Process ID

Home Forums Discussions Support Process ID

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • March 16, 2006 at 3:00 pm #5006
    jjcage
    Participant

      Is it possible to determine the process ID for a packet read using WinpkFilter (might be useful for implementing a firewall for example)?

      March 16, 2006 at 6:59 pm #6009
      Vadim Smirnov
      Keymaster

        Process context is not available at the NDIS level where WinpkFilter works. In order to determine the packet associated process you should obtain the current connections table on some way (TDI filter, LSP and some other less popular ways) and match packet to the process using address/port information.

        Usually, firewall is a combination of NDIS level filter (packet firewall) and application level filter (application/desktop firewall).

        Hope it helps

      • Author
        Posts
      Viewing 2 posts - 1 through 2 (of 2 total)
      • You must be logged in to reply to this topic.