[Winpcap-users] Network crash when sending a certain amount of
packets with pcap_sendpacket
RJ
RJdaMasterOfDesaster at t-online.de
Wed May 17 13:28:09 GMT 2006
Hello erverybody,
today I got myself back to examine a strange problem in WinPcap. It started
a year or so ago when I wrote some programs which sent some network traffic
with WinPcap / Packet.dll. It worked fine with WinPCap 3.0 and 3.1 under
Win2k SP4 on an old AMD Duron machine with an realtek adapter.
In between, I got myself a centrino notebook with WinXP Pro SP1, and it
didn't work. The use of my programs on the laptop even caused a crash of the
network system of WinXP, that is windows could not send or receive any
packets any more and had to be rebooted to fix.
I could not see the problem with my laptop and programs and thought it
refused to work because I used the Packet.dll interface and not pcap. But
then my desktop machine went to computer heaven because of an processor
fault, and I had to focus on the laptop.
Since in that time I was not motivated to rewrite my programs to test, I
left it aside.
But now I am motivated, and started to test for the possible errors. I found
some very strange things:
I used the sendpack example from the wpdpack and modified it to be able to
send a couple of packets to the net. I compiled it with Visual Studio, and
for test purposes with lcc too. The thing I got is the following:
When starting the laptop and sending less than 15 packets over the ethernet
adapter, all kept alright. The packets could also be seen with windump, all
sent correctly.
But if I try to send more packets, so that the total amount of packets sent
by sendpack since starting the system reaches 15, the network system crashes
in the above described manner. Deactivation of the npf driver after that
changed nothing.
This was with WinPcap 4.0 alpha, with 3.1 and 3.2 beta it were less packets
(6 - 10), but the same effect. The problem also persists on WinXP SP2.
Because of this, I think there is some fault in the npf driver or windows
xp, since it worked under Win2K.
Any suggestions?
Thanks for your efforts
Roger John
PS: Following is the code of the modified sendpack program. Some code is
from WpdPack, some from me, just to mention it.
-------------------code sendpack.c start-------------------
#include <stdlib.h>
#include <stdio.h>
#include <pcap.h>
int npacks = 1,if_num = 1,timeout = 1000;
int list_devs(void) {
pcap_if_t *alldevs;
pcap_if_t *d;
char errbuf[PCAP_ERRBUF_SIZE+1];
int n = 0;
printf("This is a test file for libpcap, version
%s\r\n",pcap_lib_version);
printf("Listing devices...\r\n");
/* Retrieve the device list */
if(pcap_findalldevs(&alldevs, errbuf) == -1)
{
fprintf(stderr,"Error while listing devices:
pcap_findalldevs: %s\r\n", errbuf);
return(-1);
}
/* Scan the list printing every entry */
for(d=alldevs;d;d=d->next)
{
n++;
printf("%d. ",n);
if(d->name) {
printf("%s: ",d->name);
if(d->description)
printf("%s\r\n",d->description);
else
printf("<no description available>\r\n");
} else
printf("<no name available>\r\n");
}
/* Free the device list */
pcap_freealldevs(alldevs);
return(n);
}
pcap_t *open_dev_by_number(unsigned int num,int snap_len,int promisc,int
to_ms) {
pcap_t *fp;
pcap_if_t *alldevs;
pcap_if_t *d;
char errbuf[PCAP_ERRBUF_SIZE+1];
int n = num;
fp = NULL;
if(!num)
return(fp);
/* Retrieve the device list */
if(pcap_findalldevs(&alldevs, errbuf) == -1)
{
fprintf(stderr,"Error while opening device:
pcap_findalldevs: %s\r\n", errbuf);
return(fp);
}
/* Scan the list for the entry */
d=alldevs;
while(d&&(--n)) d = d->next;
if(d) {
/* Open the adapter */
if (!(fp =
pcap_open_live(d->name,snap_len,promisc,to_ms,errbuf)))
fprintf(stderr,"Error while opening device %u:
\r\n",num,errbuf);
} else {
fprintf(stderr,"Error while opening device %u: device not
found\r\n",num);
}
/* Free the device list */
pcap_freealldevs(alldevs);
return(fp);
}
void Usage(void)
{
fprintf(stderr,"sendpack: testing the sending capabilities of
WinPcap\r\n");
fprintf(stderr,"usage: send_pack [-l] [-n<n_packs>] [-i<if_num>]
[-t<timeout>] \r\n");
fprintf(stderr," -n : number of packets to send\r\n");
fprintf(stderr," -i : select interface to use (default is
first found)\r\n");
fprintf(stderr," -l : list available interfaces and
exit\r\n");
fprintf(stderr," -t : specify the timeout value in
milliseconds, default is 1000\r\n");
}
int handle_options(int argc,char **argv)
{
int i,firstnonoption=0;
for (i=1; i< argc;i++) {
if (argv[i][0] == '-') {
switch (argv[i][1]) {
case '?': Usage();
exit(0);
case 'i': if_num = atoi(argv[i]+2);
break;
case 'l': list_devs();
exit(0);
case 'n': npacks = atoi(argv[i]+2);
break;
case 't': timeout = atoi(argv[i]+2);
break;
case 'h':
case 'H': if
(!stricmp(argv[i]+1,"help")) {
Usage();
exit(0);
}
default:
fprintf(stderr,"unknown option
\"%s\"\n",argv[i]);
break;
}
}
else {
firstnonoption = i;
break;
}
}
return(firstnonoption);
}
int main(int argc, char **argv)
{
pcap_t *adap;
u_char packet[100];
int i;
i = handle_options(argc,argv);
/* If no arguments we call the Usage routine and exit */
/* if (argc <= 1)
{
Usage();
return(1);
}
*/
/* Open adapter */
if(!(adap = open_dev_by_number(if_num,65536,1,timeout))) {
printf("Now exiting...\r\n");
return(2);
}
/* Supposing to be on ethernet, set mac destination to 1:1:1:1:1:1
*/
packet[0]=1;
packet[1]=1;
packet[2]=1;
packet[3]=1;
packet[4]=1;
packet[5]=1;
/* set mac source to 2:2:2:2:2:2 */
packet[6]=2;
packet[7]=2;
packet[8]=2;
packet[9]=2;
packet[10]=2;
packet[11]=2;
/* Fill the rest of the packet */
for(i=12;i<100;i++)
{
packet[i]=i%256;
}
/* Send down the packet */
for(i=1;i<=npacks;i++)
if (pcap_sendpacket(adap, // Adapter
packet, // buffer with the
packet
100 // size
) != 0)
{
fprintf(stderr,"\nError sending packet %d:
\n",i,pcap_geterr(adap));
return(3);
}
pcap_close(adap);
return(0);
}
-------------------code sendpack.c end-------------------
More information about the Winpcap-users
mailing list