How can I output traffic information (IP, port, etc.) to a log file using Windows Filtering Platform and Windows Driver Development Kit?

Question

I am working on a driver using WDK that will monitor network traffic and output it to a log file.

I am currently trying to modify the inspect example given in the WinDDK directory.

It seems that I can't call printf, fprintf, etc. because of a linker error:

unresolved external symbol __imp_printf ...

Is there another way to output traffic information to a log file? Am I not linking some library somewhere properly?

Thank you

score 1 · Answer 1 · answered Mar 31 '12 at 22:02

Well you are writing KernelMode drivers so you have to call DbgPrint which is equivalent to printf in c.

printf(format, params) -> DbgPrint(format, params)

You will have to use either WinDbg or DbgView tool to view the debug messages.

To dump to a file you should first open the file with CreateFile function. Once the handle is open and valid, you can write to it using WriteFile function.

How can I output traffic information (IP, port, etc.) to a log file using Windows Filtering Platform and Windows Driver Development Kit?

1 Answers1