Send Raw Packet.

Home Forums Discussions General Send Raw Packet.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • October 19, 2007 at 9:29 am #5139
    amanofsky
    Participant

      WinpkFilter 3.0 is using Ndis Hooking technology.
      I’m wondering if it has the ability to send raw packet???

      if it has , can you please shed some lights on how it implement it?

      thanks.

      October 22, 2007 at 12:40 pm #6462
      Vadim Smirnov
      Keymaster

        I’m wondering if it has the ability to send raw packet???

        Sure it can.

        int main(int argc, char* argv[])
        
{
        
UINT				counter = 0;
        
ether_header*		pEthHeader = NULL;
        

        
if (argc < 3)
        
{
        
printf ("Command line syntax:ntsender.exe index numntindex - network interface index.ntnum - number or packets to sendntYou can use ListAdapters to determine correct index.n");
        
return 0;
        
}
        

        
iIndex = atoi(argv[1]) - 1;
        
counter = atoi(argv[2]);
        

        
if(!api.IsDriverLoaded())
        
{
        
printf ("Driver not installed on this system of failed to load.n");
        
return 0;
        
}
        

        
api.GetTcpipBoundAdaptersInfo ( &AdList );
        

        
if ( iIndex + 1 > AdList.m_nAdapterCount )
        
{
        
printf("There is no network interface with such index on this system.n");
        
return 0;
        
}
        

        
// Initialize Request
        
ZeroMemory ( &Request, sizeof(ETH_REQUEST) );
        
ZeroMemory ( &PacketBuffer, sizeof(INTERMEDIATE_BUFFER) );
        
Request.EthPacket.Buffer = &PacketBuffer;
        
Request.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];
        

        
pEthHeader = (ether_header*)PacketBuffer.m_IBuffer;
        

        
memcpy(&pEthHeader->h_source, AdList.m_czCurrentAddress[iIndex], ETH_ALEN);
        
memset(&pEthHeader->h_dest, 0xFF, ETH_ALEN);
        
pEthHeader->h_proto = ETH_P_IP;
        
Request.EthPacket.Buffer->m_Length = MAX_ETHER_FRAME;
        

        
while (counter--)
        
api.SendPacketToAdapter(&Request);
        

        
return 0;
        
}

        The code above initializes Ethernet header (broadcast IP packet) and sends it over the network. IP header and above are not initialized (packet is filled by zeros).

        October 24, 2007 at 1:05 am #6463
        lovepkfilter
        Participant

          good!

          and….~
          need to be chechsum or is it will be do the checksum by the SendPacketToMstcp or SendPacketToAdapter?

          by the way,if i want to close the connection,need i send send a rst packet to both MSTCP and Adapter?

          how to do it (rst packet)?

          3ks for your best~

          October 24, 2007 at 2:50 pm #6464
          Vadim Smirnov
          Keymaster

            need to be chechsum or is it will be do the checksum by the SendPacketToMstcp or SendPacketToAdapter?

            The sample above does not initialize IP header and above, it forms and sends a sample Ethernet frame filled with zeros. If you are creating real world IP/TCP/UDP packet then you have to properly initialize required headers and calculate checksums.

            by the way,if i want to close the connection,need i send send a rst packet to both MSTCP and Adapter?

            Depends from your task, in general it is enough to send RST packet to local stack, another peer will close connection by timeout. But of course you can send RST packets to both, local and remote peers.

          • Author
            Posts
          Viewing 4 posts - 1 through 4 (of 4 total)
          • You must be logged in to reply to this topic.