----- Original Message ----- From: "noil sg" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, April 25, 2002 9:51 AM Subject: Re: [WinPcap-users] trace windump via vc++6.0 (sp3)
> Well, i am able to trace into packet.dll now. is this > really a kernel model driver?? packet.dll is a user level dll, not a kernel one. The real kernel driver is npf.sys (system32/drivers/npf.sys). If you want to debug it, you need: -the DDK (driver development kit) to compile a debug version of the driver (you cannot compile a driver with only VC6). It is freely available at MS website. -a kernel debugger, like softIce, or the MS debugger. You can debug on a single machine (like Loris and me do), or with two machines, connected via serial link (which we never used). Remember, however, that is much more complicated to debug a driver, than a dll: you cannot perform a step-by-step into the code. GV > Thanks, > --- noil sg <[EMAIL PROTECTED]> wrote: > > Thanks, Loris! > > I did what you suggested. Everything works fine. > > Another question, though, is how do we trace these > > PacketXXX APIs in the packet.dll? I guess this is > > the > > kernel level dll. Do we have to use windbg and 2 > > machines for this purpose? And roughly how? Could > > you > > advise? > > Thank you and best regards, > > ~~henry > > > > --- Loris Degioanni <[EMAIL PROTECTED]> > > wrote: > > > Try to: > > > - put the debug version of wpcap.dll in the same > > > folder of windump > > > - set wpcap as the active configuration before > > > starting to debug > > > > > > Loris > > > > > > ----- Original Message ----- > > > From: "noil sg" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Sent: Wednesday, April 24, 2002 12:47 AM > > > Subject: [WinPcap-users] trace windump via vc++6.0 > > > (sp3) > > > > > > > > > > Hello, > > > > I just compiled windump in vc++ 60(sp3). > > > everything > > > > seems ok except i could not trace into wpcap.lib > > > calls > > > > even though i compiled these two in debug mode. > > > And I > > > > made sure windump project was referencing the > > > right > > > > wpcap.lib > > > > > > > > Also, when windump is running, i tried to use > > > break in > > > > the vc debug to view the call stack. i could not > > > see > > > > the main function. > > > > > > > > what's going on here? what I did wrong? > > > > > > > > Thanks in advance, > > > > ~~Henry > > > > > > > > > > > > > > __________________________________________________ > > > > Do You Yahoo!? > > > > Yahoo! Games - play chess, backgammon, pool and > > > more > > > > http://games.yahoo.com/ > > > > > > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! Games - play chess, backgammon, pool and more > > http://games.yahoo.com/ > > > __________________________________________________ > Do You Yahoo!? > Yahoo! Games - play chess, backgammon, pool and more > http://games.yahoo.com/ >
