Часть 1
Часть 2
Часть 3
Часть 4
В этой части даются определения структур _NDIS_FILTER_DRIVER_BLOCK, описывающих фильтры ndis 6.x (доступны начиная с висты) и как их получить
Должен заметить что тема весьма мутная и в интернете представлена крайне слабо - например я нашел только одну более-менее подробную статью, да и та на китайском
Список фильтров теоретически можно посмотреть в в плагине windbg ndiskd с помощью команды filters, но именно что теоретически - на всех моих машинах эта команда умеет отдавать только адрес первого Filter Driver Block (он хранится в переменной _ndisFilterDriverList)
Достать _ndisFilterDriverList и его лок _ndisFilterDriverListLock можно с помощью ранее неоднократно описанной техники дизассемблирования экспортируемых функций. В данном случае прекрасными кандидатами для дизассемблирования могут быть признаны NdisFRegisterFilterDriver и/или NdisFDeregisterFilterDriver
Итерация по списку _NDIS_FILTER_DRIVER_BLOCK осуществляется по полю NextFilterDriver
Но вот достать список _NDIS_FILTER_BLOCK у меня не получилось - он хранится в переменной _ndisGlobalFilterList под локом _ndisGlobalFilterListLock и используется в следующих функциях (взято из ndis от 32битной висты sp2):
- ndisAttachFilterToMiniport
- ndisReferenceFilterByHandle
- ndisDereferenceFilter
- ndisFilterAttachCleanUp
ни одна из которых не является экспортируемой. Может быть применение сигнатурного поиска будет более удачным решением.
Итерация по списку _NDIS_FILTER_BLOCK осуществляется по полю NextFilter
Опыты показали что на свежеустановленной windows 7 уже присутствуют два фильтра:
- ServiceName: Psched
QoS Packet Scheduler - \SystemRoot\system32\DRIVERS\pacer.sys - ServiceName: WFPLWF
WFP LightWeight Filter - \SystemRoot\system32\DRIVERS\wfplwf.sys
32 bit
dt ndis!_NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 Flags : Uint4B
+0x008 SendNetBufferListsHandler : Ptr32 void
+0x00c SendNetBufferListsCompleteHandler : Ptr32 void
+0x010 CancelSendNetBufferListsHandler : Ptr32 void
+0x014 ReceiveNetBufferListsHandler : Ptr32 void
+0x018 ReturnNetBufferListsHandler : Ptr32 void 64 bit
dt ndis!_NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 Flags : Uint4B
+0x008 SendNetBufferListsHandler : Ptr64 void
+0x010 SendNetBufferListsCompleteHandler : Ptr64 void
+0x018 CancelSendNetBufferListsHandler : Ptr64 void
+0x020 ReceiveNetBufferListsHandler : Ptr64 void
+0x028 ReturnNetBufferListsHandler : Ptr64 void
vista 32 bit
dt ndis!_NDIS_FILTER_DRIVER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 NextFilterDriver : Ptr32 _NDIS_FILTER_DRIVER_BLOCK
+0x008 DriverObject : Ptr32 _DRIVER_OBJECT
+0x00c FilterQueue : Ptr32 _NDIS_FILTER_BLOCK
+0x010 FilterDriverContext : Ptr32 Void
+0x014 Lock : Uint4B
+0x018 Flags : Uint4B
+0x01c DeviceList : _LIST_ENTRY
+0x024 Ref : _REFERENCE
+0x02c DefaultFilterCharacteristics : _NDIS_FILTER_DRIVER_CHARACTERISTICS
+0x094 InitiateOffloadCompleteHandler : Ptr32 void
+0x098 TerminateOffloadCompleteHandler : Ptr32 void
+0x09c UpdateOffloadCompleteHandler : Ptr32 void
+0x0a0 InvalidateOffloadCompleteHandler : Ptr32 void
+0x0a4 QueryOffloadCompleteHandler : Ptr32 void
+0x0a8 IndicateOffloadEventHandler : Ptr32 void
+0x0ac TcpOffloadSendCompleteHandler : Ptr32 void
+0x0b0 TcpOffloadReceiveCompleteHandler : Ptr32 void
