where to find TCP header details in TDI Filter driver

Hi, all.
I am so confused by TDI. Assume one process want to establish a connection to remote
node, in which TDI ioctl request we could find the tcp header details such as SYN bit?

please help me

brucie

There are two parts to the TDI API:

1.) The parts of the API that are documented in the Windows DDK. When TDI is used with TCP or UDP the functionality provided by this API is sufficient to allow kernel-mode drivers to perform “ordinary” TCP and UPD operations. Although the API is implemented differently then the user-mode Winsock API, the Microsoft-documented kernel-mode TDI API is NOT a magic API that provides magic or privileged access to information maintained internally within the TCP/IP kernel-mode driver.

For all practical purposes: If you can’t access the information in user-mode using Winsock, then you are unlikely to find a Microsoft-documented way to access the information using TDI.

2.) There are undocumented (or only partially documented) interfaces to TDI called “TCP Extensions To TDI”. Microsoft can use those to do whatever they want. The rest of us don’t have a clue…

I don’t think that you (or I…) will find a way to use TDI to directly manipulate the SYN bit. It’s in Bill’s hands.

If any guru’s out there have better news for Brucie (or me, for that matter), please let us know.

Regards,

Thomas F. Divine

PCAUSA - Tools & Resources For Network Software Developers
NDIS Protocol/Intermediate/Hooking - TDI Client/Filter
http: - http:

“brucie” wrote in message news:xxxxx@ntdev…
Hi, all.
I am so confused by TDI. Assume one process want to establish a connection to remote
node, in which TDI ioctl request we could find the tcp header details such as SYN bit?

please help me

brucie</http:></http:>

Hi, brucie.

TCP packet details are below TDI. The communications between kernel
network components the next:

TDI client -> TDI driver + NDIS client -> NDIS driver

In case of TCP/IP tcpip.sys is driver which “converts” TDI request to
network packets. You must be between tcpip.sys and NDIS to get network
packet’s data such as TCP header etc.

But in case of using RawIp you can get whole packets with headers sent or
received via raw sockets.

vlad-ntdev

Hi, all.
I am so confused by TDI. Assume one process want to establish a
connection to remote
node, in which TDI ioctl request we could find the tcp header details
such as SYN bit?

please help me

brucie

You will not see TCP headers in TDI client.
Send TDI_CONNECT IRP to the just-created connection file object for connect() semantics.

Max

----- Original Message -----
From: brucie
To: NT Developers Interest List
Sent: Tuesday, March 12, 2002 9:43 PM
Subject: [ntdev] where to find TCP header details in TDI Filter driver

Hi, all.
I am so confused by TDI. Assume one process want to establish a connection to remote
node, in which TDI ioctl request we could find the tcp header details such as SYN bit?

please help me

brucie

b??箷????vڵ?j??)???i??d??{.n???zwZnV??隊[h???z{]z?x?yb??(??(

>2.) There are undocumented (or only partially documented) interfaces to TDI called "TCP

Extensions To TDI".

IIRC these ones provide the functionality of get/setsockopt with IPPROTO_xxx levels.

Max