Hi,
The purpose of this is somehow small with regards to its original scope. The
main purpose is a module that will be able to filter traffic on some
criterion and to be able to redirect some packets that match some filters.
Can I have a packet reconstruction (for the redirecting part) in another
part than IM driver?
Regards,
PS: I figured out that I sent the mail to the wrong list (ntfds) only
seconds after it went out, that is why I sent a copy of it in this list, to
be continued here. Sorry for the inconvenience
On Thu, Apr 23, 2009 at 10:06 AM, Skywing wrote:
> This is not really the ideal place to layer in for that sort of data. The
> URL being browsed to is at a completely different level of abstraction than
> an IM driver. All you will see are hardware frames which may bear things
> like DNS queries over UDP, or HTTP requests over TCP.
>
> Figuring this sort of data out isn’t best done directly from an IM driver
> itself directly as you have an enormous amount of state to track
> (essentially reimplementing TCP + HTTP, and you’re a bit in trouble with
> HTTP/1.0). And, of course, you’re wholly sunk when HTTPS comes into play.
>
> What is the ultimate goal here? Some sort of transparent proxy / filter for
> HTTP traffic?
>
>
>
> - S
>
>
>
> From: xxxxx@lists.osr.com [mailto:
> xxxxx@lists.osr.com] *On Behalf Of *Bogdan Hruban
> Sent: Wednesday, April 22, 2009 11:42 PM
> To: Windows File Systems Devs Interest List
> Subject: [ntfsd] NDIS get destination address
>
>
>
> Hi,
>
> I have started from the DDK passthru sample and written an additional
> module that will store some statistical data related to the network traffic
> that is done. I can get the source and target IP addresses but, in case that
> a browser has been used, I need to get the address that was given for
> browsing. (eq. www.google.com).
> Is there any way that I can do this without reading the packet data? And if
> not, is there an additional header (beside the ip one) in which it is
> specified the size of the link (in my case)?
> I am also opened to other solutions that my result in the same outcome. 
>
> Regards,
> –
> Bogdan Hruban
>
> Mobile : +40-746-056045
> Email : xxxxx@gmail.com; xxxxx@yahoo.com
> Yahoo : bogdan_hruban
> Skype : bogdan_hruban
> Jabber : xxxxx@gmail.com
>
> — NTFSD is sponsored by OSR For our schedule of debugging and file system
> seminars (including our new fs mini-filter seminar) visit:
> http://www.osr.com/seminars To unsubscribe, visit the List Server section
> of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars
> (including our new fs mini-filter seminar) visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
Bogdan Hruban
Mobile : +40-746-056045
Email : xxxxx@gmail.com; xxxxx@yahoo.com
Yahoo : bogdan_hruban
Skype : bogdan_hruban
Jabber : xxxxx@gmail.com