Thanks for the great help. To use just one machine for the debugging, what kind of tools you are using? Softice? I understand to use windbg, u have to connect two machines via serial link. Thanks again, henry --- Gianluca Varenni <[EMAIL PROTECTED]> wrote: > ----- Original Message ----- > From: "noil sg" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, April 25, 2002 9:51 AM > Subject: Re: [WinPcap-users] trace windump via > vc++6.0 (sp3) > > > > Well, i am able to trace into packet.dll now. is > this > > really a kernel model driver?? > > packet.dll is a user level dll, not a kernel one. > The real > kernel driver is npf.sys (system32/drivers/npf.sys). > > If you want to debug it, you need: > -the DDK (driver development kit) to compile a debug > version of the driver > (you cannot compile a driver with only VC6). It is > freely available at MS > website. > -a kernel debugger, like softIce, or the MS > debugger. You can debug on a > single machine (like Loris and me do), or with two > machines, connected via > serial link (which we never used). > > Remember, however, that is much more complicated to > debug a driver, than a > dll: you cannot perform a step-by-step into the > code. > > GV > > > Thanks, > > --- noil sg <[EMAIL PROTECTED]> wrote: > > > Thanks, Loris! > > > I did what you suggested. Everything works fine. > > > Another question, though, is how do we trace > these > > > PacketXXX APIs in the packet.dll? I guess this > is > > > the > > > kernel level dll. Do we have to use windbg and 2 > > > machines for this purpose? And roughly how? > Could > > > you > > > advise? > > > Thank you and best regards, > > > ~~henry > > > > > > --- Loris Degioanni > <[EMAIL PROTECTED]> > > > wrote: > > > > Try to: > > > > - put the debug version of wpcap.dll in the > same > > > > folder of windump > > > > - set wpcap as the active configuration before > > > > starting to debug > > > > > > > > Loris > > > > > > > > ----- Original Message ----- > > > > From: "noil sg" <[EMAIL PROTECTED]> > > > > To: <[EMAIL PROTECTED]> > > > > Sent: Wednesday, April 24, 2002 12:47 AM > > > > Subject: [WinPcap-users] trace windump via > vc++6.0 > > > > (sp3) > > > > > > > > > > > > > Hello, > > > > > I just compiled windump in vc++ 60(sp3). > > > > everything > > > > > seems ok except i could not trace into > wpcap.lib > > > > calls > > > > > even though i compiled these two in debug > mode. > > > > And I > > > > > made sure windump project was referencing > the > > > > right > > > > > wpcap.lib > > > > > > > > > > Also, when windump is running, i tried to > use > > > > break in > > > > > the vc debug to view the call stack. i could > not > > > > see > > > > > the main function. > > > > > > > > > > what's going on here? what I did wrong? > > > > > > > > > > Thanks in advance, > > > > > ~~Henry > > > > > > > > > > > > > > > > > > > __________________________________________________ > > > > > Do You Yahoo!? > > > > > Yahoo! Games - play chess, backgammon, pool > and > > > > more > > > > > http://games.yahoo.com/ > > > > > > > > > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Yahoo! Games - play chess, backgammon, pool and > more > > > http://games.yahoo.com/ > > > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! Games - play chess, backgammon, pool and > more > > http://games.yahoo.com/ > > > >
__________________________________________________ Do You Yahoo!? Yahoo! Games - play chess, backgammon, pool and more http://games.yahoo.com/
