Wireshark-users: Re: [Wireshark-users] API and virtual network interface

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Gianluca Varenni" <gianluca.varenni@xxxxxxxxxxxx>
Date: Thu, 14 Sep 2006 11:45:37 -0700
----- Original Message ----- From: "Ulf Lamping" <ulf.lamping@xxxxxx> 
To: "Community support list for Wireshark" <wireshark-users@xxxxxxxxxxxxx>
Sent: Thursday, September 14, 2006 1:30 AM
Subject: Re: [Wireshark-users] API and virtual network interface



Steffen R�ttig wrote:

do you know something about writing a virtual network card?
regards, steff


Well, not really.

Basically you'll need a kernel mode device driver that will fake the
system to be a network card.

On Windows you'll probably need the Windows NT-DDK (device driver kit)
which isn't freely available.
You do need the DDK, and it's actually freely downloadable from the Microsoft website. The latest one (Win2003SP1) is available as part of the KMDF 

http://www.microsoft.com/whdc/driver/wdf/KMDF_pkg.mspx
You can find a sample of a virtual NDIS miniport driver (i.e. a virtual network card driver) in the samples, it's called netvmini. 



I've never done this myself (except for a DOS device driver for my own
diploma several years ago) so I won't be much help here.
In general, writing a kernel mode device driver isn't usually an easy task.
I can confirm this. Or better, let's say that it's definitely not as developing a user mode application...
If you plan to go in this direction, I can give you some pointers for more help/documentation. 

Have a nice day
GV



Regards, ULFL
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users