file system filter driver

Hi All,

I am writing a file system filter driver for Windows 2000 and I need to
intercept all the file requests and pass the file name to the application
that is running in user level and wait for its response and then allow the
file operation to go normally.

The flow is as follows:

  1. Intercept CREATE requests.
    2 . get the file name
  2. signal the event ( event that is shared between appllication and driver)
  3. pass the file information to application
  4. create another event and wait for the application to respond for the
    information that we sent
  5. Come out of wait and allow the operation to go through normally

the problem that I am facing is sometimes randomly in between steps 4 and 5
the system hangs and when see in the debugger it says that waiting for the
last file information that we passed to application.

Any information is helpful.

Thanks in advance,
Kedar.

Hello Everyone,

I’m new to File System Filter Driver Developement. I need to develop
a filter driver for a Anti-Virus a product (for 2k/XP/2003 only). Can
you please guide me as how to design it?
For a File System Filter Driver development which device object i have
to hook ? Consider the case of hooking the Harddisk - shall i hook
each volumes like C:\ , D:\ … ? or the RawDevice object
i have to hook - like Sfilter sample in IFS kit? Awaiting for anyone’s reply.

Thanks in advance,
sivaraja