locked
How to start with WFP callout drivers? RRS feed

  • Question

  • Hi ,

    I have tried WFP and have done something using normal function(sdk). I need to understand and filter packet using callout drivers. So can anyone have nice source of information..

    Thursday, July 26, 2012 6:06 PM

All replies

  • I would suggest reading the DDK information (http://msdn.microsoft.com/en-us/library/windows/hardware/ff571067(v=vs.85).aspx), and you can look at the WFPSampler (http://code.msdn.microsoft.com/Windows-Filtering-Platform-27553baa).

    In the sampler, if you are already familiar with how drivers work, then you can skip over most of the Framework* files.  The easiest place to start would be the ClassifyFunctions_BasicActionCallouts.cpp.  This is one of the simplest callouts which returns an action.

    Hope this helps,


    Dusty Harper [MSFT]
    Microsoft Corporation
    ------------------------------------------------------------
    This posting is provided "AS IS", with NO warranties and confers NO rights
    ------------------------------------------------------------

    Thursday, July 26, 2012 7:34 PM
    Moderator
  • But It didnt really helped. Please can you say the Hierachy I have to look at Sample (files). I dont even see device entry function.

    RBN

    Saturday, September 22, 2012 9:27 AM