On Jun 3, 2014, at 12:48 AM, Rahul Rohit <[email protected]> wrote:
> Can you please describe in detail as to which file is to be modified
No, but I can suggest that, of the source files in the packetNtx/driver
directory of the WinPcap source, Openclos.c, Packet.c, Read.c, and Write.c may
have to be modified, and some others might have to be modified as well. You
might have to change some of the user-mode library code in packetNtx/Dll, and
maybe even the packet-win32.c code in wpcap/libpcap.
> and what exactly to be done ?
Convert the code from a transport driver:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff565685(v=vs.85).aspx
to a lightweight filter driver:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff571103(v=vs.85).aspx
You will first have to learn about NDIS and writing kernel-mode code for
Windows if you want to do this. (No, I can't teach you how to do that.)
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
