0

How do I disable receiving loopback packets in protocol driver? The scenario is, my protocol driver is receiving packets from one adapter and sending it over to another. (like eth0 -> eth1).

Interested only in IPv4,

#define NPROT_ETH_TYPE               0x0008 //IPv4

The filter is defined as,

#define NPROTO_PACKET_FILTER  ( NDIS_PACKET_TYPE_NO_LOCAL|    \
                                NDIS_PACKET_TYPE_DIRECTED/*|    \
                                NDIS_PACKET_TYPE_MULTICAST|   \
                                NDIS_PACKET_TYPE_BROADCAST*/)

The receiving side is checking for loopback packets as shown below,

    // Leave the packet if loopback flag is set.
    if( NdisTestNblFlag( pNetBufList, NDIS_NBL_FLAGS_IS_LOOPBACK_PACKET ))
    {
        //
        // Ndisprot is not interested in this NetBufferList, return the
        // NetBufferList back to the miniport if the miniport gave us
        // ownership of it.
        //
        break;
    }

and when I send packets down the road, the SendFlags is set to zero to avoid loopback as per MSDN. 

NdisSendNetBufferLists(        
                pOpenContext->BindingHandle,
                pNetBufferList,
                NDIS_DEFAULT_PORT_NUMBER,
                0);

Even after raising all these hurdles, my prottest is receiving loopback packets, as it is evident from wireshark.

Any idea?

Using NDIS6.0, ndisprot60, Dev: Win7, Test VM: Win2008 R2

Jimson James
  • 2,937
  • 6
  • 43
  • 78

1 Answers1

0

If you're setting NDIS_PACKET_TYPE_NO_LOCAL and sending the NBLs without the NDIS_SEND_FLAGS_CHECK_FOR_LOOPBACK flag, then NDIS won't deliver loopback packets to you.

Wireshark isn't showing you what your protocol receives. Each protocol can receive a custom set of traffic. So Wireshark is only showing you what Wireshark receives :)

Jeffrey Tippet
  • 3,146
  • 1
  • 14
  • 15
  • also, could you explain what happens if I read from one NIC and write to another without modifying the destination MAC, it creates a loop right? – Jimson James May 04 '13 at 14:58
  • Yes, it generally would, if the two NICs are on the same subnet. – Jeffrey Tippet May 23 '13 at 07:09
  • hmmmm, may be I'm not seeing things correctly. :) Even though the two NICs are on different subnet (actually NIC one in 192.168.x.x and another in 10.10.x.x), when I read from NIC1 and write to NIC2, I'm picking up loopback. But when I modified the destination MAC to that of NIC2, the problem solved! Any idea? – Jimson James May 24 '13 at 07:08
  • I meant "subnet" in the layer-2 sense; any two nodes behind the same router. – Jeffrey Tippet May 24 '13 at 17:47