Wireshark mailing list archives
Re: Npcap 0.03 call for test
From: Yang Luo <hsluoyb () gmail com>
Date: Tue, 4 Aug 2015 10:11:34 +0800
Hi Pascal, On Tue, Aug 4, 2015 at 5:19 AM, Pascal Quantin <pascal.quantin () gmail com> wrote:
Hi Yang, the page https://msdn.microsoft.com/en-us/library/windows/hardware/ff549954%28v=vs.85%29.aspx suggests that: "Before the driver calls *NdisFOidRequest*, the driver must allocate an *NDIS_OID_REQUEST* <https://msdn.microsoft.com/en-us/library/windows/hardware/ff566710%28v=vs.85%29.aspx> structure and transfer the request information to the new structure by calling *NdisAllocateCloneOidRequest* <https://msdn.microsoft.com/en-us/library/windows/hardware/ff560706%28v=vs.85%29.aspx>. As an option, a filter driver can complete a request immediately without forwarding the request."
This page is related to *FilterOidRequest* routine, in Npcap is the *NPF_OidRequest* function in Openclos.c, in this function *NdisAllocateCloneOidRequest* is called.
When looking at your code, you seem to use directly an array entry in OPEN_INSTANCE structure (or at least that's the feeling it gives). Something missed when porting the code from NDIS5 to NDIS6? This is properly done in NPF_OidRequest() function.
In NPF_GetDeviceMTU or NPF_IoControl routine, Npcap will originate its own OID requests, so no need to call *NdisAllocateCloneOidRequest* to "clone" one. Actually in original WinPcap 4.1.3's source ( https://github.com/nmap/npcap/blob/c67abf6f8b62bda89cd98c5ecc582566323f4c91/packetNtx/driver/Openclos.c, Line 645), you can see that I didn't change much code in that function except the requesting function from *NdisRequest* to *NdisFOidRequest* (I also noticed that the 2nd param in *NdisWaitEvent* call has been changed from 0 to 1000, I don't know if this matters, and I can't test it). It seems that I have a little clue about this, and whatever, a stable reproduce way will be very helpful. Cheers, Yang
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Npcap 0.03 call for test, (continued)
- Re: Npcap 0.03 call for test Tyson Key (Aug 01)
- Re: Npcap 0.03 call for test Yang Luo (Aug 02)
- Re: Npcap 0.03 call for test Yang Luo (Aug 03)
- Re: Npcap 0.03 call for test Pascal Quantin (Aug 03)
- Re: Npcap 0.03 call for test Yang Luo (Aug 03)
- Re: Npcap 0.03 call for test Pascal Quantin (Aug 03)
- Re: Npcap 0.03 call for test Jim Young (Aug 03)
- Re: Npcap 0.03 call for test Yang Luo (Aug 03)
- Re: Npcap 0.03 call for test Yang Luo (Aug 03)
- Re: Npcap 0.03 call for test Pascal Quantin (Aug 03)
- Re: Npcap 0.03 call for test Yang Luo (Aug 03)
- Re: Npcap 0.03 call for test Jim Young (Aug 03)
- Re: Npcap 0.03 call for test Yang Luo (Aug 05)
- Re: Npcap 0.03 call for test Jim Young (Aug 06)
- Re: Npcap 0.03 call for test Yang Luo (Aug 15)
- Re: Npcap 0.03 call for test Pascal Quantin (Aug 06)
- Re: Npcap 0.03 call for test Yang Luo (Aug 06)
- Re: Npcap 0.03 call for test Pascal Quantin (Aug 06)
- Re: Npcap 0.03 call for test Jim Young (Aug 06)
- Re: Npcap 0.03 call for test Yang Luo (Aug 10)
- Re: Npcap 0.03 call for test Jim Young (Aug 10)