reading from payload from ndis network packets.

reading from payload from ndis network packets.: Posted by abiola on February 7th, 2005; Hi all, I am trying to read payload content from NDIS packets. I have
problems with the offset option, my code is this

struct xx{
Dword m_data[3072];
} xx; xx payload;

Fltreadonpacket{
packet,
payload.m_data,
sizeof( tcp_hdr),
sizeof(struct ether_hdr)+sizeof(struct ip_hdr)+size(1024), // i tried
size(th_off) instead of size(1024) but it will not accept it.
&numberofbytesread};

for (int i=0; i<16;i++)
{
DbgPrint( payload.m_Data[i]); // printing rubbish at this point
}

any help will do. thanks.; Posted by egemen.tas@gmail.com on February 7th, 2005; What does this function Fltreadonpacket do? How did you implement it?
abiola wrote:; Posted by Hannes on February 7th, 2005; Without looking at your NDIS stuff, I see that your DbgPrint call lacks a
format string. Try something like this instead:

DbgPrint("%02x ", payload.m_Data[i]);

After your loop, add a line break:

DbgPrint("\n");

Good luck!

/ Hannes.; Posted by steve on February 7th, 2005; Firstly, what do you mean by "offset option". Looking at
your code you seem to assume that all NDIS packets are
ip. Check they are ip by looking at the protocol no in
the ether hdr. If packet is ip then (as your code
attempts) you point past the ether hdr and the ip hdr and
then you will have your ip payload. Your function is
confusing ... what does payload.m contain? what is 1024
and th_off all about?

I suppose the first thing you must ensure is that you
have correctly copied the packet data from the chained
buffer descriptors that are in your packet descriptor.
Here is an example copy packet function ...

// ------------------------------------------------------
----------------------
unsigned char *CopyPacket(NDIS_PACKET *pPacket, UINT
*puiBytesCopied)
{
void *pvFirstBufVA = 0;
void *pvNextBufVA = 0;

PNDIS_BUFFER pBuf;
PNDIS_BUFFER pNextBuf;

UINT TotalLen;
UINT BufLen;
UINT uiCurBufLen;
unsigned char *pPacketBuf;

if (!pPacket)
{
ASSERT(0);
return 0;
}

if (puiBytesCopied)
*puiBytesCopied = 0;

// Get first buffer from packet and total length of
all buffers
//
NdisGetFirstBufferFromPacket(pPacket, &pBuf,
&pvFirstBufVA, &BufLen, &TotalLen);

// allocate mem for one buffer to hold all chained
buffers
//
pPacketBuf = ExAllocatePoolWithTag(NonPagedPool,
TotalLen, 'KAP');
if (!pPacketBuf)
return 0;

RtlZeroMemory(pPacketBuf, TotalLen);

// copy in the first buffer
//
RtlCopyMemory(pPacketBuf, pvFirstBufVA, BufLen);
uiCurBufLen = BufLen;

// iterate remaining chained buffers and copy them
into our buffer

NdisGetNextBuffer(pBuf, &pNextBuf);

while (pNextBuf)
{
pBuf = pNextBuf;

NdisQueryBuffer(pNextBuf, &pvNextBufVA, &BufLen);
RtlCopyMemory(&pPacketBuf[uiCurBufLen], pvNextBufVA,
BufLen);
uiCurBufLen += BufLen;

NdisGetNextBuffer(pBuf, &pNextBuf);
}

ASSERT(uiCurBufLen == TotalLen);

if (puiBytesCopied)
*puiBytesCopied = TotalLen;

return pPacketBuf;
}

Hope this helps.
Steve.

Similar Posts

reading and printing NDIS network packets . (Drivers) by Gabriel Bogdan
NDIS Vs Protocol Who will drop the packets? (Drivers) by Monica
Out of order packets from NDIS IM (Drivers) by Abhijit
Retransmiting the packets to another IP in NDIS IM Driver (Drivers) by Rajesh Gupta
NDIS Mux IM Driver : NDIS Test Fail - Should not have resent any packets (Drivers) by Amit Dhaduk