+0x0b4 TcpOffloadDisconnectCompleteHandler : Ptr32 void
+0x0b8 TcpOffloadForwardCompleteHandler : Ptr32 void
+0x0bc TcpOffloadEventHandler : Ptr32 void
+0x0c0 TcpOffloadReceiveIndicateHandler : Ptr32 int
+0x0c4 InitiateOffloadHandler : Ptr32 void
+0x0c8 TerminateOffloadHandler : Ptr32 void
+0x0cc UpdateOffloadHandler : Ptr32 void
+0x0d0 InvalidateOffloadHandler : Ptr32 void
+0x0d4 QueryOffloadHandler : Ptr32 void
+0x0d8 TcpOffloadSendHandler : Ptr32 int
+0x0dc TcpOffloadReceiveHandler : Ptr32 int
+0x0e0 TcpOffloadDisconnectHandler : Ptr32 int
+0x0e4 TcpOffloadForwardHandler : Ptr32 int
+0x0e8 TcpOffloadReceiveReturnHandler : Ptr32 int
+0x0ec SetInfoBuf : Ptr32 Void
+0x0f0 RequestBuffer : Uint4B
+0x0f4 SetInfoBufLen : Uint2B
+0x0f8 FilterType : _NDIS_FILTER_TYPE
+0x0fc FilterRunType : _NDIS_FILTER_RUN_TYPE
+0x100 FilterClass : _UNICODE_STRINGdt ndis!_NDIS_FILTER_DRIVER_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 MajorNdisVersion : UChar
+0x005 MinorNdisVersion : UChar
+0x006 MajorDriverVersion : UChar
+0x007 MinorDriverVersion : UChar
+0x008 Flags : Uint4B
+0x00c FriendlyName : _UNICODE_STRING
+0x014 UniqueName : _UNICODE_STRING
+0x01c ServiceName : _UNICODE_STRING
+0x024 SetOptionsHandler : Ptr32 int
+0x028 SetFilterModuleOptionsHandler : Ptr32 int
+0x02c AttachHandler : Ptr32 int
+0x030 DetachHandler : Ptr32 void
+0x034 RestartHandler : Ptr32 int
+0x038 PauseHandler : Ptr32 int
+0x03c SendNetBufferListsHandler : Ptr32 void
+0x040 SendNetBufferListsCompleteHandler : Ptr32 void
+0x044 CancelSendNetBufferListsHandler : Ptr32 void
+0x048 ReceiveNetBufferListsHandler : Ptr32 void
+0x04c ReturnNetBufferListsHandler : Ptr32 void
+0x050 OidRequestHandler : Ptr32 int
+0x054 OidRequestCompleteHandler : Ptr32 void
+0x058 CancelOidRequestHandler : Ptr32 void
+0x05c DevicePnPEventNotifyHandler : Ptr32 void
+0x060 NetPnPEventHandler : Ptr32 int
+0x064 StatusHandler : Ptr32 void
dt ndis!_NDIS_FILTER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 NextFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x008 FilterDriver : Ptr32 _NDIS_FILTER_DRIVER_BLOCK
+0x00c FilterModuleContext : Ptr32 Void
+0x010 Miniport : Ptr32 _NDIS_MINIPORT_BLOCK
+0x014 FilterInstanceName : Ptr32 _UNICODE_STRING
+0x018 FilterFriendlyName : Ptr32 _UNICODE_STRING
+0x01c ReadWriteLock : _NDIS_RW_LOCK
+0x22c Flags : Uint4B
+0x230 State : _NDIS_FILTER_STATE
+0x234 Ref : _REFERENCE
+0x23c FakeStatus : Int4B
+0x240 NextGlobalFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x244 LowerFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x248 HigherFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x24c AsyncOpContext : Ptr32 _FILTER_PAUSE_RESTART_CONTEXT
+0x250 NumOfPauseRestartRequests : Int4B
+0x254 Lock : Uint4B
+0x258 LockThread : Ptr32 Void
+0x25c LockDbg : Uint4B
+0x260 OidRequestList : _LIST_ENTRY
+0x268 PendingOidRequest : Ptr32 _NDIS_OID_REQUEST
+0x26c PnPRef : _REFERENCE
+0x274 MediaType : _NDIS_MEDIUM
+0x278 PhysicalMediaType : _NDIS_PHYSICAL_MEDIUM
+0x27c MediaConnectState : _NET_IF_MEDIA_CONNECT_STATE
+0x280 MediaDuplexState : _NET_IF_MEDIA_DUPLEX_STATE
+0x288 XmitLinkSpeed : Uint8B
+0x290 RcvLinkSpeed : Uint8B
+0x298 PauseFunctions : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x29c AutoNegotiationFlags : Uint4B
+0x2a0 XState : UChar
+0x2a1 Reserved1 : UChar
+0x2a2 Reserved2 : UChar
