none
NDIS 6.0 connection-less protocol driver sample building for Windows XP RRS feed

  • Question

  • I am using NDIS 6.0 Sample Protocol Driver for network filtering, and it is working on Windows 7 and Windows 8.1

    I just tested that 2 for now, but I want it also to work on Windows XP. As I was reading I need WDK 7.1 to build it for Windows XP but I can't get Visual Studio 2013 to see WDK7.1 as options for Platform Toolset.

    Is there anyway to import WDK7.1 to VS 2013?

    Saturday, July 19, 2014 9:03 PM

Answers

  • NDIS 6 drivers do not work on WinXP.  Also, NDIS protocol drivers are not used for filtering, because one protocol cannot modify of hide packets observed by another protocol on same connection.

    WDK 7.x can be combined with VS 2013 exactly like with any previous VS version, using a makefile-like project and  ddkbuild.bat (or anything else of that kind).

    -- pa

    Saturday, July 19, 2014 9:40 PM

All replies

  • Thanks for answer.

    What technique do you suggest for making DNS filter?

    All I need to do is just stop DNS packages that are not allowed by my software, or give back wrong IP address.

    Saturday, July 19, 2014 10:16 PM
  • What you want is an intermediate driver. As the name implies, it sits between the miniport and the protocol driver, and all packets and OIDs pass through it. There is a sample in the WDK

     -Brian


    Azius Developer Training www.azius.com Windows device driver, internals, security, & forensics training and consulting. Blog at www.azius.com/blog

    Sunday, July 20, 2014 1:35 AM
    Moderator
  • Ok so I need NDIS 5 Sample Intermediate Driver (for XP) and NDIS 6.0 Filter Driver(for Vista and above) right?

    Or is there any universal solutions for all versions of windows?

    Sunday, July 20, 2014 10:17 AM
  • Use a separate driver for NDIS 5.x and NDIS 6.x systems. You could get an NDIS 5.x driver to work on Win 8+, but Microsoft will not sign it (WHQL) for you.

     -Brian


    Azius Developer Training www.azius.com Windows device driver, internals, security, & forensics training and consulting. Blog at www.azius.com/blog

    Sunday, July 20, 2014 4:58 PM
    Moderator