Stack Overflow
Stack Overflow

Questions tagged [ndis]

NDIS is a programming framework for low-level network drivers on Microsoft Windows

Network Driver Interface Specification (NDIS) is a driver development framework on Microsoft Windows. NDIS supports several types of drivers:

  • Network Interface Card (NIC) drivers
  • Layer 2 filter drivers
  • Layer 3 protocol drivers (like IPv6)
  • NIC aggregation drivers (like LBFO, or virtual switches)

Learn more about NDIS on MSDN.

228 questions
14
votes
3 answers

How to get hardware MAC address on Windows

I'm playing around with retrieving the MAC address from the NIC - there are a variety of ways to get it, this article covers the most common: http://www.codeguru.com/Cpp/I-N/network/networkinformation/article.php/c5451 I'm currently using the…
Mark
  • 582
  • 3
  • 5
  • 20
6
votes
3 answers

DummyNet error NDIS drivers install on Windows 7 x64

I've download the current version of DummyNet and according to readme I'm following these steps: Windows: INSTALL THE NDIS DRIVER open the configuration panel for the network card in use (right click on the icon on the SYSTRAY, or go to …
Baduel
  • 531
  • 3
  • 12
  • 30
5
votes
0 answers

Listing active NDIS filters

I am performing a multilayer packet capture on Windows using the built-in NDIS capture service in order to determine where in the stack packets for my application are being dropped. When viewing the resulting ETL file in Microsoft Message Analyzer,…
random7983405
  • 87
  • 1
  • 3
  • 11
5
votes
1 answer

Detecting 'Network Cable Unplugged' in the Compact Framework

I've been through all of the Stack Overflow answers search comes up with, and neither Google or Bing are showing me any love. I need to know when a network cable has been connected or disconnected on a Windows CE device, preferrably, from a Compact…
ctacke
  • 66,480
  • 18
  • 94
  • 155
4
votes
1 answer

NDIS filter driver' FilterReceiveNetBufferLists handler isn't called

I am developing an NDIS filter driver, and I fount its FilterReceiveNetBufferLists is never called (the network is blocked) under certain condition (like open Wireshark or click the "Interface List" button of it). But When I start the capturing, the…
hsluoyz
  • 2,739
  • 5
  • 35
  • 59
4
votes
1 answer

Can a NDIS protocol driver (npf.sys of WinPcap) be ported to LWF or WFP?

everyone. I am doing some improvements for WinPcap. Now I have ported the npf.sys driver from NDIS5.0 to NDIS6.0. Is there still improvement space for this driver, like porting it to LWF (Light-Weight Filter) or WFP (Windows Filter Platform)? We…
hsluoyz
  • 2,739
  • 5
  • 35
  • 59
3
votes
1 answer

NDIS Intermediate driver interface to C#

I'm developing what is essentially a specialized firewall application. The solution needs to be 32 and 64-bit compatible. My company wants to keep the current program interface, which is written in C#. What I need is this: a way to monitor and…
Andrew Ensley
  • 11,611
  • 16
  • 61
  • 73
3
votes
1 answer

.INF files and NCF_HAS_UI: how to write .dll for displaying advanced properties tab of network driver?

I have a NDIS driver, which gets listed both in connection properties's installed items list and in device manager; the question is, how do I write an extension which will be used for managing driver's properties, and how to install it? Of course, a…
kagali-san
  • 2,964
  • 7
  • 48
  • 87
3
votes
1 answer

How can I send arbitrary packets with a NDIS filter driver?

I am currently trying to send my own packets with a NDIS filter driver from the windows driver samples. I think that I have to send the packets with the function FilterSendNetBufferLists. But I don't know how to create those packets and whether I…
Gigliotti
  • 73
  • 6
3
votes
1 answer

NDIS Protocol Driver on Windows IoT Core

I'm trying to write a Cisco CDP protocol driver for Windows IoT core running on Raspberry Pi. This will allow me to register the installed location of the device with an upstream server. To do this, I attempted to use the sample NDISPROT example as…
Darren Starr
  • 77
  • 2
3
votes
1 answer

Get NDIS Version(s)?

I know that I could use Windows PowerShell Get-netadapter|select Name, ndisversion to pipe the results out to a text file, and parse the data from there, but that's sort of hacky. I was wondering if there's a way to get the same info using…
J. Scott Elblein
  • 4,013
  • 15
  • 58
  • 94
3
votes
0 answers

Why does my NDIS LWF cause loss of WiFi connectivity for 90-100 seconds?

I have a NDIS light-weight filter (LWF) driver to capture all network traffic. It's open-sourced here. The installer is provided here. The issue is that I found my filter will cause all Wi-Fi adapters can't receive any packets. I have received many…
hsluoyz
  • 2,739
  • 5
  • 35
  • 59
3
votes
1 answer

Custom event messages with NDIS driver

I'm trying to define a few custom Event Viewer events. I've been following the instructions in MSDN and few other online sources, yet the event viewer can't find the associated text data. This is what I've done: Created an input file for the…
SomeWittyUsername
  • 18,025
  • 3
  • 42
  • 85
3
votes
1 answer

Winsock Kernel's "WskSendTo" function causes "DRIVER_IRQL_NOT_LESS_OR_EQUAL" BSOD on Win7 SP1

I'm developing a Windows packet capture software called Npcap. And it needs to send loopback raw IP sockets based on Windows Kernel. But the WskSocket->Dispatch->WskSendTo always causes DRIVER_IRQL_NOT_LESS_OR_EQUAL BSOD on Win7 SP1. The strange…
hsluoyz
  • 2,739
  • 5
  • 35
  • 59
3
votes
2 answers

What impact does a discardable section have in a kernel driver if it is marked RWX?

I'm intrigued by the DISCARDABLE flag in the section flags in PE files, specifically in the context of Windows drivers (in this case NDIS). I noticed that the INIT section was marked as RWX in a driver I'm reviewing, which seems odd - good security…
Polynomial
  • 27,674
  • 12
  • 80
  • 107
1
2 3
15 16