网络安全>黑客病毒安全防范安全产品教程恶意软件|产品中心群乐下载Vista频道体验最新杀毒软件IBM RBDE概览
您现在的位置: 天极网 > 软件频道 > 网络安全频道 > 安防产品 > 微软Windows软件防火墙实现技术简述
-->
全文

微软Windows软件防火墙实现技术简述

2007-07-21 00:00作者:佚名出处:论坛整理责任编辑:原野
  得到这个ndis protocol的链表后,遍历表中的每一个ndis protocol,对于每一个ndis protocol,又各有一个链表,用来描述和该ndis protocol有联系的所有ndis miniport和该ndis protocol绑定的状态。每个这种状态块,叫做一个ndis open block。每个绑定的send(packets)handler和receive(packet)handler都在这个ndis open block里面。

struct _NDIS_OPEN_BLOCK
{
#ifdef __cplusplus
  NDIS_COMMON_OPEN_BLOCK NdisCommonOpenBlock;
#else
  NDIS_COMMON_OPEN_BLOCK;
#endif

#if defined(NDIS_WRAPPER)
  
  //
  // The stuff below is for CO drivers/protocols. This part is not allocated for CL drivers.
  //
  struct _NDIS_OPEN_CO
  {
  ....
  };
#endif
};

typedef struct _NDIS_COMMON_OPEN_BLOCK
{
  PVOID            MacHandle;     // needed for backward compatibility
  NDIS_HANDLE         BindingHandle;   // Miniport's open context
  PNDIS_MINIPORT_BLOCK    MiniportHandle;   // pointer to the miniport
  PNDIS_PROTOCOL_BLOCK    ProtocolHandle;   // pointer to our protocol
  NDIS_HANDLE         ProtocolBindingContext;// context when calling ProtXX funcs
  PNDIS_OPEN_BLOCK      MiniportNextOpen;  // used by adapter's OpenQueue
  PNDIS_OPEN_BLOCK      ProtocolNextOpen;  // used by protocol's OpenQueue
  NDIS_HANDLE         MiniportAdapterContext; // context for miniport
  BOOLEAN           Reserved1;
  BOOLEAN           Reserved2;
  BOOLEAN           Reserved3;
  BOOLEAN           Reserved4;
  PNDIS_STRING        BindDeviceName;
  KSPIN_LOCK         Reserved5;
  PNDIS_STRING        RootDeviceName;

  //
  // These are referenced by the macros used by protocols to call.
  // All of the ones referenced by the macros are internal NDIS handlers for the miniports
  //
  union
  {
    SEND_HANDLER      SendHandler;
    WAN_SEND_HANDLER    WanSendHandler;
  };
  TRANSFER_DATA_HANDLER    TransferDataHandler;

  //
  // These are referenced internally by NDIS
  //
  SEND_COMPLETE_HANDLER    SendCompleteHandler;
  TRANSFER_DATA_COMPLETE_HANDLER TransferDataCompleteHandler;
  RECEIVE_HANDLER       ReceiveHandler;
  RECEIVE_COMPLETE_HANDLER  ReceiveCompleteHandler;
  WAN_RECEIVE_HANDLER     WanReceiveHandler;
  REQUEST_COMPLETE_HANDLER  RequestCompleteHandler;

  //
  // NDIS 4.0 extensions
  //
  RECEIVE_PACKET_HANDLER   ReceivePacketHandler;
  SEND_PACKETS_HANDLER    SendPacketsHandler;

  //
  // More Cached Handlers
  //
  RESET_HANDLER        ResetHandler;
  REQUEST_HANDLER       RequestHandler;
  RESET_COMPLETE_HANDLER   ResetCompleteHandler;
  STATUS_HANDLER       StatusHandler;
  STATUS_COMPLETE_HANDLER   StatusCompleteHandler;
  
#if defined(NDIS_WRAPPER)
  ....
#endif

} NDIS_COMMON_OPEN_BLOCK;

  需要处理的,是ndis open block里面的SendHandler,ReceiveHandler,WanReceiveHandler,ReceivePacketHandler和SendPacketsHandler。

  一定要注意的是,不同于很多文章中的描述,主要处理SendHandler和ReceiveHandler,正确的应该是主要处理ReceivePacketHandler和SendPacketsHandler,现在的主流网卡和系统驱动,都是使用后面两者。
相关搜索:
热门关注
特别推荐
网友关注
软件下载
娱乐下载
驱动下载
文章排行
本周
本月
最近更新
热点推荐
关于我们|网站律师|天极服务|投稿指南|电子杂志|RSS订阅|加入我们|网站地图
TMG
Copyright (C) 1999-2008 Chinabyte.com, All Rights Reserved 版权所有 天极网络
商务联系、网站内容、合作建议:010-82657868
版权声明 在线提交意见反馈 Powered by 天极内容管理平台CMS4i
经营性网站备案信息 网警备案 中国网站排名
天极传媒:天极网|比特网|IT专家网|IT商网|52PK游戏网|IT分众-网站地图