|
阅读:1263回复:1
抓包问题(asmsys请进)
asmsys您好,很久没向您问候了!
我用PASSTHRU抓包时遇到了这样一个问题。 就是用NDIS中发必须的函数: ProtocolReceive( IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_HANDLE MacReceiveContext, IN PVOID HeaderBuffer, IN UINT HeaderBufferSize, IN PVOID LookAheadBuffer, IN UINT LookAheadBufferSize, IN UINT PacketSize ) { PADAPT pAdapt =(PADAPT)ProtocolBindingContext; PNDIS_PACKET MyPacket, Packet; NDIS_STATUS Status = NDIS_STATUS_SUCCESS; PNDIS_BUFFER CurrentBuffer; PVOID VirtualAddress; UINT CurrentLength; UINT PhysicalBufferCount; UINT BufferCount; UINT TotalPacketLength; UINT i; DBGPRINT(\"==> Passthru Protocol PtReceive\\n\"); if(!pAdapt->MiniportHandle) { Status = NDIS_STATUS_FAILURE; DBGPRINT(\"pAdapt->MiniportHandle=NULL\\n\"); } else do { if(pAdapt->isSecondary) { //DBGPRINT(\"PASSTHRU GETTING RECIEVES ON SECONDARY\\n\"); ASSERT(0); } Packet = NdisGetReceivedPacket(pAdapt->BindingHandle, MacReceiveContext); if(Packet == NULL) { DbgPrint(\"Recive Packet = NULL\"); } else { DbgPrint(\"The Receive BufferCount is %d\",BufferCount); while(CurrentBuffer) { NdisQueryBuffer(CurrentBuffer,&VirtualAddress,&CurrentLength); /*DBGPRINT(\"<==The Packet length:==\");*/ DbgPrint(\"<==The Receive Packet length=%d==\",CurrentLength); DBGPRINT(\"<==The Receive Packet Content:==\"); for(i=0;i<CurrentLength;i++) { DbgPrint(\"%2.2X \",((UCHAR *)VirtualAddress)); if(i%16==15) { DbgPrint(\"\\n\"); DbgPrint(\"<==The Receive Packet Content:==\"); } } NdisGetNextBuffer(CurrentBuffer,&CurrentBuffer); } } pAdapt->IndicateRcvComplete = TRUE; switch(pAdapt->Medium) { case NdisMedium802_3: NdisMEthIndicateReceive(pAdapt->MiniportHandle, HeaderBuffer, HeaderBufferSize, LookAheadBuffer, LookAheadBufferSize, PacketSize); break; case NdisMedium802_5: NdisMTrIndicateReceive(pAdapt->MiniportHandle, MacReceiveContext, HeaderBuffer, HeaderBufferSize, LookAheadBuffer, LookAheadBufferSize, PacketSize); break; case NdisMediumFddi: NdisMFddiIndicateReceive(pAdapt->MiniportHandle, MacReceiveContext, HeaderBuffer, HeaderBufferSize, LookAheadBuffer, LookAheadBufferSize, PacketSize); break; default: ASSERT(0); break; } } while(FALSE); DBGPRINT(\"<== Passthru Protocol PtReceive\\n\"); return Status; } 调试时看不到抓到的数据。不知代码是否有问题。但用可选的函数 : ProtocolReceivePacket( IN NDIS_HANDLE ProtocolBindingContext, IN PNDIS_PACKET Packet ) { PADAPT pAdapt =(PADAPT)ProtocolBindingContext; NDIS_STATUS Status; PRSVD Resvd; PNDIS_BUFFER CurrentBuffer; PVOID VirtualAddress; UINT CurrentLength; UINT PhysicalBufferCount; UINT BufferCount; UINT TotalPacketLength; UINT i; //DBGPRINT(\"==> Passthru Protocol PtReceivePacket\\n\"); if(!pAdapt->MiniportHandle) return 0; if(pAdapt->isSecondary) { //DBGPRINT(\"PASSTHRU GETTING RECEIVES ON SECONDARY\\n\"); ASSERT(0); } NdisQueryPacket(Packet,&PhysicalBufferCount,&BufferCount,&CurrentBuffer,&TotalPacketLength); DbgPrint(\"The Receive BufferCount is %d\",BufferCount); while(CurrentBuffer) { NdisQueryBuffer(CurrentBuffer,&VirtualAddress,&CurrentLength); /*DBGPRINT(\"<==The Packet length:==\");*/ DbgPrint(\"<==The Receive Packet length=%d==\",CurrentLength); DBGPRINT(\"<==The Receive Packet Content:==\"); for(i=0;i<CurrentLength;i++) { DbgPrint(\"%2.2X \",((UCHAR *)VirtualAddress)); if(i%16==15) { DbgPrint(\"\\n\"); DBGPRINT(\"<==The Receive Packet Content:==\"); } } NdisGetNextBuffer(CurrentBuffer,&CurrentBuffer); } } 却可以,您告诉我为什么吗? |
|
|
沙发#
发布于:2004-06-01 09:55
首先,ProtocolReceivePacket是必须的函数,不是可选的。MiniportSendPacket才是可选的。这个要搞清楚。
新网卡用PtReceivePacket,老式的RTL8029等用PtReceive.就这么简单。 从本质上讲,PtReceive被调用有两种情况: 1、当下层的miniport调用NdisMXxxIndicate的时候,NDIS总是调用ProtocolReceive函数。 2、这时候底层的miniport有可能资源不足,为了能够让上层驱动程序迅速放弃对数据包控制权,它在每一个数据包的带外数据块中设置status属性为NDIS_STATUS_SOURCE,这样就迫使NDIS转而调用ProtocolReceive函数,强迫IMD拷贝每一个数据包。 当情况2发生时,Packet = NdisGetReceivedPacket(pAdapt->BindingHandle, MacReceiveContext);就不返回空。 |
|
