Send Raw Packet.

Home Forums Discussions General Discussion Send Raw Packet.

This topic contains 3 replies, has 3 voices, and was last updated by  Vadim Smirnov 10 years, 1 month ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #5139

    amanofsky
    Participant

    WinpkFilter 3.0 is using Ndis Hooking technology.
    I’m wondering if it has the ability to send raw packet???

    if it has , can you please shed some lights on how it implement it?

    thanks.

    #6462

    Vadim Smirnov
    Moderator

    I’m wondering if it has the ability to send raw packet???

    Sure it can.

    int main(int argc, char* argv[])
    {
    UINT counter = 0;
    ether_header* pEthHeader = NULL;

    if (argc < 3)
    {
    printf ("Command line syntax:ntsender.exe index numntindex - network interface index.ntnum - number or packets to sendntYou can use ListAdapters to determine correct index.n");
    return 0;
    }

    iIndex = atoi(argv[1]) - 1;
    counter = atoi(argv[2]);

    if(!api.IsDriverLoaded())
    {
    printf ("Driver not installed on this system of failed to load.n");
    return 0;
    }

    api.GetTcpipBoundAdaptersInfo ( &AdList );

    if ( iIndex + 1 > AdList.m_nAdapterCount )
    {
    printf("There is no network interface with such index on this system.n");
    return 0;
    }

    // Initialize Request
    ZeroMemory ( &Request, sizeof(ETH_REQUEST) );
    ZeroMemory ( &PacketBuffer, sizeof(INTERMEDIATE_BUFFER) );
    Request.EthPacket.Buffer = &PacketBuffer;
    Request.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];

    pEthHeader = (ether_header*)PacketBuffer.m_IBuffer;

    memcpy(&pEthHeader->h_source, AdList.m_czCurrentAddress[iIndex], ETH_ALEN);
    memset(&pEthHeader->h_dest, 0xFF, ETH_ALEN);
    pEthHeader->h_proto = ETH_P_IP;
    Request.EthPacket.Buffer->m_Length = MAX_ETHER_FRAME;

    while (counter--)
    api.SendPacketToAdapter(&Request);

    return 0;
    }

    The code above initializes Ethernet header (broadcast IP packet) and sends it over the network. IP header and above are not initialized (packet is filled by zeros).

    #6463

    lovepkfilter
    Participant

    good!

    and….~
    need to be chechsum or is it will be do the checksum by the SendPacketToMstcp or SendPacketToAdapter?

    by the way,if i want to close the connection,need i send send a rst packet to both MSTCP and Adapter?

    how to do it (rst packet)?

    3ks for your best~

    #6464

    Vadim Smirnov
    Moderator

    need to be chechsum or is it will be do the checksum by the SendPacketToMstcp or SendPacketToAdapter?

    The sample above does not initialize IP header and above, it forms and sends a sample Ethernet frame filled with zeros. If you are creating real world IP/TCP/UDP packet then you have to properly initialize required headers and calculate checksums.

    by the way,if i want to close the connection,need i send send a rst packet to both MSTCP and Adapter?

    Depends from your task, in general it is enough to send RST packet to local stack, another peer will close connection by timeout. But of course you can send RST packets to both, local and remote peers.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.