00001 /* 00002 * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy) 00003 * Copyright (c) 2005 CACE Technologies, Davis (California) 00004 * All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 00010 * 1. Redistributions of source code must retain the above copyright 00011 * notice, this list of conditions and the following disclaimer. 00012 * 2. Redistributions in binary form must reproduce the above copyright 00013 * notice, this list of conditions and the following disclaimer in the 00014 * documentation and/or other materials provided with the distribution. 00015 * 3. Neither the name of the Politecnico di Torino, CACE Technologies 00016 * nor the names of its contributors may be used to endorse or promote 00017 * products derived from this software without specific prior written 00018 * permission. 00019 * 00020 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 00021 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 00022 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 00023 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 00024 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 00025 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 00026 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 00027 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 00028 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 00029 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 00030 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00031 * 00032 */ 00033 00042 #ifndef __PACKET_INCLUDE______ 00043 #define __PACKET_INCLUDE______ 00044 00045 #ifdef __NPF_x86__ 00046 #define NTKERNEL 00047 #include "jitter.h" 00048 #endif 00049 00050 00051 #include "win_bpf.h" 00052 00053 #define MAX_REQUESTS 32 00054 00055 #define Packet_ALIGNMENT sizeof(int) 00056 #define Packet_WORDALIGN(x) (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1)) 00057 00058 /***************************/ 00059 /* IOCTLs */ 00060 /***************************/ 00061 00070 #define BIOCSETBUFFERSIZE 9592 00071 00082 #define BIOCSETF 9030 00083 00090 #define BIOCGSTATS 9031 00091 00097 #define BIOCSRTIMEOUT 7416 00098 00106 #define BIOCSMODE 7412 00107 00114 #define BIOCSWRITEREP 7413 00115 00121 #define BIOCSMINTOCOPY 7414 00122 00128 #define BIOCSETOID 2147483648 00129 00135 #define BIOCQUERYOID 2147483652 00136 00144 #define BIOCSETDUMPFILENAME 9029 00145 00152 #define BIOCGEVNAME 7415 00153 00161 #define BIOCSENDPACKETSNOSYNC 9032 00162 00171 #define BIOCSENDPACKETSSYNC 9033 00172 00179 #define BIOCSETDUMPLIMITS 9034 00180 00187 #define BIOCISDUMPENDED 7411 00188 00189 // Working modes 00190 #define MODE_CAPT 0x0 00191 #define MODE_STAT 0x1 00192 #define MODE_MON 0x2 00193 #define MODE_DUMP 0x10 00194 00195 00196 #define IMMEDIATE 1 00197 00198 00199 // The following definitions are used to provide compatibility 00200 // of the dump files with the ones of libpcap 00201 #define TCPDUMP_MAGIC 0xa1b2c3d4 00202 #define PCAP_VERSION_MAJOR 2 00203 #define PCAP_VERSION_MINOR 4 00204 00205 00210 struct packet_file_header 00211 { 00212 UINT magic; 00213 USHORT version_major; 00214 USHORT version_minor; 00215 UINT thiszone; 00216 UINT sigfigs; 00217 UINT snaplen; 00218 UINT linktype; 00219 }; 00220 00225 struct sf_pkthdr { 00226 struct timeval ts; 00227 UINT caplen; 00228 00229 00230 UINT len; 00231 }; 00232 00242 typedef struct _INTERNAL_REQUEST { 00243 LIST_ENTRY ListElement; 00244 PIRP Irp; 00245 BOOLEAN Internal; 00246 NDIS_REQUEST Request; 00247 } INTERNAL_REQUEST, *PINTERNAL_REQUEST; 00248 00256 typedef struct _PACKET_RESERVED { 00257 LIST_ENTRY ListElement; 00258 PIRP Irp; 00259 PMDL pMdl; 00260 BOOLEAN FreeBufAfterWrite; 00261 