documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005
CACE technologies. All rights reserved.#include "jitter.h"#include "win_bpf.h"Go to the source code of this file.
Data Structures | |
| struct | packet_file_header |
| Header of a libpcap dump file. More... | |
| struct | sf_pkthdr |
| Header associated to a packet in the driver's buffer when the driver is in dump mode. Similar to the bpf_hdr structure, but simpler. More... | |
| struct | _INTERNAL_REQUEST |
| Stores an OID request. More... | |
| struct | _PACKET_RESERVED |
| Contains a NDIS packet. More... | |
| struct | _DEVICE_EXTENSION |
| Port device extension. More... | |
| struct | __CPU_Private_Data |
| Kernel buffer of each CPU. More... | |
| struct | _OPEN_INSTANCE |
| Contains the state of a running instance of the NPF driver. More... | |
| struct | PacketHeader |
| Structure prepended to each packet in the kernel buffer pool. More... | |
Defines | |
| #define | NTKERNEL |
| Forces the compilation of the jitter with kernel calls. | |
| #define | MAX_REQUESTS 32 |
| Maximum number of simultaneous IOCTL requests. | |
| #define | Packet_ALIGNMENT sizeof(int) |
| Alignment macro. Defines the alignment size. | |
| #define | Packet_WORDALIGN(x) (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1)) |
| even multiple of Packet_ALIGNMENT. | |
| #define | BIOCSETBUFFERSIZE 9592 |
| IOCTL code: set kernel buffer size. | |
| #define | BIOCSETF 9030 |
| IOCTL code: set packet filtering program. | |
| #define | BIOCGSTATS 9031 |
| IOCTL code: get the capture stats. | |
| #define | BIOCSRTIMEOUT 7416 |
| IOCTL code: set the read timeout. | |
| #define | BIOCSMODE 7412 |
| IOCTL code: set working mode. | |
| #define | BIOCSWRITEREP 7413 |
| IOCTL code: set number of physical repetions of every packet written by the app. | |
| #define | BIOCSMINTOCOPY 7414 |
| IOCTL code: set minimum amount of data in the kernel buffer that unlocks a read call. | |
| #define | BIOCSETOID 2147483648 |
| IOCTL code: set an OID value. | |
| #define | BIOCQUERYOID 2147483652 |
| IOCTL code: get an OID value. | |
| #define | BIOCSETDUMPFILENAME 9029 |
| IOCTL code: set the name of a the file used by kernel dump mode. | |
| #define | BIOCGEVNAME 7415 |
| IOCTL code: get the name of the event that the driver signals when some data is present in the buffer. | |
| #define | BIOCSENDPACKETSNOSYNC 9032 |
| IOCTL code: Send a buffer containing multiple packets to the network, ignoring the timestamps. | |
| #define | BIOCSENDPACKETSSYNC 9033 |
| IOCTL code: Send a buffer containing multiple packets to the network, considering the timestamps. | |
| #define | BIOCSETDUMPLIMITS 9034 |
| IOCTL code: Set the dump file limits. | |
| #define | BIOCISDUMPENDED 7411 |
| IOCTL code: Get the status of the kernel dump process. | |
| #define | MODE_CAPT 0x0 |
| Capture working mode. | |
| #define | MODE_STAT 0x1 |
| Statistical working mode. | |
| #define | MODE_MON 0x2 |
| Kernel monitoring mode. | |
| #define | MODE_DUMP 0x10 |
| Kernel dump working mode. | |
| #define | IMMEDIATE 1 |
| Immediate timeout. Forces a read call to return immediately. | |
| #define | TCPDUMP_MAGIC 0xa1b2c3d4 |
| Libpcap magic number. Used by programs like tcpdump to recognize a driver's generated dump file. | |
| #define | PCAP_VERSION_MAJOR 2 |
| Major libpcap version of the dump file. Used by programs like tcpdump to recognize a driver's generated dump file. | |
| #define | PCAP_VERSION_MINOR 4 |
| Minor libpcap version of the dump file. Used by programs like tcpdump to recognize a driver's generated dump file. | |
| #define | RESERVED(_p) ((PPACKET_RESERVED)((_p)->ProtocolReserved)) |
| Macro to obtain a NDIS_PACKET from a PACKET_RESERVED. | |
| #define | TRANSMIT_PACKETS 256 |
| of packets that can be transmitted at the same time or with a single call to NdisSendPackets. | |
| #define | EXIT_SUCCESS(quantity) |
| Macro used in the I/O routines to return the control to user-mode with a success status. | |
| #define | EXIT_FAILURE(quantity) |
| Macro used in the I/O routines to return the control to user-mode with a failure status. | |
Typedefs | |
| typedef _INTERNAL_REQUEST | INTERNAL_REQUEST |
| Stores an OID request. | |
| typedef _INTERNAL_REQUEST * | PINTERNAL_REQUEST |
| Stores an OID request. | |
| typedef _PACKET_RESERVED | PACKET_RESERVED |
| Contains a NDIS packet. | |
| typedef _PACKET_RESERVED * | PPACKET_RESERVED |
| Contains a NDIS packet. | |
| typedef _DEVICE_EXTENSION | DEVICE_EXTENSION |
| Port device extension. | |
| typedef _DEVICE_EXTENSION * | PDEVICE_EXTENSION |
| Port device extension. | |
| typedef __CPU_Private_Data | CpuPrivateData |
| Kernel buffer of each CPU. | |
| typedef _OPEN_INSTANCE | OPEN_INSTANCE |
| Contains the state of a running instance of the NPF driver. | |
| typedef _OPEN_INSTANCE * | POPEN_INSTANCE |
| Contains the state of a running instance of the NPF driver. | |
Functions | |
| NTSTATUS | DriverEntry (IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath) |
