Closed alexfevery closed 1 year ago
I only officially support the C/C++ interface, so cannot give advice on specific language wrappers. But internally, the WinDivert is a low-level API that operates on arrays of bytes.
Do I also need the WinDivertAddress struct?
Yes, this struct holds all "meta" information about the packet/event and is also necessary for injection. For injecting a "new" packet (rather than a modified packet), it is necessary to "construct" an address structure. This can be a nuisance, but the internal Windows APIs require this information. For valid interface index numbers, these can be found using the Windows IP helper API.
I want to send a WinDivertBuffer over TCP to be able to recreate and inject packets on another device. To do this I need to convert the Packet buffer struct into a Byte[] and read it out into a WinDivertBuffer struct on the other side. Will something like this work reliably?
Do I also need the WinDivertAddress struct? Actually I am not really clear on what the address struct does. The manual seems to indicate you created it just to store information about a capture event. But WinDivertHelperCalcChecksums and WinDivertSend both take the WinDivertAddress as a parameter which seems to indicate that it has something critical to the packet itself. If so how can I get the WinDivertAddress as a Byte[] (and back) too?
Also is there no discord server for WinDivert? Would be really helpful.
thanks