Hello all,
Recently, I am programming a firewall for fun in windows XP. In my
driver, I register a fake protocol then I hook some NDIS funcs to my hanle
funcs.
But I can’t hook the function which handle(set) MTU.
Could you give me some hints? or Could you tell me how to decide the MTU
in a IM driver?
Thax!
Anthony
Anthony,
Instead of hooking NDIS functions by registering fake protocols and
walking undocumented structures, I would suggest that you begin by using
the PASSTHRU sample in the DDK.
Then, you would monitor the various size OIDs (MAX_FRAME_SIZE, etc) in
the NdisRequest code path as they pass back from the miniport to the
upper protocols and modify the size on the way up.
Bryan S. Burgin
xxxxx@microsoft.com
This posting is provided “AS IS” with no warranties, and confers no
rights.
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Anthony
Sent: Thursday, July 10, 2003 9:04 PM
To: NT Developers Interest List
Subject: [ntdev] How to modify MTU in NDIS driver?
Hello all,
Recently, I am programming a firewall for fun in windows XP. In my
driver, I register a fake protocol then I hook some NDIS funcs to my
hanle
funcs.
But I can’t hook the function which handle(set) MTU.
Could you give me some hints? or Could you tell me how to decide the
MTU
in a IM driver?
Thax!
Anthony
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Thank you very much for your hints.
In fact, I have achieved it in PASSTHRU.
But now I am trying to use the FAKE PROTOCOL trick. I can’t work it out. To
be exact, I can’t call NdisQuery to set OID_GEN_MAXIMUM_FRAME_SIZE . It
always returns failure.
If it’s true, I have to edit the registy. Anyway this works well.
Anthony
“Bryan Burgin” ??? news:xxxxx@ntdev…
Anthony,
Instead of hooking NDIS functions by registering fake protocols and
walking undocumented structures, I would suggest that you begin by using
the PASSTHRU sample in the DDK.
Then, you would monitor the various size OIDs (MAX_FRAME_SIZE, etc) in
the NdisRequest code path as they pass back from the miniport to the
upper protocols and modify the size on the way up.
Bryan S. Burgin
xxxxx@microsoft.com
This posting is provided “AS IS” with no warranties, and confers no
rights.
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Anthony
Sent: Thursday, July 10, 2003 9:04 PM
To: NT Developers Interest List
Subject: [ntdev] How to modify MTU in NDIS driver?
Hello all,
Recently, I am programming a firewall for fun in windows XP. In my
driver, I register a fake protocol then I hook some NDIS funcs to my
hanle
funcs.
But I can’t hook the function which handle(set) MTU.
Could you give me some hints? or Could you tell me how to decide the
MTU
in a IM driver?
Thax!
Anthony
—
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
NdisRequest path for OID_GEN_MAXIMUM_FRAME_SIZE.
----- Original Message -----
From: “Anthony”
Newsgroups: ntdev
To: “NT Developers Interest List”
Sent: Friday, July 11, 2003 8:03 AM
Subject: [ntdev] How to modify MTU in NDIS driver?
> Hello all,
>
> Recently, I am programming a firewall for fun in windows XP. In
my
> driver, I register a fake protocol then I hook some NDIS funcs to my
hanle
> funcs.
>
> But I can’t hook the function which handle(set) MTU.
>
> Could you give me some hints? or Could you tell me how to decide
the MTU
> in a IM driver?
>
> Thax!
>
> Anthony
>
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to
xxxxx@lists.osr.com
You don’t need to call NdisQuery. Instead, you have to filter and change
OID_GEN_MAXIMUM_FRAME_SIZE and OID_GEN_MAXIMUM_TOTAL_SIZE.
Also, Bryan is right and you should use standard and documented NDIS filter
instead. Personally, I don’t undestand why to use dirty tricks which give no
real advantage. Hooking has a point at w9x and maybe at NT4 to avoid
installation problems but at w2k and above, installation is easy.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
From: xxxxx@hotmail.com[SMTP:xxxxx@hotmail.com]
Reply To: xxxxx@lists.osr.com
Sent: Friday, July 11, 2003 7:23 AM
To: xxxxx@lists.osr.com
Subject: [ntdev] Re: How to modify MTU in NDIS driver?Thank you very much for your hints.
In fact, I have achieved it in PASSTHRU.
But now I am trying to use the FAKE PROTOCOL trick. I can’t work it out.
