Hello,
I m doing a “NDIS Protocol Driver” The goes well with LAN adapters
Cards, but when I use it on WAN adapters (like modems or others )The
only filter type working
is The" PACKET_TYPE_DIRECTED" only incoming IP packets are received !
if I use PACKET_TYPE_PROMISCUOUS or PACKET_TYPE_ALL_LOCAL with
OID_GEN_PACKET_FILTER and NdisRequest ! all the Wan IP Packets are blocked !
Have you any ideas ?
Thanks in advance !
If you are binding to ndiswan, you should know that it exports an
ethernet interface.
I’m thinking that not all filter types are supported by ndiswan and/or
the layer 2 medium.
Regisseur wrote:
Hello,
I m doing a “NDIS Protocol Driver” The goes well with LAN adapters
Cards, but when I use it on WAN adapters (like modems or others )The
only filter type working
is The" PACKET_TYPE_DIRECTED" only incoming IP packets are received !
if I use PACKET_TYPE_PROMISCUOUS or PACKET_TYPE_ALL_LOCAL with
OID_GEN_PACKET_FILTER and NdisRequest ! all the Wan IP Packets are
blocked !Have you any ideas ?
Thanks in advance !
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256You are currently subscribed to ntdev as: xxxxx@bitdefender.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
–
Ignorance more frequently begets confidence than does knowledge.
— Charles Darwin
–
This message was scanned for spam and viruses by BitDefender.
For more information please visit http://linux.bitdefender.com/
Regisseur a écrit :
Hello,
I m doing a “NDIS Protocol Driver” The goes well with LAN adapters
Cards, but when I use it on WAN adapters (like modems or others )The
only filter type working
is The" PACKET_TYPE_DIRECTED" only incoming IP packets are received !
if I use PACKET_TYPE_PROMISCUOUS or PACKET_TYPE_ALL_LOCAL with
OID_GEN_PACKET_FILTER and NdisRequest ! all the Wan IP Packets are
blocked !Have you any ideas ?
Thanks in advance !
Could you be more explicit ?
Thanks !
As was noted in a previous post, if you are interested in IP packets, you
mut bind to the virtual 802.3 miniport created by NDISWAN for that purpose.
You should not try to bind to any “NDIS WAN Miniports” (I really do mean to
highlight here the difference between an NDIS WAN Miniport and the virtual
miniports created by NDISWAN).
An NDIS WAN Miniport is a special kind of Miniport that pre-dates the
Connection Oriented NDIS (CoNDIS) support in NDIS5. It was a ‘mid-step’
towards connection support in NDIS to accomodate ISDN boards, etc. in the
RASWAN (and then NDISWAN) world. They only thing that should be bound to a
NDIS WAN Miniport is the ‘protocol’ NDISWAN (RASWAN). NDISWAN is actually a
‘mux’ intermediate driver that creates a number of virtual miniports at its
upper edge.
If you look at the INF files for 2K or XP you will see that the miniports
created have a upper binding class of ndiswanip and not ndis5. To bind to
(virtual) adapters that handle IP traffic via NDISWAN, you must include
ndiswanip in your lower bind class list. Do not include ndiswan in the
lower bind class list since you will get some pretty unusual stuff (and will
likely crash the system). You will find that a tool like BindView from the
DDK samples is invaluable.
I too have written a protocol driver quite recently which endeavors to
monitor all IP traffic on WAN connections. It enabled the Promiscuous Mode
of the packet filter on NDISWAN IP miniports and works just fine. One thing
that you might make sure of is that you are asking to set the packet filter
to NDIS_PACKET_TYPE_PROMISCUOUS only and not trying to enable a bunch of
other bits as well.
Good Luck,
Dave Cattley
Consulting Engineer
Systems Software Development
“Regisseur” wrote in message news:xxxxx@ntdev…
> Hello,
>
> I m doing a “NDIS Protocol Driver” The goes well with LAN adapters
> Cards, but when I use it on WAN adapters (like modems or others )The only
> filter type working
> is The" PACKET_TYPE_DIRECTED" only incoming IP packets are received !
> if I use PACKET_TYPE_PROMISCUOUS or PACKET_TYPE_ALL_LOCAL with
> OID_GEN_PACKET_FILTER and NdisRequest ! all the Wan IP Packets are blocked
> !
>
> Have you any ideas ?
> Thanks in advance !
>
Thanks for the help !
I’ll try , perhaps have you some source codes lines for example to
complete
the explanation I’ll enjoy it !
Jean-Christophe Flachet
David R. Cattley a écrit :
As was noted in a previous post, if you are interested in IP packets, you
mut bind to the virtual 802.3 miniport created by NDISWAN for that purpose.
