Although the current suite of Microsoft DDK NDIS IM driver
samples are extremely useful, they are "passive PassThru" drivers.
They perform only the absolute minimum of processing and inspection of data
being sent or received. For example, when processing a received packet they
simply "re-wrap" the received packet and pass the re-wrapped packet up
to higher-level protocols. Similarly, NDIS requests and other operations are
just passed on with a minimum of processing.
The Microsoft passive
PassThru NDIS IM samples do not provide answers to these interesting questions:
- How do I inspect or "filter" data passing
through the driver?
- How do I make copies of data being sent or received?
- How do I inject my own data into the send/receive
paths?
- How can I distinguish between my own data and passthru
data in completion functions such as ProtocolSendComplete and ReturnPacketHandler.
Note: For example, you wouldn't want to call a
higher-level protocol's ProtocolSendComplete handler
for a packet that it did not actually send.
- How do I actually handle packets in my
ProtocolReceiveHandler?
NOTE: This is actually very messy, and is required and
exercised even on Windows 2000.
- How do I filter calls to QueryInformationHandler
or SetInformationHandler?
- How can I implement a practical Win32 API for
communication with my driver?
The PCAUSA Active PassThru
sample attempts to answer these
questions.
