Questoin to the nowere.. Project is dead. Pay your attention at http://www.rawether.net/ Bye.
2013/1/18 Patrick Malka <[email protected]> > *Hello, I have some generic IP related questions that I thought some of > the people on this list might be able to answer since this product is very > similar in functionality to what we are doing.* > * > > In Windows, we are using the fwps* family of driver functions to filter IP > packets. The filter mechanism is not important, but rather what happens > during the callback functions for packets that match the filter. > > In these callbacks, we wish to alter the data, and have the reverse > operation performed on the receiving end. Our goal is to perform encryption > and tamper detection. > > Encryption is fairly easy to do as it does not alter the size of the (IP) > packet, but tamper detection is proving to be harder due to the need to > send extra data in addition to the payload in order to be able to detect > tampering. > > In this light, my questions are: > > - If I reinject (FwpsInjectNetwork*Async0) an IP packet that is larger > than the ethernet MTU, what will happen? Will it be rejected or fragmented? > Does the answer depend on the specific environment? > - If I fragment an IP packet explicitly before reinjecting it, will > the fragments then be filtered again? > - If I want to send a packet larger than the ethernet MTU, must I > fragment it myself or will Windows do it for me after reinjection. > - If I fragment an IP packet during a send, will my receiving IP > filter see the fragment packets or the assembled packet? Where does > reassembly occur, before or after the various Windows driver filters. > - Is there a way to safely process a maximum size IP packet (one that > will just fit into an ethernet frame) such that tamper detection can be > performed on the receiving end without having to expand and fragment the > packet? > - If I take an IP packet and add an IP option to the header, does that > count as increasing the packet size? (I think the answer is yes, I just > thought I would get confirmation). > > > Thanks for any help anyone can provide. > * > _______________________________________________ > Winpcap-users mailing list > [email protected] > https://www.winpcap.org/mailman/listinfo/winpcap-users > >
_______________________________________________ Winpcap-users mailing list [email protected] https://www.winpcap.org/mailman/listinfo/winpcap-users