00262 ULONG Cpu; 00263 } PACKET_RESERVED, *PPACKET_RESERVED; 00264 00265 #define RESERVED(_p) ((PPACKET_RESERVED)((_p)->ProtocolReserved)) 00266 00267 00272 typedef struct _DEVICE_EXTENSION { 00273 NDIS_HANDLE NdisProtocolHandle; 00274 NDIS_STRING AdapterName; 00275 PWSTR ExportString; 00276 00277 } DEVICE_EXTENSION, *PDEVICE_EXTENSION; 00278 00284 typedef struct __CPU_Private_Data 00285 { 00286 ULONG P; 00287 ULONG C; 00288 ULONG Free; 00289 PUCHAR Buffer; 00290 ULONG Accepted; 00291 00292 00293 00294 ULONG Received; 00295 00296 00297 00298 ULONG Dropped; 00299 00300 00301 00302 ULONG Processing; 00303 PMDL TransferMdl1; 00304 PMDL TransferMdl2; 00305 ULONG NewP; 00306 } 00307 CpuPrivateData; 00308 00309 00317 typedef struct _OPEN_INSTANCE 00318 { 00319 PDEVICE_EXTENSION DeviceExtension; 00320 00321 NDIS_HANDLE AdapterHandle; 00322 UINT Medium; 00323 00324 NDIS_HANDLE PacketPool; 00325 PIRP OpenCloseIrp; 00326 00327 KSPIN_LOCK RequestSpinLock; 00328 LIST_ENTRY RequestList; 00329 LIST_ENTRY ResetIrpList; 00330 INTERNAL_REQUEST Requests[MAX_REQUESTS]; 00331 PMDL BufferMdl; 00332 PKEVENT ReadEvent; 00333 HANDLE ReadEventHandle; 00334 UNICODE_STRING ReadEventName; 00335 00336 00337 00338 PUCHAR bpfprogram; 00339 00340 00341 00342 00343 #ifdef __NPF_x86__ 00344 JIT_BPF_Filter *Filter; 00345 00346 #endif 00347 UINT MinToCopy; 00348 00349 LARGE_INTEGER TimeOut; 00350 00351 00352 int mode; 00353 LARGE_INTEGER Nbytes; 00354 LARGE_INTEGER Npackets; 00355 NDIS_SPIN_LOCK CountersLock; 00356 UINT Nwrites; 00357 00358 ULONG Multiple_Write_Counter; 00359 NDIS_EVENT WriteEvent; 00360 BOOLEAN WriteInProgress; 00361 00362 NDIS_SPIN_LOCK WriteLock; 00363 NDIS_EVENT IOEvent; 00364 NDIS_STATUS IOStatus; 00365 BOOLEAN Bound; 00366 00367 HANDLE DumpFileHandle; 00368 PFILE_OBJECT DumpFileObject; 00369 PKTHREAD DumpThreadObject; 00370 HANDLE DumpThreadHandle; 00371 NDIS_EVENT DumpEvent; 00372 LARGE_INTEGER DumpOffset; 00373 UNICODE_STRING DumpFileName; 00374 UINT MaxDumpBytes; 00375 00376 UINT MaxDumpPacks; 00377 00378 00379 BOOLEAN DumpLimitReached; 00380 00381 MEM_TYPE mem_ex; 00382 TME_CORE tme; 00383 NDIS_SPIN_LOCK MachineLock; 00384 UINT MaxFrameSize; 00385 00386 CpuPrivateData CpuData[32]; 00387 ULONG ReaderSN; 00388 ULONG WriterSN; 00389 00390 ULONG Size; 00391 ULONG SkipProcessing; 00392 00393 00394 00395 } 00396 OPEN_INSTANCE, *POPEN_INSTANCE; 00397 00405 struct PacketHeader 00406 { 00407 ULONG SN; 00408 struct bpf_hdr header; 00409 }; 00410 00411 00412 #define TRANSMIT_PACKETS 256 00413 00414 00415 00417 #define EXIT_SUCCESS(quantity) Irp->IoStatus.Information=quantity;\ 00418 Irp->IoStatus.Status = STATUS_SUCCESS;\ 00419 IoCompleteRequest(Irp, IO_NO_INCREMENT);\ 00420 return STATUS_SUCCESS;\ 00421 00422 00423 #define EXIT_FAILURE(quantity) Irp->IoStatus.Information=quantity;\ 00424 Irp->IoStatus.Status = STATUS_UNSUCCESSFUL;\ 00425 IoCompleteRequest(Irp, IO_NO_INCREMENT);\ 00426 return STATUS_UNSUCCESSFUL;\ 00427 00428 00433 /***************************/ 00434 /* Prototypes */ 00435 /***************************/ 00436 00453 NTSTATUS 00454 DriverEntry( 00455 IN PDRIVER_OBJECT DriverObject, 00456 IN PUNICODE_STRING RegistryPath 00457 ); 00458 00468 PWCHAR getAdaptersList(VOID); 00469 00476 PKEY_VALUE_PARTIAL_INFORMATION getTcpBindings(VOID); 00477 00489 BOOLEAN createDevice( 00490 IN OUT PDRIVER_OBJECT adriverObjectP, 00491 IN PUNICODE_STRING amacNameP, 00492 NDIS_HANDLE aProtoHandle); 00493 00505 NTSTATUS 00506 NPF_Open( 00507 IN PDEVICE_OBJECT DeviceObject, 00508 IN PIRP Irp 00509 ); 00510 00520 VOID 00521 NPF_OpenAdapterComplete( 00522 IN NDIS_HANDLE ProtocolBindingContext, 00523 IN NDIS_STATUS Status, 00524 IN NDIS_STATUS OpenErrorStatus 