| The initialization routine of the driver. | |
| PWCHAR | getAdaptersList (VOID) |
| Returns the list of the MACs available on the system. | |
| PKEY_VALUE_PARTIAL_INFORMATION | getTcpBindings (VOID) |
| Returns the MACs that bind to TCP/IP. | |
| BOOLEAN | createDevice (IN OUT PDRIVER_OBJECT adriverObjectP, IN PUNICODE_STRING amacNameP, NDIS_HANDLE aProtoHandle) |
| Creates a device for a given MAC. | |
| NTSTATUS | NPF_Open (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Opens a new instance of the driver. | |
| VOID | NPF_OpenAdapterComplete (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_STATUS Status, IN NDIS_STATUS OpenErrorStatus) |
| Ends the opening of an adapter. | |
| NTSTATUS | NPF_Close (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Closes an instance of the driver. | |
| VOID | NPF_CloseAdapterComplete (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_STATUS Status) |
| Ends the closing of an adapter. | |
| NDIS_STATUS | NPF_tap (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_HANDLE MacReceiveContext, IN PVOID HeaderBuffer, IN UINT HeaderBufferSize, IN PVOID LookAheadBuffer, IN UINT LookaheadBufferSize, IN UINT PacketSize) |
| Callback invoked by NDIS when a packet arrives from the network. | |
| VOID | NPF_TransferDataComplete (IN NDIS_HANDLE ProtocolBindingContext, IN PNDIS_PACKET Packet, IN NDIS_STATUS Status, IN UINT BytesTransferred) |
| Ends the transfer of a packet. | |
| VOID | NPF_ReceiveComplete (IN NDIS_HANDLE ProtocolBindingContext) |
| Callback function that signals the end of a packet reception. | |
| NTSTATUS | NPF_IoControl (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Handles the IOCTL calls. | |
| VOID | NPF_RequestComplete (IN NDIS_HANDLE ProtocolBindingContext, IN PNDIS_REQUEST pRequest, IN NDIS_STATUS Status) |
| Ends an OID request. | |
| NTSTATUS | NPF_Write (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Writes a raw packet to the network. | |
| INT | NPF_BufferedWrite (IN PIRP Irp, IN PCHAR UserBuff, IN ULONG UserBuffSize, BOOLEAN sync) |
| Writes a buffer of raw packets to the network. | |
| VOID | NPF_WaitEndOfBufferedWrite (POPEN_INSTANCE Open) |
| Waits the completion of all the sends performed by NPF_BufferedWrite. | |
| VOID | NPF_SendComplete (IN NDIS_HANDLE ProtocolBindingContext, IN PNDIS_PACKET pPacket, IN NDIS_STATUS Status) |
| Ends a send operation. | |
| VOID | NPF_ResetComplete (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_STATUS Status) |
| Ends a reset of the adapter. | |
| VOID | NPF_Status (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_STATUS Status, IN PVOID StatusBuffer, IN UINT StatusBufferSize) |
| Callback for NDIS StatusHandler. Not used by NPF. | |
| VOID | NPF_StatusComplete (IN NDIS_HANDLE ProtocolBindingContext) |
| Callback for NDIS StatusCompleteHandler. Not used by NPF. | |
| VOID | NPF_Unload (IN PDRIVER_OBJECT DriverObject) |
| Function called by the OS when NPF is unloaded. | |
| NTSTATUS | NPF_Read (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Function that serves the user's reads. | |
| NTSTATUS | NPF_ReadRegistry (IN PWSTR *MacDriverName, IN PWSTR *PacketDriverName, IN PUNICODE_STRING RegistryPath) |
| Reads the registry keys associated woth NPF if the driver is manually installed via the control panel. | |
| NTSTATUS | NPF_QueryRegistryRoutine (IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext) |
| Function used by NPF_ReadRegistry() to quesry the registry keys associated woth NPF if the driver is manually installed via the control panel. | |
| VOID | NPF_BindAdapter (OUT PNDIS_STATUS Status, IN NDIS_HANDLE BindContext, IN PNDIS_STRING DeviceName, IN PVOID SystemSpecific1, IN PVOID SystemSpecific2) |
| Callback for NDIS BindAdapterHandler. Not used by NPF. | |
| VOID | NPF_UnbindAdapter (OUT PNDIS_STATUS Status, IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_HANDLE UnbindContext) |
| Callback for NDIS UnbindAdapterHandler. | |
| NTSTATUS | NPF_OpenDumpFile (POPEN_INSTANCE Open, PUNICODE_STRING fileName, BOOLEAN append) |
| Creates the file that will receive the packets when the driver is in dump mode. | |
| NTSTATUS | NPF_StartDump (POPEN_INSTANCE Open) |
| Starts dump to file. | |
| VOID | NPF_DumpThread (PVOID Open) |
| The dump thread. | |
| NTSTATUS | NPF_SaveCurrentBuffer (POPEN_INSTANCE Open) |
| Saves the content of the packet buffer to the file associated with current instance. | |
| VOID | NPF_WriteDumpFile (PFILE_OBJECT FileObject, PLARGE_INTEGER Offset, ULONG Length, PMDL Mdl, PIO_STATUS_BLOCK IoStatusBlock) |
| Writes a block of packets on the dump file. | |
| NTSTATUS | NPF_CloseDumpFile (POPEN_INSTANCE Open) |
| Closes the dump file associated with an instance of the driver. | |
| UINT | GetBuffOccupation (POPEN_INSTANCE Open) |
| Returns the amount of bytes present in the packet buffer. | |
documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005
CACE technologies. All rights reserved.