TechnikEmpire / DivertPInvoke

PInvoke wrapper for WinDivert
GNU Lesser General Public License v3.0
25 stars 12 forks source link
packet-analyser packet-analyzer packet-capture packet-parsing packet-processing packet-sniffer packets pinvoke-wrapper windivert

DivertPInvoke

PInvoke wrapper for WinDivert.

Notice

You may be interested in the fully-managed wrapper for WinDivert I've written, called WinDivertSharp. It will be actively maintained, and this repository almost surely will not be.

Be mindful of the fact that the source file(s) in this repo are LGPLv3. Make sure you comply with this license (which is the same license as WinDivert).

This class will append two directories to the env vars of the executing application. It will append EXE\x86 and EXE\x64. This way, you can drop the WinDivert native executables in arch-specific directories next to your deployed application and keep using AnyCPU, and thanks to this little trick, the .NET assembly resolver will load the proper WinDivert native libraries.

Note that network to host and host to network order conversion is provided transparently by the structures defined here. In WinDivert, this is not the case obviously, but because we have the syntactic sugar to do this, it's done in this wrapper. For example, you can simply read or write the DstPort of a TCP packet to 80 like x.DstPort = 80 or x.DstPort == 80, and all necessary order swapping is done under the hood.