none
NDIS Filter driver RRS feed

Answers

  • Wi-fi already has enough encryption, either as WPA2 (a.k.a. 802.11 something), proprietary security like Cisco's, and various VPNs. All this is useful reading for you. Why one can want to roll his own and break interoperabilty.

    -- pa

    • Marked as answer by Raguwifi Wednesday, December 18, 2013 10:15 AM
    Tuesday, December 17, 2013 1:08 PM
  • Make sure you've found the right level of the stack.  Encryption and compression can be performed at many levels of the stack - consider the differences between WPA2, MACsec, IPsec, TLS, and downloading a password-protected .ZIP file over HTTP.  If you use a LWF, you'll be best positioned to work at layer 2, like MACsec or L2TP. A LWF would be poorly-suited to manipulate other levels -- e.g., it'd be very difficult to turn HTTP traffic into HTTPS traffic using a LWF.

    If layer-2 compression/encryption matches your design goals, then you've found the best sample driver for your needs.  This sample driver already hooks all the traffic that flows in/out of the system.  You only need to modify the FilterSendNetBufferLists and FilterReceiveNetBufferLists to add your compression/encryption code.

    Tuesday, December 17, 2013 7:34 PM

All replies

  • Make sure you've found the right level of the stack.  Encryption and compression can be performed at many levels of the stack - consider the differences between WPA2, MACsec, IPsec, TLS, and downloading a password-protected .ZIP file over HTTP.  If you use a LWF, you'll be best positioned to work at layer 2, like MACsec or L2TP. A LWF would be poorly-suited to manipulate other levels -- e.g., it'd be very difficult to turn HTTP traffic into HTTPS traffic using a LWF.

    If layer-2 compression/encryption matches your design goals, then you've found the best sample driver for your needs.  This sample driver already hooks all the traffic that flows in/out of the system.  You only need to modify the FilterSendNetBufferLists and FilterReceiveNetBufferLists to add your compression/encryption code.

    Tuesday, December 17, 2013 7:34 PM
  • Thanks a lot Sir!!I am new to Windows Driver development and need some more help

    In function FilterSendNetBufferLists()

    if (pFilter->TrackSends)
            {
                FILTER_ACQUIRE_LOCK(&pFilter->Lock, DispatchLevel);
                CurrNbl = NetBufferLists;
                while (CurrNbl)
                {
                    pFilter->OutstandingSends++;
                    FILTER_LOG_SEND_REF(1, pFilter, CurrNbl, pFilter->OutstandingSends);

                    CurrNbl = NET_BUFFER_LIST_NEXT_NBL(CurrNbl);
                }
                FILTER_RELEASE_LOCK(&pFilter->Lock, DispatchLevel);
            }
            
    I need to call some API here to do the compression.Can you please let me know the API I need to call which will do the compression.        
            NdisFSendNetBufferLists(pFilter->FilterHandle, NetBufferLists, PortNumber, SendFlags);

    Wednesday, December 18, 2013 10:11 AM
  • Thanks a lot Sir!!I am new to Windows Driver development and need some more help

    In function FilterSendNetBufferLists()

    if (pFilter->TrackSends)
            {
                FILTER_ACQUIRE_LOCK(&pFilter->Lock, DispatchLevel);
                CurrNbl = NetBufferLists;
                while (CurrNbl)
                {
                    pFilter->OutstandingSends++;
                    FILTER_LOG_SEND_REF(1, pFilter, CurrNbl, pFilter->OutstandingSends);

                    CurrNbl = NET_BUFFER_LIST_NEXT_NBL(CurrNbl);
                }
                FILTER_RELEASE_LOCK(&pFilter->Lock, DispatchLevel);
            }
           
    I need to call some API here to do the compression.Can you please let me know the API I need to call which will do the compression.       
            NdisFSendNetBufferLists(pFilter->FilterHandle, NetBufferLists, PortNumber, SendFlags);

    Wednesday, December 18, 2013 10:15 AM
  • Well there's RtlCompressBuffer, although it's not really designed for network drivers.

    Compression algorithms are interesting - they doesn't actually compress everything you put in.  If that were possible, then you could just run the compression algorithm over and over again until the output is zero bytes!  Compression algorithms make typical inputs smaller, and atypical inputs larger.  So if you are going to compress a packet that is already maximally-sized at 1500 bytes, and the packet comes out bigger, you'll have to somehow cope with a packet that is now too big to send.

    Wednesday, December 18, 2013 8:11 PM