+0x2a3 Reserved3 : UChar
+0x2a4 MediaConnectStateIndicateUp : _NET_IF_MEDIA_CONNECT_STATE
+0x2a8 MediaDuplexStateIndicateUp : _NET_IF_MEDIA_DUPLEX_STATE
+0x2b0 XmitLinkSpeedIndicateUp : Uint8B
+0x2b8 RcvLinkSpeedIndicateUp : Uint8B
+0x2c0 PauseFunctionsIndicateUp : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x2c4 AutoNegotiationFlagsIndicateUp : Uint4B
+0x2c8 NextRequestHandle : Ptr32 Void
+0x2cc NextSendNetBufferListsHandler : Ptr32 void
+0x2d0 NextSendNetBufferListsContext : Ptr32 Void
+0x2d4 NextSendNetBufferListsObject : Ptr32 Void
+0x2d8 NextSendNetBufferListsCompleteHandler : Ptr32 void
+0x2dc NextSendNetBufferListsCompleteContext : Ptr32 Void
+0x2e0 NextIndicateReceiveNetBufferListsHandler : Ptr32 void
+0x2e4 NextIndicateReceiveNetBufferListsContext : Ptr32 Void
+0x2e8 NextReturnNetBufferListsHandler : Ptr32 void
+0x2ec NextReturnNetBufferListsContext : Ptr32 Void
+0x2f0 NextIndicateStatusHandle : Ptr32 Void
+0x2f4 NextDevicePnPEventNotifyHandle : Ptr32 Void
+0x2f8 NextNetPnPEventHandle : Ptr32 Void
+0x2fc NextCancelSendNetBufferListsHandler : Ptr32 void
+0x300 NextCancelSendNetBufferListsContext : Ptr32 Void
+0x304 SetFilterModuleOptionalHandlers : Ptr32 int
+0x308 Characteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x324 SavedCharacteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x340 OidRequestHandler : Ptr32 int
+0x344 OidRequestCompleteHandler : Ptr32 void
+0x348 CancelRequestHandler : Ptr32 void
+0x34c DevicePnPEventNotifyHandler : Ptr32 void
+0x350 NetPnPEventHandler : Ptr32 int
+0x354 StatusHandler : Ptr32 void
+0x358 FilterSendNetBufferListsHandler : Ptr32 void
+0x35c FilterIndicateReceiveNetBufferListsHandler : Ptr32 void
+0x360 FilterCancelSendNetBufferListsHandler : Ptr32 void
+0x364 InitiateOffloadCompleteHandler : Ptr32 void
+0x368 TerminateOffloadCompleteHandler : Ptr32 void
+0x36c UpdateOffloadCompleteHandler : Ptr32 void
+0x370 InvalidateOffloadCompleteHandler : Ptr32 void
+0x374 QueryOffloadCompleteHandler : Ptr32 void
+0x378 IndicateOffloadEventHandler : Ptr32 void
+0x37c TcpOffloadSendCompleteHandler : Ptr32 void
+0x380 TcpOffloadReceiveCompleteHandler : Ptr32 void
+0x384 TcpOffloadDisconnectCompleteHandler : Ptr32 void
+0x388 TcpOffloadForwardCompleteHandler : Ptr32 void
+0x38c TcpOffloadEventHandler : Ptr32 void
+0x390 TcpOffloadReceiveIndicateHandler : Ptr32 int
+0x394 InitiateOffloadHandler : Ptr32 void
+0x398 TerminateOffloadHandler : Ptr32 void
+0x39c UpdateOffloadHandler : Ptr32 void
+0x3a0 InvalidateOffloadHandler : Ptr32 void
+0x3a4 QueryOffloadHandler : Ptr32 void
+0x3a8 TcpOffloadSendHandler : Ptr32 int
+0x3ac TcpOffloadReceiveHandler : Ptr32 int
+0x3b0 TcpOffloadDisconnectHandler : Ptr32 int
+0x3b4 TcpOffloadForwardHandler : Ptr32 int
+0x3b8 TcpOffloadReceiveReturnHandler : Ptr32 int
+0x3bc Offload : Ptr32 _NDIS_FILTER_TASK_OFFLOAD
+0x3c0 InterfaceGuid : _GUID
+0x3d0 IfIndex : Uint4B
+0x3d4 IfBlock : Ptr32 _NDIS_IF_BLOCKvista 64 bit
dt ndis!_NDIS_FILTER_DRIVER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextFilterDriver : Ptr64 _NDIS_FILTER_DRIVER_BLOCK
+0x010 DriverObject : Ptr64 _DRIVER_OBJECT
+0x018 FilterQueue : Ptr64 _NDIS_FILTER_BLOCK
+0x020 FilterDriverContext : Ptr64 Void
+0x028 Lock : Uint8B
+0x030 Flags : Uint4B
+0x038 DeviceList : _LIST_ENTRY
+0x048 Ref : _REFERENCE
