none
NDIS IM Driver issue. RRS feed

  • Question

  • I want to monitor http request.

    In the function MPSendPackets of the sample passthru,I've modified a bit to monitor the http request.

    Now I got pPacketContent and know which packet is http request.I need to copy the pPacketContent to Mypacket and sent it by using ndissend ,but the following code don't work.I don't know where is the problem.

             // Allocate a new buffer descriptor
             NdisAllocateBuffer(&status, &MyBuffer, pAdapt->SendPacketPoolHandle,
             pPacketContent, TotalPacketLength);                    

             SendRsvd = (PSEND_RSVD)(MyPacket->MiniportReserved);
             SendRsvd->OriginalPkt = MyPacket;
             NdisChainBufferAtFront(MyPacket, MyBuffer);
    ............................

             NdisSend(&Status,  pAdapt->BindingHandle,  MyPacket);

    IE will send requests in a row,finally,display an error page.

    Tuesday, January 29, 2013 3:36 PM

Answers

  • My client's requirement is modifying the query string in the uri.Do it need recalculate TCP ?If so,how to recalculate TCP and IP checksums?

    You need to recalculate TCP checksum and possibly update some other fields in the TCP header. In my opinion, you will first need study TCP/IP basics, before writing the code in this area.

    BR,  Antti

    Wednesday, January 30, 2013 1:50 PM
  •  

    //Allocate a new Buffer descriptor NdisAllocateBuffer(&status, &MyBuffer, pAdapt->SendPacketPoolHandle, pPacketContent, 2048);

     

    With a quick look, this is at least clearly wrong. You should allocate buffer from BufferPool, not from PacketPool. Also you must not use any hardcoded value for the buffer length.

    I think I have helped enough for this case. You should read the documentation more carefully, go to some course, etc. and then get back to coding.

    BR, Antti

    • Marked as answer by reezo Saturday, February 2, 2013 1:47 PM
    Thursday, January 31, 2013 9:17 AM

All replies

  • Hi,

    Are you targeting Windows XP? If not, you should use Windows Filtering Platform (WFP) or NDIS LWF driver. If you are only monitoring and not modifying the HTTP request, why don't you send the packet same way as in passthru sample? If you don't know where the problem is, how can you be sure that the problem is in the code snippet you posted?

    BR, Antti

    Wednesday, January 30, 2013 6:35 AM
  • Hi,

    Are you targeting Windows XP? If not, you should use Windows Filtering Platform (WFP) or NDIS LWF driver. If you are only monitoring and not modifying the HTTP request, why don't you send the packet same way as in passthru sample? If you don't know where the problem is, how can you be sure that the problem is in the code snippet you posted?

    BR, Antti

    Yes,u r right.I'm targeting on Windows XP,and I want to modify the HTTP request.In my opinion,I need to get the packet buffer first ,then I can modify it.The sample code can not modify the packet,can it?

    Like I said before,the only stuff I got that it doesn't work.So this is the problem.I even don't know if it is the right way.

    So,are there any other ways to modify the http request? 

    Plesae help me.

    Wednesday, January 30, 2013 10:10 AM
  • Some further questions. How do you modify the HTTP request? Do you recalculate TCP and IP checksums after modification? Do you see the modified packet on the remote peer with Network Monitor?

    BR, Antti

    Wednesday, January 30, 2013 12:01 PM
  • Some further questions. How do you modify the HTTP request? Do you recalculate TCP and IP checksums after modification? Do you see the modified packet on the remote peer with Network Monitor?

    BR, Antti

    I dont't know the possible ways of packet modification.My client's requirement is modifying the query string in the uri.Do it need recalculate TCP ?If so,how to recalculate TCP and IP checksums?

    Thanks in advance.

    Wednesday, January 30, 2013 1:02 PM
  • My client's requirement is modifying the query string in the uri.Do it need recalculate TCP ?If so,how to recalculate TCP and IP checksums?

    You need to recalculate TCP checksum and possibly update some other fields in the TCP header. In my opinion, you will first need study TCP/IP basics, before writing the code in this area.

    BR,  Antti

    Wednesday, January 30, 2013 1:50 PM
  • Well,the hardest is that I don't have so much time.Are there any sample codes available for me?
    Wednesday, January 30, 2013 2:36 PM
  • Hi,Antti

    BOOLEAN BuildMyPacket( IN PADAPT pAdapt, IN PNDIS_PACKET original_packet, OUT PNDIS_PACKET MyPacket ) { PSEND_RSVD SendRsvd; NDIS_STATUS status; PNDIS_BUFFER MyBuffer; UINT TotalPacketLength = 0; PUCHAR pPacketContent = NULL;

    status = NdisAllocateMemoryWithTag( &pPacketContent, 2048, TAG); if( status != NDIS_STATUS_SUCCESS ){ status = NDIS_STATUS_FAILURE ; return FALSE; } NdisZeroMemory( pPacketContent, 2048 ) ; CopyPacket(original_packet,pPacketContent,&TotalPacketLength); //Allocate a new Buffer descriptor NdisAllocateBuffer(&status, &MyBuffer, pAdapt->SendPacketPoolHandle, pPacketContent, 2048); if (NDIS_STATUS_SUCCESS != status) { NdisFreeMemory(pPacketContent, 2048, 0); return FALSE; } SendRsvd = (PSEND_RSVD)(MyPacket->MiniportReserved); SendRsvd->OriginalPkt = MyPacket; NdisChainBufferAtFront(MyPacket, MyBuffer); return TRUE; }

    I add a function "BuildMyPacket" ,after it runed,there is nothing in the MyPacket.

    You know debug driver is tough stuff.Is there anything import I missed?

    At this moment,I just wish to copy the buffer from original packet and build my own packet without modification,finally,pass it dwon.


    • Edited by reezo Thursday, January 31, 2013 2:39 AM
    Thursday, January 31, 2013 2:37 AM
  •  

    //Allocate a new Buffer descriptor NdisAllocateBuffer(&status, &MyBuffer, pAdapt->SendPacketPoolHandle, pPacketContent, 2048);

     

    With a quick look, this is at least clearly wrong. You should allocate buffer from BufferPool, not from PacketPool. Also you must not use any hardcoded value for the buffer length.

    I think I have helped enough for this case. You should read the documentation more carefully, go to some course, etc. and then get back to coding.

    BR, Antti

    • Marked as answer by reezo Saturday, February 2, 2013 1:47 PM
    Thursday, January 31, 2013 9:17 AM
  • Hey,bro

    It works.The packets have passed thourgh my function.Thank u very much.

    Friday, February 1, 2013 2:32 AM