how many adapters can we capture and modify packets on?

Home Forums Discussions Support how many adapters can we capture and modify packets on?

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • August 3, 2006 at 9:11 pm #5048
    Steven
    Participant

      Depending on the winpkfilter framework, I want to know whether there is just only one network adapter we can monitor, modify or filter on a same machine each time.
      Question:
      If there are more than one adatper on a machine, can I capture and modify packets on those adapters simultaneously?

      August 3, 2006 at 9:43 pm #6116
      Vadim Smirnov
      Keymaster

        If there are more than one adatper on a machine, can I capture and modify packets on those adapters simultaneously?

        Sure, you can. You can process all packets from the single thread (put adapters into filtering mode and call WaitForMultipleObjects) or create a dedicated thread for each adapter (and use WaitForSingleObject just like PassThru sample does).

        It is easy to emulate the multiply threads approach if start PassThru sample on two or more adapters simultaneously.

        If you are registered WinpkFilter customer you can download the source code for the Internet Gateway advanced sample http://www.ntkernel.com/w&p.php?id=31 which demonstrates filtering and modifying packets over multiply adapters.

        August 4, 2006 at 2:44 pm #6117
        Steven
        Participant

          I guess if I just create only one thread to capture all packets on different adapters, there should be a performance problem or sometimes network choke.

          Because in the Passthrou sample:


          WaitForSingleObject ( hEvent, INFINITE );
          ResetEvent(hEvent);

          while(api.ReadPacket(&Request))
          {

          }
          If I update this codes like:
          switch( WaitForMultipleObjects(2, hEvent, false, INFINITE ) )
          {
          case WAIT_OBJECT_0:
          set parameters on Request;
          break;
          case WAIT_OBJECT_0 + 1:
          set parameters on Request;
          break;

          }

          while(api.ReadPacket(&Request))
          {

          }

          if there are packets in a listened queue, the code always read packets until there is no packets in this queue; in the worst case, this code needs to read 500 packets before it deals with other adapters, so other packets in other queues on other adapters will generate similar network traffic jams.

          Am I right?? just post a discussion on how to fix the performance issue.

          Thanks.

          August 4, 2006 at 5:01 pm #6118
          Vadim Smirnov
          Keymaster

            Basically I don’t see any problems with processing packet from the single thread (processing packets does not really consumes all processor time and queue never grows as large unless your system is overloaded, but you can also assign the higher priority to the packet processing thread to avoid this). However, if you are looking for better packet scheduling between adapters you can create one thread per interface…

            September 30, 2006 at 5:26 am #6119
            mindobjects
            Participant

              Please delete the previous message that contain alink on a page with an auto upload of file that contain a virus.

              Cheers,
              Alan

              October 2, 2006 at 8:16 am #6120
              Vadim Smirnov
              Keymaster

                Done. These forum spammers are real pain 🙁

              • Author
                Posts
              Viewing 6 posts - 1 through 6 (of 6 total)
              • You must be logged in to reply to this topic.