You should not try to bind to any “NDIS WAN Miniports” (I really do mean to
highlight here the difference between an NDIS WAN Miniport and the virtual
miniports created by NDISWAN).An NDIS WAN Miniport is a special kind of Miniport that pre-dates the
Connection Oriented NDIS (CoNDIS) support in NDIS5. It was a ‘mid-step’
towards connection support in NDIS to accomodate ISDN boards, etc. in the
RASWAN (and then NDISWAN) world. They only thing that should be bound to a
NDIS WAN Miniport is the ‘protocol’ NDISWAN (RASWAN). NDISWAN is actually a
‘mux’ intermediate driver that creates a number of virtual miniports at its
upper edge.If you look at the INF files for 2K or XP you will see that the miniports
created have a upper binding class of ndiswanip and not ndis5. To bind to
(virtual) adapters that handle IP traffic via NDISWAN, you must include
ndiswanip in your lower bind class list. Do not include ndiswan in the
lower bind class list since you will get some pretty unusual stuff (and will
likely crash the system). You will find that a tool like BindView from the
DDK samples is invaluable.I too have written a protocol driver quite recently which endeavors to
monitor all IP traffic on WAN connections. It enabled the Promiscuous Mode
of the packet filter on NDISWAN IP miniports and works just fine. One thing
that you might make sure of is that you are asking to set the packet filter
to NDIS_PACKET_TYPE_PROMISCUOUS only and not trying to enable a bunch of
other bits as well.Good Luck,
Dave Cattley
Consulting Engineer
Systems Software Development“Regisseur” wrote in message news:xxxxx@ntdev…
>
>
>>Hello,
>>
>>I m doing a “NDIS Protocol Driver” The goes well with LAN adapters
>>Cards, but when I use it on WAN adapters (like modems or others )The only
>>filter type working
>> is The" PACKET_TYPE_DIRECTED" only incoming IP packets are received !
>>if I use PACKET_TYPE_PROMISCUOUS or PACKET_TYPE_ALL_LOCAL with
>>OID_GEN_PACKET_FILTER and NdisRequest ! all the Wan IP Packets are blocked
>>!
>>
>>Have you any ideas ?
>>Thanks in advance !
>>
>>
>>
>
>
>
>—
>Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@kerdi.net
>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
>
Hello !
How to recognize this virtual 802.3 Ethernet device that Ndiswan
create , has it a universal Class Guid on every Machines
in Win32k , WinNet … XP ???
Jean-Christophe !.
David R. Cattley a écrit :
As was noted in a previous post, if you are interested in IP packets, you
mut bind to the virtual 802.3 miniport created by NDISWAN for that purpose.
You should not try to bind to any “NDIS WAN Miniports” (I really do mean to
highlight here the difference between an NDIS WAN Miniport and the virtual
miniports created by NDISWAN).An NDIS WAN Miniport is a special kind of Miniport that pre-dates the
Connection Oriented NDIS (CoNDIS) support in NDIS5. It was a ‘mid-step’
towards connection support in NDIS to accomodate ISDN boards, etc. in the
RASWAN (and then NDISWAN) world. They only thing that should be bound to a
NDIS WAN Miniport is the ‘protocol’ NDISWAN (RASWAN). NDISWAN is actually a
‘mux’ intermediate driver that creates a number of virtual miniports at its
upper edge.If you look at the INF files for 2K or XP you will see that the miniports
created have a upper binding class of ndiswanip and not ndis5. To bind to
(virtual) adapters that handle IP traffic via NDISWAN, you must include
ndiswanip in your lower bind class list. Do not include ndiswan in the
lower bind class list since you will get some pretty unusual stuff (and will
likely crash the system). You will find that a tool like BindView from the
DDK samples is invaluable.I too have written a protocol driver quite recently which endeavors to
monitor all IP traffic on WAN connections. It enabled the Promiscuous Mode
of the packet filter on NDISWAN IP miniports and works just fine. One thing
that you might make sure of is that you are asking to set the packet filter
to NDIS_PACKET_TYPE_PROMISCUOUS only and not trying to enable a bunch of
other bits as well.Good Luck,
Dave Cattley
Consulting Engineer
Systems Software Development“Regisseur” wrote in message news:xxxxx@ntdev…
>
>
>>Hello,
>>
>>I m doing a “NDIS Protocol Driver” The goes well with LAN adapters
>>Cards, but when I use it on WAN adapters (like modems or others )The only
>>filter type working
>> is The" PACKET_TYPE_DIRECTED" only incoming IP packets are received !
>>if I use PACKET_TYPE_PROMISCUOUS or PACKET_TYPE_ALL_LOCAL with
>>OID_GEN_PACKET_FILTER and NdisRequest ! all the Wan IP Packets are blocked
>>!
>>
>>Have you any ideas ?
>>Thanks in advance !
>>
>>
>>
>
>
>
>—
>Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@kerdi.net
>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
>