本文首先发表于:http://bbs.driverdevelop.com/htm_data/10/0703/100349.html
有关费尔防火墙一书TDI代码“网上邻居”不能访问功能的修复
参照了开源代码,现修正如下:
/*if (Irp->CurrentLocation == 1)
{
ULONG ReturnedInformation = 0;
DBGPRINT(("PacketDispatch encountered bogus current location/n"));
RC = STATUS_INVALID_DEVICE_REQUEST;
Irp->IoStatus.Status = RC;
Irp->IoStatus.Information = ReturnedInformation;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return( RC );
}*/
修正如下:
sequenceNumber = 0;
seq = InterlockedIncrement(&sequenceNumber);
if (Irp->CurrentLocation < DeviceObject->StackSize)
{
return PassThroughWithNewIrp(DeviceObject, Irp, seq);
}
else
{
NextIrpStack = IoGetNextIrpStackLocation(Irp);
*NextIrpStack = *IrpStack;
IoSetCompletionRoutine(Irp,PacketCompletion,NULL,TRUE,TRUE,TRUE);
return IoCallDriver(pTDIH_DeviceExtension->LowerDeviceObject,Irp);
}
上面用到的子函数体内容如下:
NTSTATUS NetPassOnNormally (PDEVICE_OBJECT HookDevice, IN PIRP Irp)
{
PTDIH_DeviceExtension hookExt = HookDevice->DeviceExtension;
// Back the stack up one
IoSkipCurrentIrpStackLocation(Irp);
// Call the next lower driver
return IoCallDriver(hookExt->LowerDeviceObject, Irp);
}
NTSTATUS NetOtherIRPCompletionRoutine (PDEVICE_OBJECT DeviceObject,
PIRP Irp, PVOID Context)
{
PIRP origIrp = (PIRP) Context;
ULONG seq;
KIRQL oldirql;
PCHAR eventBuffer;
// Extract the sequence number from the original IRP's UserEvent field,
// then restore that field's proper value from the new IRP's field
seq = (ULONG) origIrp->UserEvent;
origIrp->UserEvent = Irp->UserEvent;
// Copy important possibly returned fields in this IRP to the original IRP
origIrp->IoStatus = Irp->IoStatus;
origIrp->PendingReturned = Irp->PendingReturned;
origIrp->MdlAddress = Irp->MdlAddress;
// If this IRP was pending, mark the new and original IRP's pending
if (Irp->PendingReturned) {
IoMarkIrpPending(Irp);
IoMarkIrpPending(origIrp);
}
// Free the IRP we created
IoFreeIrp(Irp);
// Complete the original IRP
IoCompleteRequest(origIrp, IO_NO_INCREMENT);
// Return STATUS_MORE_PROCESSING_REQUIRED to indicate that we're going
// to take control of our IRP and finish handling it. Actually, we've
// already handled it by freeing it. If we didn't take control of it,
// the I/O Manager might try to process our IRP further, which would
// we bad since it's been freed.
return STATUS_MORE_PROCESSING_REQUIRED;
}
NTSTATUS PassThroughWithNewIrp(PDEVICE_OBJECT HookDevice, IN PIRP Irp, ULONG seq)
{
PTDIH_DeviceExtension hookExt = HookDevice->DeviceExtension;
PIRP newIrp;
PIO_STACK_LOCATION currentIrpStackLocation;
PIO_STACK_LOCATION newIrpFirstStackLocation;
// Allocate a new IRP with stack size sufficient for the next lower device
newIrp = IoAllocateIrp(hookExt->LowerDeviceObject->StackSize, FALSE);
DbgPrint("FilterTdiDriver.sys, lower stack, %d, current stack, %d",
hookExt->LowerDeviceObject->StackSize, hookExt->TargetDeviceObject->StackSize);
if (newIrp == NULL){
return NetPassOnNormally(HookDevice, Irp);
}
// Fill in important fields of new IRP with those of original IRP
newIrp->MdlAddress = Irp->MdlAddress;
newIrp->Flags = Irp->Flags;
newIrp->AssociatedIrp = Irp->AssociatedIrp;
newIrp->RequestorMode = Irp->RequestorMode;
newIrp->UserIosb = Irp->UserIosb;
newIrp->UserEvent = Irp->UserEvent;
newIrp->Overlay = Irp->Overlay;
newIrp->UserBuffer = Irp->UserBuffer;
newIrp->Tail.Overlay.AuxiliaryBuffer = Irp->Tail.Overlay.AuxiliaryBuffer;
newIrp->Tail.Overlay.OriginalFileObject = Irp->Tail.Overlay.OriginalFileObject;
newIrp->Tail.Overlay.Thread = Irp->Tail.Overlay.Thread;
// Copy current stack location to the first stack location in the new IRP
currentIrpStackLocation = IoGetCurrentIrpStackLocation(Irp);
newIrpFirstStackLocation = IoGetNextIrpStackLocation(newIrp);
*newIrpFirstStackLocation = *currentIrpStackLocation;
// Set the completion routine to VTrcNetOtherIRPCompletionRoutine, with
// the original IRP as context. Save the sequence number in the UserEvent
// field so that it can be used in the completion routine. (The completion
// routine will restore the original UserEvent field from the new IRP.)
Irp->UserEvent = (PKEVENT) seq;
IoSetCompletionRoutine(newIrp, NetOtherIRPCompletionRoutine, (PVOID) Irp, TRUE, TRUE, TRUE);
// Send the new IRP to the lower-level device
return IoCallDriver(hookExt->LowerDeviceObject, newIrp);
}
分享到:
相关推荐
费尔防火墙源代码
费尔防火墙源代码.费尔个人防火墙 2.1 源程序 值得大家下载研究一下啊
这是XFilter(费尔)防火墙源代码,对于想要学习防火墙编写方法、Win API、Win SPI编写方法的同志们是个好参考。
费尔防火墙2.1版源代码,个人学习VC防火墙好的不能再好的教程了
费尔防火墙 1.0源码
Xfilter 个人防火墙 1.0 源代码说明 -------------------------------------------------------- 开发环境: Windows 2000 开发工具: VC++6.0 主工作区文件: Xfilter.dsw ------------------------------------...
费尔个人防火墙2.0由四大模块组成。界面模块XFILTER.EXE、应用层包过滤模块XFILTER.DLL,核心层包过滤 XPACKET.VXD For 95/98/ME 和 XPACKET.SYS For 2000。这些模块之间存在着紧密的联系,总体模块结构如下图: 图...
费尔个人防火墙 1.0源码 VC++编译运行 可执行基本 基于包过滤防火墙的功能~ 初学者的 非常好的研究资料
费尔防火墙源代码,Windows下一个非常好用的防火墙。
费尔个人防火墙2.1源程序 费尔个人防火墙2.1源程序 费尔个人防火墙2.1源程序 费尔个人防火墙2.1源程序 加 开发文档 ,值得借鉴, 绝对好东西
费尔防火墙源码,分享,学习还不错。 也可安装使用,想做防火墙的可以分享!