CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 8 of 8
  1. #1
    Join Date
    Sep 2004
    Posts
    6

    Question packet capture in windows

    Can any body tell me how to capture ip packets on windows 2000.
    This is not ment just sniffing the ip packets, i have to get the original packets itself.
    Please send me refference code(preferably in C/C++/VC++) or some link.

    Thanx
    Vipin

  2. #2
    Join Date
    Apr 2001
    Posts
    514

    Re: packet capture in windows

    Quote Originally Posted by vipinrl
    This is not ment just sniffing the ip packets, i have to get the original packets itself.

    That's a very vague statement for you to expect reference code for. Explain what you want to do more precisely and ask specific questions that we can answer, please.

  3. #3
    Join Date
    Sep 2004
    Posts
    6

    Post Re: packet capture in windows

    Quote Originally Posted by Lee Peart
    That's a very vague statement for you to expect reference code for. Explain what you want to do more precisely and ask specific questions that we can answer, please.
    thanx Mr. Lee peart for ur reply.

    what i want do are listed below.

    1.capture the ip packets
    and extract the source and destination feilds(it is already done by me)
    2.hold the captured packets temporarily for releasing later
    3.create an icmp caddie message using the feilds extracted.

    if any one know how to hold the packets pls help me.

  4. #4
    Join Date
    Feb 2003
    Location
    Bangalore, India
    Posts
    1,354

    Re: packet capture in windows

    To do that you have to intercept the packet before it reaches the application. One way is to write a NDIS/TDI level hook driver. That way, you can examine each packet that comes. Another and easier approach is to write an LSP program and install the layer. This layer is more higher compared to the TDI level layer. Hence you can intercept only winsock calls. You can look at the following links to get you started
    Unraveling the Mysteries of Writing a Winsock 2 Layered Service Provider

    Sample LSP code

    Hope that helps
    Even if our suggestions didn't help, please post the answer once you find it. We took the effort to help you, please return it to others.

    * While posting code sections please use CODE tags
    * Please check the codeguru FAQ and do a little search to see if your question have been answered before.
    * Like a post, Rate The Post
    * I blog: Network programming, Bible

    I do all things thru CHRIST who strengthens me

  5. #5
    Join Date
    Sep 2004
    Posts
    4

    Re: packet capture in windows

    If by "hold the packets" you mean not submit them to TCP, [ and I think that's the right thing to do] then you need to insert your business logic, between the NIC driver and the TCP protocol driver.

    The NDIS intermediate driver "passthru" sample in the Windows 2000 DDK worked when I tried it last. This provides a framework for you to plug in your own business logic.

    I believe that when this is installed and configured properly the TCP protocol binds to the intermediate driver and not directly to the NIC.

    The passthru driver must indicate up the packets for them to be seen at the TCP lower edge.

    So in the passthru driver you can hold the packets simply by putting them on an internal list, and indicating them up at a later time.

    Hope this helps.

  6. #6
    Join Date
    Nov 2003
    Posts
    39

    Re: packet capture in windows

    Quote Originally Posted by vipinrl
    thanx Mr. Lee peart for ur reply.

    what i want do are listed below.

    1.capture the ip packets
    and extract the source and destination feilds(it is already done by me)
    Hi!

    I am intrested in capturing the ip packets and extract the source and destination feilds.

    Can you give details how to make that?

    Thanks for your answer!

  7. #7
    Join Date
    Sep 2004
    Posts
    6

    Re: packet capture in windows

    i was able to capture the ip packets and display its fields.
    i wrote the code in c++.
    if intersted in this topic pls reply with details.

    my id: vipinrl@yahoo.co.uk

    regards

    Vipin

  8. #8
    Join Date
    Mar 2002
    Posts
    18

    Re: packet capture in windows

    there's other solution, not using LSP:
    http://www.codeproject.com/internet/WinSniff.asp

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  





Click Here to Expand Forum to Full Width

Featured