To
be exact, I can’t call NdisQuery to set OID_GEN_MAXIMUM_FRAME_SIZE . It
always returns failure.If it’s true, I have to edit the registy. Anyway this works well.
Anthony
“Bryan Burgin” ??? news:xxxxx@ntdev…
>
> Anthony,
>
> Instead of hooking NDIS functions by registering fake protocols and
> walking undocumented structures, I would suggest that you begin by using
> the PASSTHRU sample in the DDK.
>
> Then, you would monitor the various size OIDs (MAX_FRAME_SIZE, etc) in
> the NdisRequest code path as they pass back from the miniport to the
> upper protocols and modify the size on the way up.
>
> Bryan S. Burgin
> xxxxx@microsoft.com
>
> This posting is provided “AS IS” with no warranties, and confers no
> rights.
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Anthony
> Sent: Thursday, July 10, 2003 9:04 PM
> To: NT Developers Interest List
> Subject: [ntdev] How to modify MTU in NDIS driver?
>
> Hello all,
>
> Recently, I am programming a firewall for fun in windows XP. In my
> driver, I register a fake protocol then I hook some NDIS funcs to my
> hanle
> funcs.
>
> But I can’t hook the function which handle(set) MTU.
>
> Could you give me some hints? or Could you tell me how to decide the
> MTU
> in a IM driver?
>
> Thax!
>
> Anthony
>
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@microsoft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
>
>
>
>
> —
> You are currently subscribed to ntdev as: michal.vodicka@st.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
Hello Michal,
Thanks!
If I use standard IMD technology, I have to design my driver in each os
one by one, but if I use HOOK technology, I can build a model then apply it
to all the windows os. I think this can save me a lot of time.
Anthony
“Michal Vodicka” дÈëÓʼþ news:xxxxx@ntdev…
>
> You don’t need to call NdisQuery. Instead, you have to filter and change
> OID_GEN_MAXIMUM_FRAME_SIZE and OID_GEN_MAXIMUM_TOTAL_SIZE.
>
> Also, Bryan is right and you should use standard and documented NDIS
filter
> instead. Personally, I don’t undestand why to use dirty tricks which give
no
> real advantage. Hooking has a point at w9x and maybe at NT4 to avoid
> installation problems but at w2k and above, installation is easy.
>
> Best regards,
>
> Michal Vodicka
> STMicroelectronics Design and Application s.r.o.
> [michal.vodicka@st.com, http:://www.st.com]
>
> > ----------
> > From: xxxxx@hotmail.com[SMTP:xxxxx@hotmail.com]
> > Reply To: xxxxx@lists.osr.com
> > Sent: Friday, July 11, 2003 7:23 AM
> > To: xxxxx@lists.osr.com
> > Subject: [ntdev] Re: How to modify MTU in NDIS driver?
> >
> > Thank you very much for your hints.
> >
> > In fact, I have achieved it in PASSTHRU.
> >
> > But now I am trying to use the FAKE PROTOCOL trick. I can’t work it out.
> > To
> > be exact, I can’t call NdisQuery to set OID_GEN_MAXIMUM_FRAME_SIZE . It
> > always returns failure.
> >
> > If it’s true, I have to edit the registy. Anyway this works well.
> >
> > Anthony
> >
> >
> > “Bryan Burgin” ??? news:xxxxx@ntdev…
> >
> > Anthony,
> >
> > Instead of hooking NDIS functions by registering fake protocols and
> > walking undocumented structures, I would suggest that you begin by using
> > the PASSTHRU sample in the DDK.
> >
> > Then, you would monitor the various size OIDs (MAX_FRAME_SIZE, etc) in
> > the NdisRequest code path as they pass back from the miniport to the
> > upper protocols and modify the size on the way up.
> >
> > Bryan S. Burgin
> > xxxxx@microsoft.com
> >
> > This posting is provided “AS IS” with no warranties, and confers no
> > rights.
> >
> >
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of Anthony
> > Sent: Thursday, July 10, 2003 9:04 PM
> > To: NT Developers Interest List
> > Subject: [ntdev] How to modify MTU in NDIS driver?
> >
> > Hello all,
> >
> > Recently, I am programming a firewall for fun in windows XP. In my
> > driver, I register a fake protocol then I hook some NDIS funcs to my
> > hanle
> > funcs.
> >
> > But I can’t hook the function which handle(set) MTU.
> >
> > Could you give me some hints? or Could you tell me how to decide the
> > MTU
> > in a IM driver?
> >
> > Thax!
