WinPcap: NPF 函数
优质
小牛编辑
126浏览
2023-12-01
函数 | |
| NTSTATUS | DriverEntry (IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath) |
| The initialization routine of the driver. | |
| PWCHAR | getAdaptersList (VOID) |
| Returns the list of the MACs available on the system. | |
| PKEY_VALUE_PARTIAL_INFORMATION | getTcpBindings (VOID) |
| Returns the MACs that bind to TCP/IP. | |
| BOOLEAN | createDevice (IN OUT PDRIVER_OBJECT adriverObjectP, IN PUNICODE_STRING amacNameP, NDIS_HANDLE aProtoHandle) |
| Creates a device for a given MAC. | |
| NTSTATUS | NPF_Open (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Opens a new instance of the driver. | |
| VOID | NPF_OpenAdapterComplete (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_STATUS Status, IN NDIS_STATUS OpenErrorStatus) |
| Ends the opening of an adapter. | |
| NTSTATUS | NPF_Cleanup (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Closes an instance of the driver. | |
| NTSTATUS | NPF_Close (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| VOID | NPF_CloseAdapterComplete (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_STATUS Status) |
| Ends the closing of an adapter. | |
| NDIS_STATUS | NPF_tap (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_HANDLE MacReceiveContext, IN PVOID HeaderBuffer, IN UINT HeaderBufferSize, IN PVOID LookAheadBuffer, IN UINT LookaheadBufferSize, IN UINT PacketSize) |
| Callback invoked by NDIS when a packet arrives from the network. | |
| VOID | NPF_TransferDataComplete (IN NDIS_HANDLE ProtocolBindingContext, IN PNDIS_PACKET Packet, IN NDIS_STATUS Status, IN UINT BytesTransferred) |
| Ends the transfer of a packet. | |
| VOID | NPF_ReceiveComplete (IN NDIS_HANDLE ProtocolBindingContext) |
| Callback function that signals the end of a packet reception. | |
| NTSTATUS | NPF_IoControl (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Handles the IOCTL calls. | |
| VOID | NPF_RequestComplete (IN NDIS_HANDLE ProtocolBindingContext, IN PNDIS_REQUEST pRequest, IN NDIS_STATUS Status) |
| Ends an OID request. | |
| NTSTATUS | NPF_Write (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Writes a raw packet to the network. | |
| INT | NPF_BufferedWrite (IN PIRP Irp, IN PCHAR UserBuff, IN ULONG UserBuffSize, BOOLEAN sync) |
| Writes a buffer of raw packets to the network. | |
| VOID | NPF_WaitEndOfBufferedWrite (POPEN_INSTANCE Open) |
| Waits the completion of all the sends performed by NPF_BufferedWrite. | |
| VOID | NPF_SendComplete (IN NDIS_HANDLE ProtocolBindingContext, IN PNDIS_PACKET pPacket, IN NDIS_STATUS Status) |
| Ends a send operation. | |
| VOID | NPF_ResetComplete (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_STATUS Status) |
| Ends a reset of the adapter. | |
| VOID | NPF_Status (IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_STATUS Status, IN PVOID StatusBuffer, IN UINT StatusBufferSize) |
| Callback for NDIS StatusHandler. Not used by NPF. | |
| VOID | NPF_StatusComplete (IN NDIS_HANDLE ProtocolBindingContext) |
| Callback for NDIS StatusCompleteHandler. Not used by NPF. | |
| VOID | NPF_Unload (IN PDRIVER_OBJECT DriverObject) |
| Function called by the OS when NPF is unloaded. | |
| NTSTATUS | NPF_Read (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) |
| Function that serves the user's reads. | |
| NTSTATUS | NPF_ReadRegistry (IN PWSTR *MacDriverName, IN PWSTR *PacketDriverName, IN PUNICODE_STRING RegistryPath) |
| Reads the registry keys associated woth NPF if the driver is manually installed via the control panel. | |
| NTSTATUS | NPF_QueryRegistryRoutine (IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext) |
| Function used by NPF_ReadRegistry() to quesry the registry keys associated woth NPF if the driver is manually installed via the control panel. | |
| VOID | NPF_BindAdapter (OUT PNDIS_STATUS Status, IN NDIS_HANDLE BindContext, IN PNDIS_STRING DeviceName, IN PVOID SystemSpecific1, IN PVOID SystemSpecific2) |
| Callback for NDIS BindAdapterHandler. Not used by NPF. | |
| VOID | NPF_UnbindAdapter (OUT PNDIS_STATUS Status, IN NDIS_HANDLE ProtocolBindingContext, IN NDIS_HANDLE UnbindContext) |
| Callback for NDIS UnbindAdapterHandler. | |
| NTSTATUS | NPF_OpenDumpFile (POPEN_INSTANCE Open, PUNICODE_STRING fileName, BOOLEAN append) |
| Creates the file that will receive the packets when the driver is in dump mode. | |
| NTSTATUS | NPF_StartDump (POPEN_INSTANCE Open) |
| Starts dump to file. | |
| VOID | NPF_DumpThread (PVOID Open) |
| The dump thread. | |
| NTSTATUS | NPF_SaveCurrentBuffer (POPEN_INSTANCE Open) |
| Saves the content of the packet buffer to the file associated with current instance. | |
| VOID | NPF_WriteDumpFile (PFILE_OBJECT FileObject, PLARGE_INTEGER Offset, ULONG Length, PMDL Mdl, PIO_STATUS_BLOCK IoStatusBlock) |
| Writes a block of packets on the dump file. | |
| NTSTATUS | NPF_CloseDumpFile (POPEN_INSTANCE Open) |
| Closes the dump file associated with an instance of the driver. | |
| VOID | NPF_CloseOpenInstance (POPEN_INSTANCE pOpen) |
| BOOLEAN | NPF_StartUsingBinding (IN POPEN_INSTANCE pOpen) |
| VOID | NPF_StopUsingBinding (IN POPEN_INSTANCE pOpen) |
| VOID | NPF_CloseBinding (IN POPEN_INSTANCE pOpen) |
| NTSTATUS | NPF_GetDeviceMTU (IN POPEN_INSTANCE pOpen, IN PIRP pIrp, OUT PUINT pMtu) |
| UINT | GetBuffOccupation (POPEN_INSTANCE Open) |
| Returns the amount of bytes present in the packet buffer. | |
| JIT_BPF_Filter * | BPF_jitter (struct bpf_insn *fp, INT nins) |
| BPF jitter, builds an x86 function from a BPF program. | |
| BPF_filter_function | BPFtoX86 (struct bpf_insn *ins, UINT nins, INT *mem) |
| Translates a set of BPF instructions in a set of x86 ones. | |
| void | BPF_Destroy_JIT_Filter (JIT_BPF_Filter *Filter) |
| Deletes a filtering function that was previously created by BPF_jitter(). | |