[Winpcap-users] Winpcap in Intanium machine

Gianluca Varenni gianluca.varenni at cacetech.com
Wed Oct 7 07:35:36 PDT 2009


Prefast
=======

you can simply build the driver without prefast.
When you build with prefast, the command line is something like
prefast build <parameters>

without prefast it's something like
build <parameters>

Compiled driver
===============
You cannot just copy the driver in system32\drivers, you need to register it 
with the service control manager. This is usually done by the installer.
An easier way to test if the driver loads into memory is to run "net start 
npf" from the command line.

Simple app for testing
======================
Just use any of the samples that come with the the wpdpack, e.g. iflist


In general developing and debugging drivers is much more complex than user 
level code. And in case of IA64, you will definitely need two machines 
connected thru serial/firewire for remote debugging of the driver.

Hope it helps
GV


----- Original Message ----- 
From: "Renato Araújo Ferreira" <marina.peixe at terra.com.br>
To: <winpcap-users at winpcap.org>
Sent: Wednesday, October 07, 2009 1:29 AM
Subject: Re: [Winpcap-users] Winpcap in Intanium machine


Hello, all!! *again* =P

When I try to build with the IA64 build environment, the problem is that
prefast is not in path in version 6 and 7 of WDK. As the build tools appear
to be the same between build environments, I tried to set the path to
prefast from x86/x64 without any source modification for a first try and the
compilation was sucessful. With wrong version_info and other things that I
will need to set, but very OK for a first try (hard to believe). Is there
any known problem to use the same prefast with ia54 build environment? I
didn't find yet any explanation about why it's not in their path.

I copied the file to system32/drivers just to test this first try and copied
the wireshark dir with wpcap.dll and packet.dll inside their directory.
These DLLs cames from the system32 of the vista workstation that I was
using. Wireshark runs ok, but does not appear any capture interface at list.
I don't know if it is a driver problem or what. I sincerely expected to
happen a "fatal error" or any other visible error. After i saw that i did
not a good job in this step due to differences between vista and 2000/XP
version of winpcap DLLs, but again without a visible error at runtime.

Is there a most simple way to test if the driver worked without expect that
a large application like wireshark works too? Wireshark still open even when
winpcap is not present. I didnt try yet the checked build environment, I
will try to find more information about how it could help since visual
studio does not work in ia64.

Thanks,

Renato A. Ferreira

----- Original Message ----- 
From: "Gianluca Varenni" <gianluca.varenni at cacetech.com>
To: <winpcap-users at winpcap.org>
Sent: Thursday, October 01, 2009 12:24 PM
Subject: Re: [Winpcap-users] Winpcap in Intanium machine



----- Original Message ----- 
From: "Renato Araújo Ferreira" <marina.peixe at terra.com.br>
To: <winpcap-users at winpcap.org>
Sent: Thursday, October 01, 2009 8:08 AM
Subject: Re: [Winpcap-users] Winpcap in Intanium machine


OMG, GV! I'm loosing your messages at antispam filter!

If I understood, you are saying that I will need to compile only the driver
(npf.sys)? The DLLs should work with WOW64?

--GV--
They *should* work. I never ever used an Itanium machine, so I cannot say
for sure. The only drawback is that it will be much slower (as far as know
WOW64 on Itanium is extremely slow, due to the Itanium architecture itself).
--GV--

It will run on 2003. I already compiled the driver before in my machine
(comented in another message) using winddk 7600.16385.0. I didn't test it
running yet, but the return was:

============================================================
Compiling - driver\generating code...
Linking Executable - driver\bin\2k\i386\npf.sys
BUILD: Finish time: Thu Oct 01 10:58:55 2009
BUILD: Done

    17 files compiled - 2 Warnings - 1,179 LPS
    1 executable built
-----------------------------------------------------------------------------
Removing duplicate defects from the log...
-----------------------------------------------------------------------------
PREfast reported 33 defects during execution of the command.
-----------------------------------------------------------------------------
Enter PREFAST LIST to list the defect log as text within the console.
Enter PREFAST VIEW to display the defect log user interface.
============================================================

What is theese 33 defects of PREfast? A problem?

--GV--
Please ignore them, at the moment the driver is nor Prefast clean. In any
case, the driver that you compiled is not for IA64, it's for x86.

Have a nice day
GV



Thanks,

Renato A. Ferreira


----- Original Message ----- 
From: "Gianluca Varenni" <gianluca.varenni at cacetech.com>
To: <winpcap-users at winpcap.org>
Sent: Wednesday, September 30, 2009 6:03 PM
Subject: Re: [Winpcap-users] Winpcap in Intanium machine


Porting to itanium is not exactly trivial.

Driver: you must use the WDK to compile the driver, and you will need to
follow the directions at

http://www.winpcap.org/docs/docs_41b5/html/group__compilation.html

*and* modify the "CompileDriver.bat" script. You might need to make some
mods here and there. There are a number of #ifdef's for x64 (_AMD64_) that
should be modified for IA64 too. Finally, if you run on
Vista/2008/Win7/2008R2 IA64, I'm pretty sure the driver should be signed in
order to even load.

User level components: in this case you should be able to use WOW64 and use
the standard 32bit DLLs that are already shipped.

GV


----- Original Message ----- 
From: "Renato Araújo Ferreira" <marina.peixe at terra.com.br>
To: <winpcap-users at winpcap.org>
Sent: Wednesday, September 30, 2009 1:23 PM
Subject: Re: [Winpcap-users] Winpcap in Intanium machine


But if I'm not getting success on compiling of winpcap in my machine, will
be futile to search a itanium one. I tried to use the PRJ dir with visual
studio, but didn't work. I saw the makefile that appears to use gcc, but i
don't know where to start. There's a lots of .bat files.

The only option that I found that appears to be ready to capture under
itanium is the Network Monitor 3.3 from Microsoft with their API. But I'm
not sure to consider this option.

----- Original Message ----- 
From: "Guy Harris" <guy at alum.mit.edu>
To: <winpcap-users at winpcap.org>
Sent: Wednesday, September 30, 2009 4:03 PM
Subject: Re: [Winpcap-users] Winpcap in Intanium machine



On Sep 30, 2009, at 11:56 AM, Renato Araújo Ferreira wrote:

> I will try to borrow a itanium machine to see if the application
> will work properly. So can I just try to recompile winpcap from it's
> source using a cross-compiler or native one? Will it require a large
> number of source changes to get the basic packet capture operations
> working?

My *guess* would be that it doesn't, as I think current versions of
WinPcap support x86-64, so the code is at least 64-bit clean.  I think
it has a compiler that translates the BPF filter program to machine
code; that compiler supports 32-bit x86 (and there's an x86-64 version
originally done for FreeBSD, which WinPcap might have picked up), but
there isn't one for Itanium, so, if there's no #ifdef, you might have
to disable that.  (BPF still works, it just runs interpretively.)

> Isn't WOW64 an option?

No, because WinPcap includes kernel-mode code (because it requires it,
in order to tap into the networking stack).
_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users

_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users

_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users

_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users

_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users

_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users 



More information about the Winpcap-users mailing list