Hai, all I modified the passthru driver (NDIS Intermediate Driver) from the example in WinDDK. I success to direct intercept and dump all the network traffic packets (hexadecimal format) into c:\xxxx.dat format. My question is:
1. is it possible direct dump from NDIS intermediate driver into pcap format? for example, c:\xxx.pcap without sending all the traffic to ring3 for process 2. if yes, any code / docsi can refer? Thanks, from ictsecurity0
_______________________________________________ Winpcap-users mailing list [email protected] https://www.winpcap.org/mailman/listinfo/winpcap-users