> >
> > Anthony
> >
> >
> >
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@microsoft.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
> >
> >
> >
> >
> >
> >
> >
> > —
> > You are currently subscribed to ntdev as: michal.vodicka@st.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
> >
>
>
>
On Sat, 2003-07-12 at 01:41, Anthony wrote:
If I use standard IMD technology, I have to design my driver in each os
one by one, but if I use HOOK technology, I can build a model then apply it
to all the windows os. I think this can save me a lot of time.
We have a firewall that’s an IM driver on 2k/xp and a hook on 9x. We
use the same filtering engine on both and don’t find it to be a
maintenance headache. Besides, hooking in 9x and nt aren’t the same so
you have some per-os code anyway.
-sd
To some extent, it’s pretty right. I can use the differnt build environment
of windows 2003 to build 2000/XP/2003 one by one. It is the most efficient
way :>
But my question is that I really want to control MTU in a hooked driver not
in a IMD. I am not a caviler, butI am only interested in it.
Anthony
“Steve Dispensa” дÈëÓʼþ
news:xxxxx@ntdev…
>
> On Sat, 2003-07-12 at 01:41, Anthony wrote:
> > If I use standard IMD technology, I have to design my driver in each
os
> > one by one, but if I use HOOK technology, I can build a model then apply
it
> > to all the windows os. I think this can save me a lot of time.
>
> We have a firewall that’s an IM driver on 2k/xp and a hook on 9x. We
> use the same filtering engine on both and don’t find it to be a
> maintenance headache. Besides, hooking in 9x and nt aren’t the same so
> you have some per-os code anyway.
>
> -sd
>
>
>
>
>
> ----------
From:
xxxxx@positivenetworks.net[SMTP:xxxxx@positivenetworks.net]
Reply To: xxxxx@lists.osr.com
Sent: Monday, July 14, 2003 9:12 PM
To: xxxxx@lists.osr.com
Subject: [ntdev] Re: How to modify MTU in NDIS driver?On Sat, 2003-07-12 at 01:41, Anthony wrote:
> If I use standard IMD technology, I have to design my driver in each
os
> one by one, but if I use HOOK technology, I can build a model then apply
it
> to all the windows os. I think this can save me a lot of time.We have a firewall that’s an IM driver on 2k/xp and a hook on 9x. We
use the same filtering engine on both and don’t find it to be a
maintenance headache. Besides, hooking in 9x and nt aren’t the same so
you have some per-os code anyway.
Yes, I used the same approach for encryption drivers. For w9x hooking is
necessary especially when PPP adapters have to be filtered. For w2k and
above there is no good reason.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
> ----------
From: xxxxx@hotmail.com[SMTP:xxxxx@hotmail.com]
Reply To: xxxxx@lists.osr.com
Sent: Tuesday, July 15, 2003 4:14 AM
To: xxxxx@lists.osr.com
Subject: [ntdev] Re: How to modify MTU in NDIS driver?But my question is that I really want to control MTU in a hooked driver
not
in a IMD. I am not a caviler, butI am only interested in it.
The same way as in IM driver. Hook driver should filter all NDIS requests if
implemented correctly. Correct hook driver is functionally equivalent to IM
/ filter driver, that’s why I see no reason to use it.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
Hello Michal
What you said is pretty right.
I use “Fake Protocol” Hook trick. By this way, I can not get the
MiniPortQueryInformation handle, so I can’t get any chance to modify MTU in
my hooked driver.
If I call NdisRequest to try to do it in my driver, it always return
failure.
Any hints?
Anthony
“Michal Vodicka” дÈëÓʼþ news:xxxxx@ntdev…
>
> > ----------
> > From: xxxxx@hotmail.com[SMTP:xxxxx@hotmail.com]
> > Reply To: xxxxx@lists.osr.com
> > Sent: Tuesday, July 15, 2003 4:14 AM
> > To: xxxxx@lists.osr.com
> > Subject: [ntdev] Re: How to modify MTU in NDIS driver?
> >
> > But my question is that I really want to control MTU in a hooked driver
> > not
> > in a IMD. I am not a caviler, butI am only interested in it.
> >
> The same way as in IM driver. Hook driver should filter all NDIS requests
if
> implemented correctly. Correct hook driver is functionally equivalent to
IM
> / filter driver, that’s why I see no reason to use it.
>
> Best regards,
>
> Michal Vodicka
> STMicroelectronics Design and Application s.r.o.
> [michal.vodicka@st.com, http:://www.st.com]
>
>
>
>
>
>
>