About Ndis Hook

Home Forums Discussions General About Ndis Hook

  • This topic has 1 reply, 2 voices, and was last updated 20 years ago by GeN.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #4843

      hi.every one!

      I have coded a firwall-like programe on win9x,win2k and xp.It can work well on 9x.But on 2k,the driver cannot filter the sending packet .If I dial up through ADSL,it can filter the sending packet well.

      I adaptd the nids hook tech. In details, I use the native function to hook the NdisRegisterProtocol.NdisOpenAdapter and so on .When others register a new protocol, it enters my function, then I can see if the proctocol is interested in .If is ,hook it. When hooking ,I get the parameter of NdisRegisterProtocol function ,naming NdisProtocolHandle ,then type-cast it to NDIS_PROTOCOL_BOLOCK .Get the NDIS_PROTOCOL_BLOCK::OpenQueue ,then hook the SendHandler in the struct.Of course ,my driver start between the ndis.sys and the tcpip.sys.

      so ,where wrong ? I think maybe I misuse the different version of NIDS_PROTOCOL_BLOCK and NDIS_OPEN_BLOCK.

      Can give me some suggestion ?



        the thing is that TCPIP sets OPEN_BLOCK callbacks into original state after completing OpenAdapter…

      Viewing 2 posts - 1 through 2 (of 2 total)
      • You must be logged in to reply to this topic.