[Winpcap-users] Winpcap-users Digest, Vol 72, Issue 8
Fish" (David B. Trout
fish at infidels.org
Thu Mar 17 19:18:05 PDT 2011
Does the following help any?
BIOCSRTIMEOUT: IOCTL code: set the read timeout.
This command sets the maximum timeout after which a read is released, also
if no data packets were received. IMPORTANT NOTE: the value '0' (zero) means
INFINITE, whereas the value '-1' (minus 1) means "immediate" (i.e. no
timeout). This is the complete opposite of WIN32
BIOCSMINTOCOPY: IOCTL code: set minimum amount of data in the kernel buffer
that unlocks a read call.
This command sets the OPEN_INSTANCE::MinToCopy member.
BIOCSETEVENTHANDLE: This IOCTL passes the read event HANDLE allocated by the
user (packet.dll) to kernel level.
Parameter: HANDLE Parameter size: sizeof(HANDLE). If the caller is 32 bit,
the parameter size is 4 bytes, even if sizeof(HANDLE) at kernel level is 8
bytes. That's why in this IOCTL code handler we detect a 32bit calling
process and do the necessary thunking.
Sample PSEUDO code:
hShutdownEvent = CreateEvent(NULL,TRUE,FALSE,NULL);
hPacketsEvent = CreateEvent(NULL,TRUE,FALSE,NULL);
DeviceIoControl( pcap, BIOCSETEVENTHANDLE, hPacketsEvent... );
DWORD dwMinBytes = 0; // (max responsiveness)
DeviceIoControl( pcap, BIOCSMINTOCOPY, dwMinBytes ...);
DWORD dwTimeout = -1; // (max responsiveness)
DeviceIoControl( pcap, BIOCSRTIMEOUT, dwTimeout ...);
DWORD dwBytesRead = 0;
while((dwBytesRead = ReadWinPCap()) > 0)
WaitForMultipleEvents( hShutdownEvent, hPacketsEvent, INFINITE );
ResetEvent( hPacketsEvent );
while (WaitForSingleEvent( hShutdownEvent, 0 ) != WAIT_OBJECT_0);
Note: the above is for illustrative purposes only. you should use the
official packet.dll functions and not call the driver directly.
"Fish" (David B. Trout)
fish at softdevlabs.com
More information about the Winpcap-users