No more kernel mode Route Table access in Vista?

The CompuWare DriverNetworks KRoutingTable code is broken on Vista. When it goes to actually query the routing table, it gets a return status of STATUS_NOT_IMPLEMENTED. I have also tried the code from the following site:

http://borland.xportal.ru/forum/viewtopic.php?t=12828&start=6

…which does a similar thing (building a MIB-like TCP query and sending it into the stack), and I get the same return status.

I’m guessing that the new TDI translation layer doesn’t support these new querys. And so looking over the WSX docs, I see nothing that would let me query or manipulate the route table. After a bit of sleuthing with the Windbg symbols, I found that tcpip!IppGetNextRoute is called in response to “route print” on the command line, via an ioctl call against \device\nsi.

Has anyone else run into this? Even better, anyone got a fix?

Or is the Vista kernel less functional than what came before it?

David Yon
Tactical Software

wrote in message news:xxxxx@ntdev…
> The CompuWare DriverNetworks KRoutingTable code is broken on Vista. When
> it goes to actually query the routing table, it gets a return status of
> STATUS_NOT_IMPLEMENTED. I have also tried the code from the following
> site:
>
> http://borland.xportal.ru/forum/viewtopic.php?t=12828&start=6
>
> …which does a similar thing (building a MIB-like TCP query and sending
> it into the stack), and I get the same return status.
>
> I’m guessing that the new TDI translation layer doesn’t support these new
> querys. And so looking over the WSX docs, I see nothing that would let me
> query or manipulate the route table. After a bit of sleuthing with the
> Windbg symbols, I found that tcpip!IppGetNextRoute is called in response
> to “route print” on the command line, via an ioctl call against
> \device\nsi.
>
> Has anyone else run into this? Even better, anyone got a fix?
>
> Or is the Vista kernel less functional than what came before it?
>
> David Yon
> Tactical Software
>
>
>

Look in the inc\api folder at the functions declared in the NETIOAPI.h
header. These are “intended” to be kernel-mode versions of the user-mode IP
Helper functions. Perhaps they will be sufficient to help you. I don’t think
the documentation for these functions has been included in the WDK Help yet,
but they should be easy to follow.

I wish MS had not tried to make a shim for TDI on Vista. It is not complete
and has some different behaviors. Despite the proliferation of “nifty” new
kernel-mode networking APIs, there are some things that were simpler (and
achievable) on pre-Vista that seem to be more difficult on Vista.

Hope this helps,

Thomas F. Divine, Windows DDK MVP
http://www.pcausa.com