1 /* capture_wpcap_packet.c
2 * WinPcap-specific interfaces for low-level information (packet.dll).
3 * We load WinPcap at run
4 * time, so that we only need one Wireshark binary and one TShark binary
5 * for Windows, regardless of whether WinPcap is installed or not.
9 * Wireshark - Network traffic analyzer
10 * By Gerald Combs <gerald@wireshark.org>
11 * Copyright 2001 Gerald Combs
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
32 #if defined HAVE_LIBPCAP && defined _WIN32
40 /* XXX - yes, I know, I should move cppmagic.h to a generic location. */
41 #include "tools/lemon/cppmagic.h"
43 #include <epan/value_string.h>
47 /* packet32.h requires sockaddr_storage
48 * wether sockaddr_storage is defined or not depends on the Platform SDK
49 * version installed. The only one not defining it is the SDK that comes
50 * with MSVC 6.0 (WINVER 0x0400).
52 * copied from RFC2553 (and slightly modified because of datatypes) ...
53 * XXX - defined more than once, move this to a header file */
54 #if (WINVER <= 0x0400) && defined(_MSC_VER)
55 typedef unsigned short eth_sa_family_t;
58 * Desired design of maximum size and alignment
60 #define ETH_SS_MAXSIZE 128 /* Implementation specific max size */
61 #define ETH_SS_ALIGNSIZE (sizeof (gint64 /*int64_t*/))
62 /* Implementation specific desired alignment */
64 * Definitions used for sockaddr_storage structure paddings design.
66 #define ETH_SS_PAD1SIZE (ETH_SS_ALIGNSIZE - sizeof (eth_sa_family_t))
67 #define ETH_SS_PAD2SIZE (ETH_SS_MAXSIZE - (sizeof (eth_sa_family_t) + \
68 ETH_SS_PAD1SIZE + ETH_SS_ALIGNSIZE))
70 struct sockaddr_storage {
71 eth_sa_family_t __ss_family; /* address family */
72 /* Following fields are implementation specific */
73 char __ss_pad1[ETH_SS_PAD1SIZE];
74 /* 6 byte pad, this is to make implementation */
75 /* specific pad up to alignment field that */
76 /* follows explicit in the data structure */
77 gint64 /*int64_t*/ __ss_align; /* field to force desired structure */
78 /* storage alignment */
79 char __ss_pad2[ETH_SS_PAD2SIZE];
80 /* 112 byte pad to achieve desired size, */
81 /* _SS_MAXSIZE value minus size of ss_family */
82 /* __ss_pad1, __ss_align fields is 112 */
84 /* ... copied from RFC2553 */
93 #include "capture_wpcap_packet.h"
95 gboolean has_wpacket = FALSE;
98 /* This module will use the PacketRequest function in packet.dll (coming with WinPcap) to "directly" access
99 * the Win32 NDIS network driver(s) and ask for various values (status, statistics, ...).
