• Question

  • Hello,

    I have a callout driver capturing all packets at INBOUND_IPPACKET, allowing all but specific packets. Certain packets (of a protocol) have their IP header slightly modified to be proxied, and then the IP header checksum is re-calculated before injection.

    Upoon booting the machine (Windows 2008 Server R1 with SP1) and starting the callout driver, this works well. After some time, STATUS_DATA_NOT_ACCEPTED will be reported in the status of each modified & reinjected packet (the non-modified packets report STATUS_SUCCESS), and upon rebooting this works well again. FwpsInjectNetworkReceiveAsync0() returns STATUS_SUCCESS in all cases.

    I know there is a known issue with STATUS_DATA_NOT_ACCEPTED, and the suggested workaround is zero'ing IPID and Length fields. I am doing this for each packet, but this does not solve the problem, only makes it take longer to occur.

    Are the packets which report this error available at the DISCARD layer? Also, if they are, it is possible to know why they have been discarded while filtering them at this layer?

    Thanks in advance,


    Wednesday, September 22, 2010 12:06 PM