WFP infinite loop RRS feed

  • Question

  • Hi Dusty,

    I need some suggestion for the WFP loop that occurs in case of multiple drivers as follows.

    =>Initially Callout A sees FWPS_PACKET_NOT_INJECTED, 
    driver A clone and block the packet, filter the data in user mode, 
    Allocate and inject new NET_BUFFER_LIST containing the filtered data

    =>Callout A sees FWPS_PACKET_INJECTED_BY_SELF and lets it by.

    =>Callout B sees FWPS_PACKET_INJECTED_BY_OTHER, and allocate inject new NET_BUFFER_LIST.
    Now Callout A will see the same flag FWPS_PACKET_INJECTED_BY_OTHER and it do repeat same thing and goes into infinite loop

    Can you suggest how can we avoid this loop.

    Sunday, July 3, 2016 6:08 PM

All replies