101 * Unfortunately, the definitions required for this are not available through the usual windows header files,
102 * but require the Windows "Device Driver Kit" which is not available for free :-(
104 * Fortunately, the definitions needed to access the various NDIS values are available from various OSS projects:
105 * - WinPcap in Ntddndis.h
106 * - Ndiswrapper in driver/ndis.h and driver/iw_ndis.h
107 * - cygwin (MingW?) in usr/include/w32api/ddk/ndis.h and ntddndis.h
108 * - FreeBSD (netperf)
111 /* The MSDN description of the NDIS driver API is available at:
112 /* MSDN Home > MSDN Library > Win32 and COM Development > Driver Development Kit > Network Devices and Protocols > Reference */
114 /* http://msdn.microsoft.com/library/default.asp?url=/library/en-us/network/hh/network/21oidovw_d55042e5-0b8a-4439-8ef2-be7331e98464.xml.asp */
116 /* Some more interesting links:
117 * http://sourceforge.net/projects/ndiswrapper/
118 * http://www.osronline.com/lists_archive/windbg/thread521.html
119 * http://cvs.sourceforge.net/viewcvs.py/mingw/w32api/include/ddk/ndis.h?view=markup
120 * http://cvs.sourceforge.net/viewcvs.py/mingw/w32api/include/ddk/ntddndis.h?view=markup
125 /******************************************************************************************************************************/
126 /* stuff to load WinPcap's packet.dll and the functions required from it */
128 static PCHAR (*p_PacketGetVersion) (void);
129 static LPADAPTER (*p_PacketOpenAdapter) (char *adaptername);
130 static void (*p_PacketCloseAdapter) (LPADAPTER);
131 static int (*p_PacketRequest) (LPADAPTER, int, void *);
139 #define SYM(x, y) { STRINGIFY(x) , (gpointer) &CONCAT(p_,x), y }
142 wpcap_packet_load(void)
145 /* These are the symbols I need or want from packet.dll */
146 static const symbol_table_t symbols[] = {
147 SYM(PacketGetVersion, FALSE),
148 SYM(PacketOpenAdapter, FALSE),
149 SYM(PacketCloseAdapter, FALSE),
150 SYM(PacketRequest, FALSE),
151 { NULL, NULL, FALSE }
154 GModule *wh; /* wpcap handle */
155 const symbol_table_t *sym;
157 wh = g_module_open("packet", 0);
165 if (!g_module_symbol(wh, sym->name, sym->ptr)) {
168 * We don't care if it's missing; we just
174 * We require this symbol.
187 /******************************************************************************************************************************/
188 /* functions to access the NDIS driver values */
191 /* get dll version */
193 wpcap_packet_get_version(void)
198 return p_PacketGetVersion();
202 /* open the interface */
204 wpcap_packet_open(char *if_name)
208 g_assert(has_wpacket);
209 adapter = p_PacketOpenAdapter(if_name);
215 /* close the interface */
217 wpcap_packet_close(void *adapter)
220 g_assert(has_wpacket);
221 p_PacketCloseAdapter(adapter);
225 /* do a packet request call */
227 wpcap_packet_request(void *adapter, ULONG Oid, int set, char *value, unsigned int *length)
230 ULONG IoCtlBufferLength=(sizeof(PACKET_OID_DATA) + (*length) - 1);
231 PPACKET_OID_DATA OidData;
234 g_assert(has_wpacket);
236 if(p_PacketRequest == NULL) {
237 g_warning("packet_request not available\n");
241 /* get a buffer suitable for PacketRequest() */
242 OidData=GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,IoCtlBufferLength);
243 if (OidData == NULL) {
244 g_warning("GlobalAllocPtr failed for %u\n", IoCtlBufferLength);
249 OidData->Length = *length;
250 memcpy(OidData->Data, value, *length);
252 Status = p_PacketRequest(adapter, set, OidData);
255 if(OidData->Length <= *length) {
256 /* copy value from driver */
257 memcpy(value, OidData->Data, OidData->Length);
258 *length = OidData->Length;
260 /* the driver returned a value that is longer than expected (and longer than the given buffer) */
261 g_warning("returned oid too long, Oid: 0x%x OidLen:%u MaxLen:%u", Oid, OidData->Length, *length);
266 GlobalFreePtr (OidData);
276 /* get an UINT value using the packet request call */
278 wpcap_packet_request_uint(void *adapter, ULONG Oid, UINT *value)
281 int length = sizeof(UINT);
284 Status = wpcap_packet_request(adapter, Oid, FALSE /* !set */, (char *) value, &length);
285 if(Status && length == sizeof(UINT)) {
293 /* get an ULONG value using the NDIS packet request call */
295 wpcap_packet_request_ulong(void *adapter, ULONG Oid, ULONG *value)
298 int length = sizeof(ULONG);
301 Status = wpcap_packet_request(adapter, Oid, FALSE /* !set */, (char *) value, &length);
302 if(Status && length == sizeof(ULONG)) {
310 #else /* HAVE_LIBPCAP && _WIN32 */
313 wpcap_packet_load(void)
318 #endif /* HAVE_LIBPCAP */