Help in IPFilterHook

OSR_Community_User · July 21, 2003, 4:25am

Please i need some help in “IPFilterHook”

I made a user interface for that driver, which can set the filtering rules
to the driver,
and i can also read and write data from the driver,but on user interface
demand.

the filtering function returns PF_PASS or PF_DROP for each packet due to
the filtering rules,
also for some packet types I need the driver to wait until the user select
pass/drop the packet, so,

how can i make the filtering function wait until the user sends his
command before the filtering function returns.

note: i tried to make somee waiting loops inside the driver but the
computer hangs cause the priority is to handle the driver process rather
than the user interface so i cant exit the loop.

is there any examples or codes on the net for this situation.

Maxim_S_Shatskih · July 21, 2003, 1:36pm

> and i can also read and write data from the driver,but on user interface

demand.

You cannot filter the packets on user interface demand.

how can i make the filtering function wait until the user sends his
command before the filtering function returns.

You cannot. The maximum you can do is to have the spinlock-protected rules
table in the driver, which is accessed from packet receive path and is updated
by IOCTLs or WMI calls from the UI code.

By no means you can invoke the UI action on packet arrival.

Max

Srin_Kumar · July 21, 2003, 2:13pm

Hazem,
Your receive path executes at DISPATCH_LEVEL. So you CAN NOT
Wait at this IRQL. If you answer the following question I can suggest
you a better approach.

Can you pend the operation of receive/send and do it at a latter point
of time from IPFilterHook? I knew we can do this in IM driver.

-Srin.

-----Original Message-----
From: Hazem K [mailto:xxxxx@popmail.com]
Sent: Monday, July 21, 2003 1:25 AM
To: Windows System Software Developers Interest List
Subject: [ntdev] Help in IPFilterHook

Please i need some help in “IPFilterHook”

I made a user interface for that driver, which can set the filtering
rules
to the driver,
and i can also read and write data from the driver,but on user
interface
demand.

the filtering function returns PF_PASS or PF_DROP for each packet due
to
the filtering rules,
also for some packet types I need the driver to wait until the user
select
pass/drop the packet, so,

how can i make the filtering function wait until the user sends his
command before the filtering function returns.

note: i tried to make somee waiting loops inside the driver but the
computer hangs cause the priority is to handle the driver process
rather
than the user interface so i cant exit the loop.

is there any examples or codes on the net for this situation.

You are currently subscribed to ntdev as: xxxxx@nai.comH
To unsubscribe send a blank email to xxxxx@lists.osr.com

OSR_Community_User · July 22, 2003, 2:05pm

>>You cannot. The maximum you can do is to have the spinlock-protected

>rules
>table in the driver, which is accessed from packet receive path and is
>updated
>by IOCTLs or WMI calls from the UI code.

>By no means you can invoke the UI action on packet arrival.

1- please can you give me more explination about the “spinlock-protected
rules”

2-is there a way that I can put the filtering function in a wait state
(through some means of semaphores)and later the DrvDispatch signals that
simaphore (when the user send the IOCTRL )?

OSR_Community_User · July 22, 2003, 2:12pm

1-do you mean that if the filter function is in wait state then the driver
dispatch function will not work.

2-about the question :I dont know if that is possible.
but if so what’s your approach?

Srin_Kumar · July 22, 2003, 4:16pm

Hazem,
Look at IM driver model(PASSTHRU sample in XP DDK). In IM driver you can not put yourself in wait state. But you could queue the packet and releated information and a system thread can process the information and communicate with app. But as whole this would make the system running your product slow in network activity and could triger lot of retransmissions etc…
Not a suggested model. You can only implement a good passive model where you can drop/allow the traffic depending on the existing rules.

-Srin.

-----Original Message-----
From: Hazem K [mailto:xxxxx@popmail.com]
Sent: Tuesday, July 22, 2003 11:05 AM
To: Windows System Software Developers Interest List
Subject: [ntdev] Re: Help in IPFilterHook

>You cannot. The maximum you can do is to have the spinlock-protected
>rules
>table in the driver, which is accessed from packet receive path and is
>updated
>by IOCTLs or WMI calls from the UI code.

>By no means you can invoke the UI action on packet arrival.

1- please can you give me more explination about the “spinlock-protected
rules”

2-is there a way that I can put the filtering function in a wait state
(through some means of semaphores)and later the DrvDispatch signals that
simaphore (when the user send the IOCTRL )?

You are currently subscribed to ntdev as: xxxxx@nai.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Maxim_S_Shatskih · July 22, 2003, 5:11pm

> 2-is there a way that I can put the filtering function in a wait state

(through some means of semaphores)and later the DrvDispatch signals that
simaphore (when the user send the IOCTRL )?

No.

Max