search

basil00 / WinDivert

WinDivert: Windows Packet Divert
https://reqrypt.org/windivert.html
Other
2.56k stars 512 forks source link

WinDivertRecvEx packet delimeter #282

Closed kayoub5 closed 3 years ago

kayoub5 commented 3 years ago

I am trying to use the WinDivertRecvEx API in batch mode, and it states that

The received packets are packed contiguously (i.e., no gaps) into the pPacket buffer

That sound good, question is how do I tell where does each packet end/start in the pPacket ?

basil00 commented 3 years ago

Basically, you parse the first packet to get the first packet's length, which gives you the offset to the second packet. Then you parse the second packet to get the second packet's length, and so forth.

You can also use WinDivertHelperParsePacket to automate this process. Specifically, you can iterate over all of the packets in the buffer using the following loop:

while (WinDivertHelperParsePacket(pPacket, packetLen, ..., &pPacket, &packetLen))
{
    ...
}