Re: Re: Local Network Monitor API doesnt capture ICMP on 2008×64

Home Forums Discussions Support Portal Local Network Monitor API doesnt capture ICMP on 2008×64 Re: Re: Local Network Monitor API doesnt capture ICMP on 2008×64

#6723

Anton
Participant

Hi,

> The Monitor sample included does not capture packets sent to/from ping.exe on windows server 2008 x64 but does on windows XP SP3!

Yes, it’s limitation for Vistaw2k8. Unfortunatly ICMP can’t be caught on tdi level for these platforms.

> On this subject, the PROTOCOL enumeration in nttdiapi.cs has only 23 members, however the GetProtocolName function in Monitor.cs lists every protocol.

PROTOCOL enumeration contains protocols defined in winsock2.h (ws2def.h). Example shows all the possible protocols.

> Given that PROTOCOL_ANY is 0 but the iana shows 0 is asigned to HOPOPT,

0 = HOPOPT (IPv6 Hop-by-Hop Option) for IPv6
0 = IP (Any IP protocol) for IPv4

Nttdiapi works for ipv4 only and doesn’t support ipv6.

> what are the valid values for m_Protocol in FILTER_INFO and what are the possible values returned in a LOG_INFO?

Valid protocol number for ipv4.

=Anton.