Question: Finding out process a packet belongs to

Hi All,

Is it possible to find out the process ID of a process doing network IO in
an NDIS Intermediate Driver? (in which thread context are NDIS IM routines
called???)

If yes please tell me how???

thanks in advance

regards
johnny


Do You Yahoo!?

Get your free @yahoo.com address at http://mail.yahoo.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You certainly can’t associate received packets with the (as yet
undetermined) process destined to consume it.

The same goes for packets being sent.

AFAIK to lowest place in the network stack where process information has any
possible meaning is the kernel-mode TCP/IP driver. For example, you CAN
write a TDI Filter above “\Device\Tcp” and “\Device\Udp” and associate TDI
address objects with the process that opens them.

Good luck,

Thomas F. Divine

PCAUSA - Toolkits & Resources For Network Software Developers
NDIS Protocol - NDIS Intermediate - TDI Client
http: - http:

----- Original Message -----
From: “Johnny Habibi”
To: “NT Developers Interest List”
Sent: Wednesday, June 13, 2001 12:28 PM
Subject: [ntdev] Question: Finding out process a packet belongs to

> Hi All,
>
> Is it possible to find out the process ID of a process doing network IO in
> an NDIS Intermediate Driver? (in which thread context are NDIS IM routines
> called???)
>
> If yes please tell me how???
>
> thanks in advance
>
> regards
> johnny
>
>
>
> _________________________________________________________
>
> Do You Yahoo!?
>
> Get your free @yahoo.com address at http://mail.yahoo.com
>
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@pcausa.com
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</http:></http:>