Storing packets as a Byte[]

[alexfevery]

I want to send a WinDivertBuffer over TCP to be able to recreate and inject packets on another device. To do this I need to convert the Packet buffer struct into a Byte[] and read it out into a WinDivertBuffer struct on the other side. Will something like this work reliably?

public static Byte[] GetPacketBuffer(WinDivertBuffer PacketBuffer)
        {
            Byte[] ReturnData = new Byte[PacketBuffer.Length];
            for(int i = 0; i < PacketBuffer.Length; i++)
            {
                ReturnData[i] = PacketBuffer[i];
            }
            return ReturnData;
        }

Do I also need the WinDivertAddress struct? Actually I am not really clear on what the address struct does. The manual seems to indicate you created it just to store information about a capture event. But WinDivertHelperCalcChecksums and WinDivertSend both take the WinDivertAddress as a parameter which seems to indicate that it has something critical to the packet itself. If so how can I get the WinDivertAddress as a Byte[] (and back) too?

Also is there no discord server for WinDivert? Would be really helpful.

thanks

[basil00]

I only officially support the C/C++ interface, so cannot give advice on specific language wrappers. But internally, the WinDivert is a low-level API that operates on arrays of bytes.

Do I also need the WinDivertAddress struct?

Yes, this struct holds all "meta" information about the packet/event and is also necessary for injection. For injecting a "new" packet (rather than a modified packet), it is necessary to "construct" an address structure. This can be a nuisance, but the internal Windows APIs require this information. For valid interface index numbers, these can be found using the Windows IP helper API.