How do I disable receiving loopback packets in protocol driver?
The scenario is, my protocol driver is receiving packets from one adapter and sending it over to another. (like eth0 -> eth1).
Interested only in IPv4,
#define NPROT_ETH_TYPE 0x0008 //IPv4
The filter is defined as,
#define NPROTO_PACKET_FILTER ( NDIS_PACKET_TYPE_NO_LOCAL| \
NDIS_PACKET_TYPE_DIRECTED/*| \
NDIS_PACKET_TYPE_MULTICAST| \
NDIS_PACKET_TYPE_BROADCAST*/)
The receiving side is checking for loopback packets as shown below,
// Leave the packet if loopback flag is set.
if( NdisTestNblFlag( pNetBufList, NDIS_NBL_FLAGS_IS_LOOPBACK_PACKET ))
{
//
// Ndisprot is not interested in this NetBufferList, return the
// NetBufferList back to the miniport if the miniport gave us
// ownership of it.
//
break;
}
and when I send packets down the road, the SendFlags is set to zero to avoid loopback as per MSDN.
NdisSendNetBufferLists(
pOpenContext->BindingHandle,
pNetBufferList,
NDIS_DEFAULT_PORT_NUMBER,
0);
Even after raising all these hurdles, my prottest is receiving loopback packets, as it is evident from wireshark.
Any idea?
Using NDIS6.0, ndisprot60, Dev: Win7, Test VM: Win2008 R2
If you're setting NDIS_PACKET_TYPE_NO_LOCAL and sending the NBLs without the NDIS_SEND_FLAGS_CHECK_FOR_LOOPBACK flag, then NDIS won't deliver loopback packets to you.
Wireshark isn't showing you what your protocol receives. Each protocol can receive a custom set of traffic. So Wireshark is only showing you what Wireshark receives :)