本文介绍了NDIS版本和Windows版本之间的兼容性问题的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

大家。我正在对WinPcap进行一些修改,一个数据包捕获库。我的老板希望我把NDIS版本的WinPcap从NDIS 4转移到NDIS 6.兼容性要求是Windows XP / Vista / 7/8(32位和64位)。我发现NDIS的最新版本是6.3,但是恐怕NDIS 6.3不再支持XP了,这是真的吗?我在WinPcap网站上发现,目前WinPcap 4.1.3已经支持Windows XP / 2003 / Vista / 2008 / Win7 / 2008R2 / Win8(x86和x64)。这样对吗?我应该更新哪个版本的NDIS以保持最宽的兼容性?

everyone. I am doing some modifications to the WinPcap, a packet capturing library. My boss want me to transfer the NDIS version of WinPcap from NDIS 4 to NDIS 6. And the compatibility requirement is Windows XP/Vista/7/8 (32bit and 64bit). I found that the latest version of NDIS is 6.3, but I'm afraid that NDIS 6.3 does not support XP any more, is this true? Also I found in WinPcap website that the current WinPcap 4.1.3 has already supported Windows XP/2003/Vista/2008/Win7/2008R2/Win8 (x86 and x64). Is it right? Which version of NDIS should I update to keep the widest compatibility?

推荐答案

如果你的意思是使用NDIS 6.3的驱动程序在Windows上工作XP,答案是不,一直是否;它不是任何更多的情况。

If you mean "will a driver that uses NDIS 6.3 work on Windows XP", the answer is "no", and has always been "no"; it's not a case of "any more".

给定版本的Windows支持给定版本的NDIS(而不是相反)。 NT 5.x,即Windows 2000,Windows XP及其服务器等同物,支持NDIS 5; NDIS 6驱动程序(甚至NDIS 6.0)将无法在这些版本的Windows上运行。 NDIS 6驱动程序需要NT 6.x,即Windows Vista及更高版本。

A given version of Windows supports a given version of NDIS (not the other way around). "NT 5.x", i.e. Windows 2000, Windows XP, and their server equivalents, support NDIS 5; an NDIS 6 driver (even NDIS 6.0) won't work on those versions of Windows. An NDIS 6 driver requires "NT 6.x", i.e. Windows Vista and later.

如果您查看,你会注意到它有一个部分for从Windows Vista开始的网络驱动程序和Windows Vista之前的网络驱动程序一节;第一部分用于NDIS 6,第二部分用于NDIS 5.(NDIS 4,我想,被认为太旧了,不再需要记录);我不知道NDIS 4和NDIS 5之间的区别是什么,或者是否WinPcap仍然支持NDIS 4)

If you look at Microsoft's MSDN documentation on network drivers, you'll notice that it has a section for "Network Drivers Starting with Windows Vista" and a section for "Network Drivers Prior to Windows Vista"; the first section is for NDIS 6 and the second section is for NDIS 5. (NDIS 4 is, I guess, considered too old to bother documenting any more; I don't know what the differences between NDIS 4 and NDIS 5 were, or whether WinPcap still supports NDIS 4.)

如果您想在WinPcap中支持NDIS 6(例如,支持Wi-Fi设备上的监视模式) :

Your options, if you want to support NDIS 6 in WinPcap (for example, to support monitor mode on Wi-Fi devices) are:


  • 制作不支持Windows 2000或Windows XP或其服务器版本的WinPcap版本,并且仅支持NDIS 6;

  • 为NT 5(W2K / WXP及其服务器版本)和NT 6(Vista,7,8及其他版本)制作WinPcap驱动程序和packet.dll库的单独版本服务器版本),给两个版本的packet.dll相同的API(与NT 5版本,例如,返回失败指示尝试将接口放入监视模式),并有wpcap.dll(ie, WinPcap的libpcap部分)使用该API,并让安装程序弄清楚哪一个安装(这意味着你必须重新安装WinPcap获得NDIS 6功能,如果你升级一个NT 5系统到NT 6

请注意,顺便说一下,如果您的目标是支持NDIS设备上的监视模式,您将非常强烈 建议实施已存在的API libpcap用于监视模式,即打开设备的 pcap_create() / pcap_activate() $ c> pcap_set_rfmon()用于请求监视模式的API以及用于检查监视模式是否可以打开的 pcap_can_set_rfmon() API是什么程序,如tcpdump和Wireshark期望。

Note, by the way, that, if your goal is to support monitor mode on NDIS devices, you are VERY STRONGLY advised to implement the APIs that already exist in libpcap for monitor mode, i.e. the pcap_create()/pcap_activate() APIs for opening a device, the pcap_set_rfmon() API for requesting monitor mode, and the pcap_can_set_rfmon() API for checking whether monitor mode can be turned on, as those APIs are what programs such as tcpdump and Wireshark expect.

注意, pcap_create() / pcap_activate() API目前不处理远程数据包捕获,因此您必须清除该功能或等待我(或某人)将这些功能添加到这些API。

Note also that the pcap_create()/pcap_activate() APIs do not currently handle remote packet capture, so you'll either have to get rid of that capability or wait for me (or somebody) to add those capabilities to those APIs.

请注意,虽然NDIS 6具有支持监视模式的API,但并非所有Wi-Fi设备都具有NDIS 6驱动程序,有NDIS 6驱动程序的NDIS 6驱动程序支持本机Wi-Fi(因此没有支持监视器模式的NDIS 6驱动程序),甚至那些 NDIS 6驱动程序支持本机802.11必须有NDIS 6驱动程序没有使Native 802.11内容正常工作的错误。

Note also that it has been reported that, whilst NDIS 6 has APIs to support monitor mode, not all Wi-Fi devices have NDIS 6 drivers, not all those that do have NDIS 6 drivers have NDIS 6 drivers that support Native Wi-Fi (and thus do not have NDIS 6 drivers that support monitor mode), and even those that do have NDIS 6 drivers that support Native 802.11 don't necessarily have NDIS 6 drivers free of bugs that make the Native 802.11 stuff work well.

此外,还要注意,无线电信息 Native监视器模式下的802.11驱动程序不同于pcap和pcap-ng支持的所有现有的无线电信息标题,您需要请求一个新的 LINKTYPE _ / DLT _ 该值为radio information头从[email protected]。 Wireshark已经有了一个解析器,因为它可以从Microsoft网络监视器读取802.11捕获; tcpdump将需要一个。

And, in addition, note also that the "radio information" header supplied by Native 802.11 drivers in monitor mode is different from all of the existing "radio information" headers supported by pcap and pcap-ng, and you'll need to request a new LINKTYPE_/DLT_ value for that "radio information" header from [email protected]. Wireshark already has a dissector for it, as it can read 802.11 captures from Microsoft Network Monitor; tcpdump will need one.

(如果你这样做是出于其他原因,如添加对PPP设备的支持或修复代码以获得供应商的设备描述,这可能还需要使NDIS 6驱动程序是一个轻量级的过滤驱动程序或者这样的东西,而不是传输驱动程序。)

(If you're doing this for some other reason, such as adding support for PPP devices or fixing the code to get the vendor's device description, that might also require making the NDIS 6 driver a lightweight filter driver or something such as that rather than a transport driver.)

这篇关于NDIS版本和Windows版本之间的兼容性问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

05-16 18:55