Hi!
How i can obtain IP address of netcard in my driver
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
My first thought is: Why? Your network card driver shouldn’t care about
what its IP address is, or even if it has an IP address. This is seriously
mixing the layers of the network stack. Do you have a really good reason
for wanting to do this?
Greg
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of hello
Sent: Wednesday, February 13, 2002 4:34 AM
To: NT Developers Interest List
Subject: [ntdev] Ip address of netcard
Hi!
How i can obtain IP address of netcard in my driver
You are currently subscribed to ntdev as: xxxxx@pdq.net
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
What kind of driver are you writing and why do you need the IP addresses
associated with the interface?
If you are writing a NDIS Intermediate (IM) driver you can always examine
and track the source IP address of packets that are being sent; these would
be the IP addresses of the interface. Understand and code for the case where
each interface has more then one IP address.
Regards,
Thomas F. Divine
PCAUSA - Tools & Resources For Network Software Developers
NDIS Protocol/Intermediate/Hooking - TDI Client/Filter
http: - http:
“hello” wrote in message news:xxxxx@ntdev…
>
> Hi!
> How i can obtain IP address of netcard in my driver
>
>
> —
> You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
> To unsubscribe send a blank email to
leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>
>
—
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</http:></http:>
I was about to say exactly what you say. I am under the impression
that during the last one or two years, people more and more “mix” the
tasks of the several (well-defined!) network layers.
For instance, some guy recently said he is implementing a firewall in
his NIC driver - not actually a bit of the right place, IMHO.
NIC drivers send and receive frames (not “packets”!). They do not
(need to) know anything about protocols. Thus, they do not (need to)
know about what “IP” is or what an “IP address” is.
In contrast, IP does not (need to) know anything about MAC addresses.
ARP is the guy who needs to know both MAC and IP address formats and
how to map one to the other.
Get yourself a copy of:
“The Switch Book: The Complete Guide to LAN Switching Technology”
by Rich Seifert. You’ll learn a lot - and it’s fun also! (Rich loves
to make jokes all over the place.)
You haven’t read this book? Better don’t write network drivers!
Just my two cents,
Stephan
On Wed, 13 Feb 2002 08:21:49 -0600, “Gregory G. Dyess”
wrote:
>
>My first thought is: Why? Your network card driver shouldn’t care about
>what its IP address is, or even if it has an IP address. This is seriously
>mixing the layers of the network stack. Do you have a really good reason
>for wanting to do this?
>
>Greg
>
>-----Original Message-----
>From: xxxxx@lists.osr.com
>[mailto:xxxxx@lists.osr.com]On Behalf Of hello
>Sent: Wednesday, February 13, 2002 4:34 AM
>To: NT Developers Interest List
>Subject: [ntdev] Ip address of netcard
>
>
>Hi!
>How i can obtain IP address of netcard in my driver
—
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
> ----------
From: xxxxx@hotmail.com[SMTP:xxxxx@hotmail.com]
Reply To: xxxxx@lists.osr.com
Sent: Wednesday, February 13, 2002 7:02 PM
To: xxxxx@lists.osr.com
Subject: [ntdev] Re: Ip address of netcardI was about to say exactly what you say. I am under the impression
that during the last one or two years, people more and more “mix” the
tasks of the several (well-defined!) network layers.For instance, some guy recently said he is implementing a firewall in
his NIC driver - not actually a bit of the right place, IMHO.
I agree but where is the right place for packet filtering firewall? It needs
to examine raw packets and also have to apply filtering rules related to
above layers’ details as IP addresses. Also, it have to protect above layers
against malicious attacks so the best place is between NIC and protocol
drivers i.e NDIS IM or filter drivers for NT. Maybe it doesn’t fit to
network layer model well but it solves real world problems which IMHO aren’t
considered in this model.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
I think it should be something like this in a *designated* firewall
machine:
NIC1 -> protocol -> firewall -> protocol -> NIC2
Now if you have a “client” in the same machine, I think it should be
something like:
NIC1 -> protocol -> firewall -> protocol -“loopback”-> protocol -> app
Stephan
On Wed, 13 Feb 2002 21:06:52 +0100, Michal Vodicka
wrote:
>
>> ----------
>> From: xxxxx@hotmail.com[SMTP:xxxxx@hotmail.com]
>> Reply To: xxxxx@lists.osr.com
>> Sent: Wednesday, February 13, 2002 7:02 PM
>> To: xxxxx@lists.osr.com
>> Subject: [ntdev] Re: Ip address of netcard
>>
>> I was about to say exactly what you say. I am under the impression
>> that during the last one or two years, people more and more “mix” the
>> tasks of the several (well-defined!) network layers.
>>
>> For instance, some guy recently said he is implementing a firewall in
>> his NIC driver - not actually a bit of the right place, IMHO.
>>
>I agree but where is the right place for packet filtering firewall? It needs
>to examine raw packets and also have to apply filtering rules related to
>above layers’ details as IP addresses. Also, it have to protect above layers
>against malicious attacks so the best place is between NIC and protocol
>drivers i.e NDIS IM or filter drivers for NT. Maybe it doesn’t fit to
>network layer model well but it solves real world problems which IMHO aren’t
>considered in this model.
>
>Best regards,
>
>Michal Vodicka
>STMicroelectronics Design and Application s.r.o.
>[michal.vodicka@st.com, http:://www.st.com]
—
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
> ----------
From: xxxxx@hotmail.com[SMTP:xxxxx@hotmail.com]
Reply To: xxxxx@lists.osr.com
Sent: Wednesday, February 13, 2002 10:57 PM
To: xxxxx@lists.osr.com
Subject: [ntdev] Re: Ip address of netcardI think it should be something like this in a *designated* firewall
machine:NIC1 -> protocol -> firewall -> protocol -> NIC2
I would agree.
Now if you have a “client” in the same machine, I think it should be
something like:NIC1 -> protocol -> firewall -> protocol -“loopback”-> protocol -> app
This is ideal world solution; yes, I would prefer it (there is a
disadvantage: one firewall per protocol is necessary). It seems as (or at
least is similar) w2k+ filter hooks are implemented. Now see what XP DDK
says:
It is not recommended to implement a firewall-hook driver (or firewall
driver) for Microsoft? Windows? XP and later versions of the operating
system.
…
A firewall-hook driver did not meet firewall requirements because it ran too
high in the network stack.
…
To provide firewall functionality on Windows XP and later, you should create
an NDIS intermediate miniport driver to manage packets sent and received
across a firewall.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
Well, well, well. Do as you like and get things running. I’m not a
firewall expert.
Stephan
On Wed, 13 Feb 2002 23:55:06 +0100, Michal Vodicka
wrote:
[snip]
>It is not recommended to implement a firewall-hook driver (or firewall
>driver) for Microsoft=AE Windows=AE XP and later versions of the =
>operating
>system.=20
>…
>A firewall-hook driver did not meet firewall requirements because it =
>ran too
>high in the network stack.
>…
>To provide firewall functionality on Windows XP and later, you should =
>create
>an NDIS intermediate miniport driver to manage packets sent and =
>received
>across a firewall.
>
>Best regards,
>
>Michal Vodicka
>STMicroelectronics Design and Application s.r.o.
>[michal.vodicka@st.com, http:://www.st.com]
—
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com