|
阅读:1942回复:0
关于ndis 6 修改发送的数据包
1、复制截获到发送的NBL
2、修改复制的NBL,比如加一个数据头; 3、发送自己的NBL 导致了蓝屏。 下面是代码片段: pNewBufList = allocateNetBufferAndList( pFilter, PacketSize , TRUE ); if ( pNewBufList == NULL ) break; NtStatus = NdisCopyFromNetBufferToNetBuffer(NET_BUFFER_LIST_FIRST_NB(pNewBufList), 0, PacketSize, NET_BUFFER_LIST_FIRST_NB(pSendPacketList), 0, &BytesCopied); if( NtStatus != STATUS_SUCCESS ) { *pNewNetBufferLists = NULL; FreeMdlAndNetBufferList( pNewBufList ); break; } NtStatus = ModifySendPacket( pFilter , pNewBufList ); if( NtStatus != STATUS_SUCCESS ) { *pNewNetBufferLists = NULL; FreeMdlAndNetBufferList( pNewBufList ); break; } NET_BUFFER_LIST_INFO(pNewBufList, TcpIpChecksumNetBufferListInfo) = NET_BUFFER_LIST_INFO(pSendPacketList, TcpIpChecksumNetBufferListInfo); NET_BUFFER_DATA_LENGTH(NET_BUFFER_LIST_FIRST_NB(pNewBufList)) = BytesCopied; pNewBufList->SourceHandle = pFilter->SendNetBufferListPool; if(*pNewNetBufferLists == NULL) { *pNewNetBufferLists = pCopyNBLTail = pNewBufList; } else { NET_BUFFER_LIST_NEXT_NBL(pCopyNBLTail) = pNewBufList; } (3).in FilterSendNetBufferListsComplete: if(NdisGetPoolFromNetBufferList(NetBufferLists) == pFilter->SendNetBufferListPool) { //Please just free this NBL bRet = FreeMdlAndNetBufferList(NetBufferLists); if(bRet == TRUE) { PRINTLOG(("Free my own NBL ====== FilterSendNetBufferListsComplete \n")); } return; } |
|