00525 ); 00526 00537 NTSTATUS 00538 NPF_Close( 00539 IN PDEVICE_OBJECT DeviceObject, 00540 IN PIRP Irp 00541 ); 00542 00551 VOID 00552 NPF_CloseAdapterComplete( 00553 IN NDIS_HANDLE ProtocolBindingContext, 00554 IN NDIS_STATUS Status 00555 ); 00556 00579 NDIS_STATUS 00580 NPF_tap( 00581 IN NDIS_HANDLE ProtocolBindingContext, 00582 IN NDIS_HANDLE MacReceiveContext, 00583 IN PVOID HeaderBuffer, 00584 IN UINT HeaderBufferSize, 00585 IN PVOID LookAheadBuffer, 00586 IN UINT LookaheadBufferSize, 00587 IN UINT PacketSize 00588 ); 00589 00600 VOID 00601 NPF_TransferDataComplete( 00602 IN NDIS_HANDLE ProtocolBindingContext, 00603 IN PNDIS_PACKET Packet, 00604 IN NDIS_STATUS Status, 00605 IN UINT BytesTransferred 00606 ); 00607 00614 VOID 00615 NPF_ReceiveComplete(IN NDIS_HANDLE ProtocolBindingContext); 00616 00640 NTSTATUS 00641 NPF_IoControl( 00642 IN PDEVICE_OBJECT DeviceObject, 00643 IN PIRP Irp 00644 ); 00645 00646 VOID 00647 00657 NPF_RequestComplete( 00658 IN NDIS_HANDLE ProtocolBindingContext, 00659 IN PNDIS_REQUEST pRequest, 00660 IN NDIS_STATUS Status 00661 ); 00662 00675 NTSTATUS 00676 NPF_Write( 00677 IN PDEVICE_OBJECT DeviceObject, 00678 IN PIRP Irp 00679 ); 00680 00681 00700 INT NPF_BufferedWrite(IN PIRP Irp, 00701 IN PCHAR UserBuff, 00702 IN ULONG UserBuffSize, 00703 BOOLEAN sync); 00704 00712 VOID NPF_WaitEndOfBufferedWrite(POPEN_INSTANCE Open); 00713 00723 VOID 00724 NPF_SendComplete( 00725 IN NDIS_HANDLE ProtocolBindingContext, 00726 IN PNDIS_PACKET pPacket, 00727 IN NDIS_STATUS Status 00728 ); 00729 00739 VOID 00740 NPF_ResetComplete( 00741 IN NDIS_HANDLE ProtocolBindingContext, 00742 IN NDIS_STATUS Status 00743 ); 00744 00748 VOID 00749 NPF_Status( 00750 IN NDIS_HANDLE ProtocolBindingContext, 00751 IN NDIS_STATUS Status, 00752 IN PVOID StatusBuffer, 00753 IN UINT StatusBufferSize 00754 ); 00755 00756 00760 VOID 00761 NPF_StatusComplete(IN NDIS_HANDLE ProtocolBindingContext); 00762 00771 VOID 00772 NPF_Unload(IN PDRIVER_OBJECT DriverObject); 00773 00774 00793 NTSTATUS 00794 NPF_Read( 00795 IN PDEVICE_OBJECT DeviceObject, 00796 IN PIRP Irp 00797 ); 00798 00804 NTSTATUS 00805 NPF_ReadRegistry( 00806 IN PWSTR *MacDriverName, 00807 IN PWSTR *PacketDriverName, 00808 IN PUNICODE_STRING RegistryPath 00809 ); 00810 00817 NTSTATUS 00818 NPF_QueryRegistryRoutine( 00819 IN PWSTR ValueName, 00820 IN ULONG ValueType, 00821 IN PVOID ValueData, 00822 IN ULONG ValueLength, 00823 IN PVOID Context, 00824 IN PVOID EntryContext 00825 ); 00826 00832 VOID NPF_BindAdapter( 00833 OUT PNDIS_STATUS Status, 00834 IN NDIS_HANDLE BindContext, 00835 IN PNDIS_STRING DeviceName, 00836 IN PVOID SystemSpecific1, 00837 IN PVOID SystemSpecific2 00838 ); 00839 00851 VOID 00852 NPF_UnbindAdapter( 00853 OUT PNDIS_STATUS Status, 00854 IN NDIS_HANDLE ProtocolBindingContext, 00855 IN NDIS_HANDLE UnbindContext 00856 ); 00857 00858 00866 NTSTATUS NPF_OpenDumpFile(POPEN_INSTANCE Open , PUNICODE_STRING fileName, BOOLEAN append); 00867 00876 NTSTATUS NPF_StartDump(POPEN_INSTANCE Open); 00877 00885 VOID NPF_DumpThread(PVOID Open); 00886 00893 NTSTATUS NPF_SaveCurrentBuffer(POPEN_INSTANCE Open); 00894 00907 VOID NPF_WriteDumpFile(PFILE_OBJECT FileObject, 00908 PLARGE_INTEGER Offset, 00909 ULONG Length, 00910 PMDL Mdl, 00911 PIO_STATUS_BLOCK IoStatusBlock); 00912 00913 00914 00920 NTSTATUS NPF_CloseDumpFile(POPEN_INSTANCE Open); 00921 00926 UINT GetBuffOccupation(POPEN_INSTANCE Open); 00927 00939 #ifdef NDIS50 00940 NDIS_STATUS NPF_PowerChange(IN NDIS_HANDLE ProtocolBindingContext, IN PNET_PNP_EVENT pNetPnPEvent); 00941 #endif 00942 00951 #endif /*main ifndef/define*/
documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005
CACE Technologies. All rights reserved.