NPF structures and definitions
[NPF driver internals manual]

Data Structures

struct  packet_file_header
 Header of a libpcap dump file. More...
struct  sf_pkthdr
 Header associated to a packet in the driver's buffer when the driver is in dump mode. Similar to the bpf_hdr structure, but simpler. More...
struct  _PACKET_OID_DATA
 Structure containing an OID request. More...
struct  _INTERNAL_REQUEST
 Stores an OID request. More...
struct  _PACKET_RESERVED
 Contains a NDIS packet. More...
struct  _DEVICE_EXTENSION
 Port device extension. More...
struct  __CPU_Private_Data
 Kernel buffer of each CPU. More...
struct  _OPEN_INSTANCE
 Contains the state of a running instance of the NPF driver. More...
struct  PacketHeader
 Structure prepended to each packet in the kernel buffer pool. More...

Defines

#define MAX_REQUESTS   32
 Maximum number of simultaneous IOCTL requests.
#define Packet_ALIGNMENT   sizeof(int)
 Alignment macro. Defines the alignment size.
#define Packet_WORDALIGN(x)   (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1))
 even multiple of Packet_ALIGNMENT.
#define KERNEL_EVENT_NAMESPACE   L"\\BaseNamedObjects\\"
#define MODE_CAPT   0x0
 Capture working mode.
#define MODE_STAT   0x1
 Statistical working mode.
#define MODE_MON   0x2
 Kernel monitoring mode.
#define MODE_DUMP   0x10
 Kernel dump working mode.
#define IMMEDIATE   1
 Immediate timeout. Forces a read call to return immediately.
#define NDIS_FLAGS_SKIP_LOOPBACK_W2K   0x400
 This is an undocumented flag for NdisSetPacketFlags() that allows to disable loopback reception.
#define TCPDUMP_MAGIC   0xa1b2c3d4
 Libpcap magic number. Used by programs like tcpdump to recognize a driver's generated dump file.
#define PCAP_VERSION_MAJOR   2
 Major libpcap version of the dump file. Used by programs like tcpdump to recognize a driver's generated dump file.
#define PCAP_VERSION_MINOR   4
 Minor libpcap version of the dump file. Used by programs like tcpdump to recognize a driver's generated dump file.
#define NPF_DISABLE_LOOPBACK   1
 Tells the driver to drop the packets sent by itself. This is usefult when building applications like bridges.
#define NPF_ENABLE_LOOPBACK   2
 Tells the driver to capture the packets sent by itself.
#define C_ASSERT(a)
#define RESERVED(_p)   ((PPACKET_RESERVED)((_p)->ProtocolReserved))
 Macro to obtain a NDIS_PACKET from a PACKET_RESERVED.
#define TRANSMIT_PACKETS   256
 of packets that can be transmitted at the same time or with a single call to NdisSendPackets.
#define EXIT_SUCCESS(quantity)
 Macro used in the I/O routines to return the control to user-mode with a success status.
#define EXIT_FAILURE(quantity)
 Macro used in the I/O routines to return the control to user-mode with a failure status.

Typedefs

typedef struct _PACKET_OID_DATA PACKET_OID_DATA
 Structure containing an OID request.
typedef struct _PACKET_OID_DATAPPACKET_OID_DATA
typedef struct _INTERNAL_REQUEST INTERNAL_REQUEST
 Stores an OID request.
typedef struct _INTERNAL_REQUESTPINTERNAL_REQUEST
typedef struct _PACKET_RESERVED PACKET_RESERVED
 Contains a NDIS packet.
typedef struct _PACKET_RESERVEDPPACKET_RESERVED
typedef struct _DEVICE_EXTENSION DEVICE_EXTENSION
 Port device extension.
typedef struct _DEVICE_EXTENSIONPDEVICE_EXTENSION
typedef struct __CPU_Private_Data CpuPrivateData
 Kernel buffer of each CPU.
typedef struct _OPEN_INSTANCE OPEN_INSTANCE
 Contains the state of a running instance of the NPF driver.
typedef struct _OPEN_INSTANCEPOPEN_INSTANCE

Enumerations

enum  ADAPTER_BINDING_STATUS { ADAPTER_UNBOUND, ADAPTER_BOUND, ADAPTER_UNBINDING }

Functions

 C_ASSERT (sizeof(PACKET_OID_DATA)==12)

Variables

ULONG g_NCpu
NDIS_HANDLE g_NdisProtocolHandle
struct time_conv G_Start_Time
UINT g_SendPacketFlags

Define Documentation

#define C_ASSERT (  ) 

Definition at line 133 of file Packet.h.

#define EXIT_FAILURE ( quantity   ) 
Value:
Irp->IoStatus.Information=quantity;\
    Irp->IoStatus.Status = STATUS_UNSUCCESSFUL;\
    IoCompleteRequest(Irp, IO_NO_INCREMENT);\
    return STATUS_UNSUCCESSFUL;\

Macro used in the I/O routines to return the control to user-mode with a failure status.

Definition at line 363 of file Packet.h.

