Local Network Monitor API doesnt capture ICMP on 2008×64

Home Forums Discussions Support Portal Local Network Monitor API doesnt capture ICMP on 2008×64

This topic contains 2 replies, has 2 voices, and was last updated by  Onester 8 years, 2 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #5244

    Onester
    Participant

    The Monitor sample included does not capture packets sent to/from ping.exe on windows server 2008 x64 but does on windows XP SP3!

    On this subject, the PROTOCOL enumeration in nttdiapi.cs has only 23 members, however the GetProtocolName function in Monitor.cs lists every protocol. Given that PROTOCOL_ANY is 0 but the iana shows 0 is asigned to HOPOPT, what are the valid values for m_Protocol in FILTER_INFO and what are the possible values returned in a LOG_INFO?

    Mant thanks!

    #6723

    Anton
    Participant

    Hi,

    > The Monitor sample included does not capture packets sent to/from ping.exe on windows server 2008 x64 but does on windows XP SP3!

    Yes, it’s limitation for Vistaw2k8. Unfortunatly ICMP can’t be caught on tdi level for these platforms.

    > On this subject, the PROTOCOL enumeration in nttdiapi.cs has only 23 members, however the GetProtocolName function in Monitor.cs lists every protocol.

    PROTOCOL enumeration contains protocols defined in winsock2.h (ws2def.h). Example shows all the possible protocols.

    > Given that PROTOCOL_ANY is 0 but the iana shows 0 is asigned to HOPOPT,

    0 = HOPOPT (IPv6 Hop-by-Hop Option) for IPv6
    0 = IP (Any IP protocol) for IPv4

    Nttdiapi works for ipv4 only and doesn’t support ipv6.

    > what are the valid values for m_Protocol in FILTER_INFO and what are the possible values returned in a LOG_INFO?

    Valid protocol number for ipv4.

    =Anton.

    #6724

    Onester
    Participant

    Hi Anton,

    Thank you for your time and replies, all makes much more sense!

    Thanks

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.