(Q1) I’m tring to make TDI filter driver based on file monitoring driver for Windows 2000.
At IRP_MJ_CREATE, I got the source IP address in “Irp->AssociatedIrp.SystemBuffer” but source port isn’t correct yet. I don’t know where transport address information is on the other dispatch routine. Where can I get the correct IP address and port informaton?
(Q2) I want to find what application tring to use internet in Windows 2000 and Windows 9x. I decided to research TDI filter driver for that. But I don’t know the other more better way to find it. If it is, pls teachl me the way…
b???.???????&?v?'?ׯj?.n?Qyȩf??]?:.?˛???m??֛???zf???%y?ޞ?^?˛??^r*Lzfެ?
???l??ܢ