#define EXIT_SUCCESS ( quantity   ) 
Value:
Irp->IoStatus.Information=quantity;\
    Irp->IoStatus.Status = STATUS_SUCCESS;\
    IoCompleteRequest(Irp, IO_NO_INCREMENT);\
    return STATUS_SUCCESS;\

Macro used in the I/O routines to return the control to user-mode with a success status.

Definition at line 357 of file Packet.h.

#define IMMEDIATE   1

Immediate timeout. Forces a read call to return immediately.

Definition at line 87 of file Packet.h.

#define KERNEL_EVENT_NAMESPACE   L"\\BaseNamedObjects\\"

Definition at line 77 of file Packet.h.

#define MAX_REQUESTS   32

Maximum number of simultaneous IOCTL requests.

Definition at line 71 of file Packet.h.

#define MODE_CAPT   0x0

Capture working mode.

Definition at line 81 of file Packet.h.

#define MODE_DUMP   0x10

Kernel dump working mode.

Definition at line 84 of file Packet.h.

#define MODE_MON   0x2

Kernel monitoring mode.

Definition at line 83 of file Packet.h.

#define MODE_STAT   0x1

Statistical working mode.

Definition at line 82 of file Packet.h.

#define NDIS_FLAGS_SKIP_LOOPBACK_W2K   0x400

This is an undocumented flag for NdisSetPacketFlags() that allows to disable loopback reception.

Definition at line 89 of file Packet.h.

#define NPF_DISABLE_LOOPBACK   1

Tells the driver to drop the packets sent by itself. This is usefult when building applications like bridges.

Definition at line 98 of file Packet.h.

#define NPF_ENABLE_LOOPBACK   2

Tells the driver to capture the packets sent by itself.

Definition at line 99 of file Packet.h.

#define Packet_ALIGNMENT   sizeof(int)

Alignment macro. Defines the alignment size.

Definition at line 73 of file Packet.h.

#define Packet_WORDALIGN (  )     (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1))

even multiple of Packet_ALIGNMENT.

Alignment macro. Rounds up to the next

Definition at line 74 of file Packet.h.

#define PCAP_VERSION_MAJOR   2

Major libpcap version of the dump file. Used by programs like tcpdump to recognize a driver's generated dump file.

Definition at line 94 of file Packet.h.

#define PCAP_VERSION_MINOR   4

Minor libpcap version of the dump file. Used by programs like tcpdump to recognize a driver's generated dump file.

Definition at line 95 of file Packet.h.

#define RESERVED ( _p   )     ((PPACKET_RESERVED)((_p)->ProtocolReserved))

Macro to obtain a NDIS_PACKET from a PACKET_RESERVED.

Definition at line 189 of file Packet.h.

#define TCPDUMP_MAGIC   0xa1b2c3d4

Libpcap magic number. Used by programs like tcpdump to recognize a driver's generated dump file.

Definition at line 93 of file Packet.h.

#define TRANSMIT_PACKETS   256

of packets that can be transmitted at the same time or with a single call to NdisSendPackets.

Maximum number of packets in the transmit packet pool. This value is an upper bound to the number

Definition at line 352 of file Packet.h.


Typedef Documentation

Kernel buffer of each CPU.

Structure containing the kernel buffer (and other CPU related fields) used to capture packets.

Port device extension.

Structure containing some data relative to every adapter on which NPF is bound.

Stores an OID request.

This structure is used by the driver to perform OID query or set operations on the underlying NIC driver. The OID operations be performed usually only by network drivers, but NPF exports this mechanism to user-level applications through an IOCTL interface. The driver uses this structure to wrap a NDIS_REQUEST structure. This allows to handle correctly the callback structure of NdisRequest(), handling multiple requests and maintaining information about the IRPs to complete.

typedef struct _OPEN_INSTANCE OPEN_INSTANCE

Contains the state of a running instance of the NPF driver.

This is the most important structure of NPF: it is used by almost all the functions of the driver. An _OPEN_INSTANCE structure is associated with every user-level session, allowing concurrent access to the driver.

Structure containing an OID request.

It is used by the PacketRequest() function to send an OID to the interface card driver. It can be used, for example, to retrieve the status of the error counters on the adapter, its MAC address, the list of the multicast groups defined on it, and so on.

Contains a NDIS packet.

The driver uses this structure to wrap a NDIS_PACKET structure. This allows to handle correctly the callback structure of NdisTransferData(), handling multiple requests and maintaining information about the IRPs to complete.

typedef struct _OPEN_INSTANCE * POPEN_INSTANCE

Enumeration Type Documentation

Enumerator:
ADAPTER_UNBOUND 
ADAPTER_BOUND 
ADAPTER_UNBINDING 

Definition at line 327 of file Packet.h.


Function Documentation

C_ASSERT ( sizeof(PACKET_OID_DATA = =12  ) 

Variable Documentation

ULONG g_NCpu
NDIS_HANDLE g_NdisProtocolHandle
struct time_conv G_Start_Time

documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2009 CACE Technologies. All rights reserved.