, I have never heard about anything like this before and I suspect this is somehow specific to particular TCP/IP stack implementation.

                  INTERMEDIATE_BUFFER.m_Length indicates the total size of the buffers containing packet data which were indicated from the NIC to MSTCP OR sent by MSTCP to NIC. So this is a system specific value, it is not taken/calculated from packet headers.

                  in reply to: NeT Firewall on win 2008 #6754
                  Vadim Smirnov
                  Keymaster

                    In the meantime NeT Firewall does not support Windows 2008 because of the serious changes in the network stack introduced by 2008/Vista. We do plan to add Vista/2008 support in the near future.

                    in reply to: VirtNet on WXP x64 #6626
                    Vadim Smirnov
                    Keymaster

                      I’m sorry, I’ve been a bit overloaded last time. I just need an to find some time to update an INF file, VirtNet driver itself rebuilds without any problems for x64.

                      in reply to: [WinpkFilter 3.0.4.1] Failed to load helper driver (Delphi) #6742
                      Vadim Smirnov
                      Keymaster

                        Да вообще странно как-то, косяк компилятора, разбираться не особенно хочется. WWWCensor ищет по всему пакету, он не разбирает запросы. Но проверяет только пакеты пришедшие с 80 порта или уходящие на 80 порт. Так что в общем-то в нем нужно поменять только номер порта или сделать порт параметром командной строки. Ну и соответственно сделать так чтобы он на две строчки проверял а не на одну.

                        in reply to: [WinpkFilter 3.0.4.1] Failed to load helper driver (Delphi) #6739
                        Vadim Smirnov
                        Keymaster

                          Happy New Year to you too!

                          Very strange issue, if standard samples run fine and you use standard build of the WinpkFilter driver (named NDISRD) then there should not be any problems with using it from Delphi. However, Delphi samples originally were developed and tested from Delphi 7 environment. I don’t know how it is different from CodeGear Delphi 2009. Does Delphi 2009 .NET based or it still generates pure Win32 code?

                          I have attached Delphi 7 compiled binaries. If these binaries also run fine on your system then this is probably something relative to Delphi 2009 code generation/project settings. Let me know how it works.

                          in reply to: Current process ID #6728
                          Vadim Smirnov
                          Keymaster

                            Лучше запоминать идентификатор процесса в момент создания address/connection objects, эти операции обычно не откладываются и обьект создается именно в контексте вызывающего процесса.

                            in reply to: DELPHI PACKET MANIPLATION AND ROUTING #6729
                            Vadim Smirnov
                            Keymaster

                              You can turn on routing on Windows system and it will route the packet without additional efforts from your side.

                              You have only to make user authentication on the internal interface and NAT on the eternal (if necessary).

                              Refer Internet Gateway sample for the details about NAT. Install script for this sample also turns on routing (NSIS script function):

                              Function EnableRouter
                              SetRebootFlag true
                              ${If} ${IsNT}
                              WriteRegDWORD HKEY_LOCAL_MACHINE SYSTEMCurrentControlSetServicesTcpipParameters IPEnableRouter 1
                              ${Else}
                              WriteRegDWORD HKEY_LOCAL_MACHINE SYSTEMCurrentControlSetServicesVxDMstcp EnableRouting 1
                              WriteRegDWORD HKEY_LOCAL_MACHINE SYSTEMCurrentControlSetServicesVxDMstcp IPEnableRouter 1
                              ${EndIf}
                              FunctionEnd
                              in reply to: Indicating New MAC address to NDIS #6725
                              Vadim Smirnov
                              Keymaster

                                I don’t know if it helps but I would try to call NdisMIndicateStatus with NDIS_STATUS_MEDIA_DISCONNECT and then with NDIS_STATUS_MEDIA_CONNECT. Probably you will be queried for MAC address after these indications, but I have never tried anything like this.

                                in reply to: about snetcfg.exe #6727
                                Vadim Smirnov
                                Keymaster

                                  If you are still able to install WInpkFilter NDIS IM driver on that system then probably you doing something wrong when using snetcfg.

                                Viewing 15 posts - 871 through 885 (of 1,486 total)