|IOCTL code: set kernel buffer size. |
|IOCTL code: set packet filtering program. |
|IOCTL code: get the capture stats. |
|IOCTL code: set the read timeout. |
|IOCTL code: set working mode. |
|IOCTL code: set number of physical repetions of every packet written by the app. |
|IOCTL code: set minimum amount of data in the kernel buffer that unlocks a read call. |
|IOCTL code: set an OID value. |
|IOCTL code: get an OID value. |
|IOCTL code: set the name of a the file used by kernel dump mode. |
|IOCTL code: get the name of the event that the driver signals when some data is present in the buffer. |
|IOCTL code: Send a buffer containing multiple packets to the network, ignoring the timestamps. |
|IOCTL code: Send a buffer containing multiple packets to the network, considering the timestamps. |
|IOCTL code: Set the dump file limits. |
|IOCTL code: Get the status of the kernel dump process. |
|IOCTL code: set the loopback behavior. |
|This IOCTL passes the read event HANDLE allocated by the user (packet.dll) to kernel level. |
|#define BIOCGEVNAME 7415|
IOCTL code: get the name of the event that the driver signals when some data is present in the buffer.
Command used by the application to retrieve the name of the global event associated with a NPF instance. The event is signaled by the driver when the kernel buffer contains enough data for a transfer.
|#define BIOCGSTATS 9031|
|#define BIOCISDUMPENDED 7411|
|#define BIOCISETLOBBEH 7410|
|#define BIOCQUERYOID 0x80000004|
|#define BIOCSENDPACKETSNOSYNC 9032|
IOCTL code: Send a buffer containing multiple packets to the network, ignoring the timestamps.
Command used to send a buffer of packets in a single system call. Every packet in the buffer is preceded by a sf_pkthdr structure. The timestamps of the packets are ignored, i.e. the packets are sent as fast as possible. The NPF_BufferedWrite() function is invoked to send the packets.
|#define BIOCSENDPACKETSSYNC 9033|
IOCTL code: Send a buffer containing multiple packets to the network, considering the timestamps.
Command used to send a buffer of packets in a single system call. Every packet in the buffer is preceded by a sf_pkthdr structure. The timestamps of the packets are used to synchronize the write, i.e. the packets are sent to the network respecting the intervals specified in the sf_pkthdr structure assiciated with each packet. NPF_BufferedWrite() function is invoked to send the packets.
|#define BIOCSETBUFFERSIZE 9592|
IOCTL code: set kernel buffer size.
This IOCTL is used to set a new size of the circular buffer associated with an instance of NPF. When a BIOCSETBUFFERSIZE command is received, the driver frees the old buffer, allocates the new one and resets all the parameters associated with the buffer in the OPEN_INSTANCE structure. The currently buffered packets are lost.
|#define BIOCSETDUMPFILENAME 9029|
IOCTL code: set the name of a the file used by kernel dump mode.
This command opens a file whose name is contained in the IOCTL buffer and associates it with current NPf instance. The dump thread uses it to copy the content of the circular buffer to file. If a file was already opened, the driver closes it before opening the new one.
|#define BIOCSETDUMPLIMITS 9034|
|#define BIOCSETEVENTHANDLE 7920|
This IOCTL passes the read event HANDLE allocated by the user (packet.dll) to kernel level.
Parameter: HANDLE Parameter size: sizeof(HANDLE). If the caller is 32 bit, the parameter size is 4 bytes, even if sizeof(HANDLE) at kernel level is 8 bytes. That's why in this IOCTL code handler we detect a 32bit calling process and do the necessary thunking.
TODO GV:I will go to hell for this ugly IOCTL definition. We should use CTL_CODE!!
|#define BIOCSETF 9030|
IOCTL code: set packet filtering program.
This IOCTL sets a new packet filter in the driver. Before allocating any memory for the new filter, the bpf_validate() function is called to check the correctness of the filter. If this function returns TRUE, the filter is copied to the driver's memory, its address is stored in the bpfprogram field of the OPEN_INSTANCE structure associated with current instance of the driver, and the filter will be applied to every incoming packet. This command also empties the circular buffer used by current instance to store packets. This is done to avoid the presence in the buffer of packets that do not match the filter.
|#define BIOCSETOID 0x80000000|
|#define BIOCSMINTOCOPY 7414|
|#define BIOCSMODE 7412|
IOCTL code: set working mode.
This IOCTL can be used to set the working mode of a NPF instance. The new mode, received by the driver in the buffer associated with the IOCTL command, can be MODE_CAPT for capture mode (the default), MODE_STAT for statistical mode or MODE_DUMP for dump mode.
|#define BIOCSRTIMEOUT 7416|
|#define BIOCSWRITEREP 7413|
IOCTL code: set number of physical repetions of every packet written by the app.
Sets the number of times a single write call must be repeated. This command sets the OPEN_INSTANCE::Nwrites member, and is used to implement the 'multiple write' feature of the driver.
documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2009 CACE Technologies. All rights reserved.