+0x058 DefaultFilterCharacteristics : _NDIS_FILTER_DRIVER_CHARACTERISTICS
+0x120 InitiateOffloadCompleteHandler : Ptr64 void
+0x128 TerminateOffloadCompleteHandler : Ptr64 void
+0x130 UpdateOffloadCompleteHandler : Ptr64 void
+0x138 InvalidateOffloadCompleteHandler : Ptr64 void
+0x140 QueryOffloadCompleteHandler : Ptr64 void
+0x148 IndicateOffloadEventHandler : Ptr64 void
+0x150 TcpOffloadSendCompleteHandler : Ptr64 void
+0x158 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x160 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x168 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x170 TcpOffloadEventHandler : Ptr64 void
+0x178 TcpOffloadReceiveIndicateHandler : Ptr64 int
+0x180 InitiateOffloadHandler : Ptr64 void
+0x188 TerminateOffloadHandler : Ptr64 void
+0x190 UpdateOffloadHandler : Ptr64 void
+0x198 InvalidateOffloadHandler : Ptr64 void
+0x1a0 QueryOffloadHandler : Ptr64 void
+0x1a8 TcpOffloadSendHandler : Ptr64 int
+0x1b0 TcpOffloadReceiveHandler : Ptr64 int
+0x1b8 TcpOffloadDisconnectHandler : Ptr64 int
+0x1c0 TcpOffloadForwardHandler : Ptr64 int
+0x1c8 TcpOffloadReceiveReturnHandler : Ptr64 int
+0x1d0 SetInfoBuf : Ptr64 Void
+0x1d8 RequestBuffer : Uint4B
+0x1dc SetInfoBufLen : Uint2B
+0x1e0 FilterType : _NDIS_FILTER_TYPE
+0x1e4 FilterRunType : _NDIS_FILTER_RUN_TYPE
+0x1e8 FilterClass : _UNICODE_STRING
dt ndis!_NDIS_FILTER_DRIVER_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 MajorNdisVersion : UChar
+0x005 MinorNdisVersion : UChar
+0x006 MajorDriverVersion : UChar
+0x007 MinorDriverVersion : UChar
+0x008 Flags : Uint4B
+0x010 FriendlyName : _UNICODE_STRING
+0x020 UniqueName : _UNICODE_STRING
+0x030 ServiceName : _UNICODE_STRING
+0x040 SetOptionsHandler : Ptr64 int
+0x048 SetFilterModuleOptionsHandler : Ptr64 int
+0x050 AttachHandler : Ptr64 int
+0x058 DetachHandler : Ptr64 void
+0x060 RestartHandler : Ptr64 int
+0x068 PauseHandler : Ptr64 int
+0x070 SendNetBufferListsHandler : Ptr64 void
+0x078 SendNetBufferListsCompleteHandler : Ptr64 void
+0x080 CancelSendNetBufferListsHandler : Ptr64 void
+0x088 ReceiveNetBufferListsHandler : Ptr64 void
+0x090 ReturnNetBufferListsHandler : Ptr64 void
+0x098 OidRequestHandler : Ptr64 int
+0x0a0 OidRequestCompleteHandler : Ptr64 void
+0x0a8 CancelOidRequestHandler : Ptr64 void
+0x0b0 DevicePnPEventNotifyHandler : Ptr64 void
+0x0b8 NetPnPEventHandler : Ptr64 int
+0x0c0 StatusHandler : Ptr64 void
dt ndis!_NDIS_FILTER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x010 FilterDriver : Ptr64 _NDIS_FILTER_DRIVER_BLOCK
+0x018 FilterModuleContext : Ptr64 Void
+0x020 Miniport : Ptr64 _NDIS_MINIPORT_BLOCK
+0x028 FilterInstanceName : Ptr64 _UNICODE_STRING
+0x030 FilterFriendlyName : Ptr64 _UNICODE_STRING
+0x038 ReadWriteLock : _NDIS_RW_LOCK
+0x448 Flags : Uint4B
+0x44c State : _NDIS_FILTER_STATE
+0x450 Ref : _REFERENCE
+0x460 FakeStatus : Int4B
+0x468 NextGlobalFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x470 LowerFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x478 HigherFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x480 AsyncOpContext : Ptr64 _FILTER_PAUSE_RESTART_CONTEXT
+0x488 NumOfPauseRestartRequests : Int4B
+0x490 Lock : Uint8B
+0x498 LockThread : Ptr64 Void
+0x4a0 LockDbg : Uint4B
+0x4a8 OidRequestList : _LIST_ENTRY
+0x4b8 PendingOidRequest : Ptr64 _NDIS_OID_REQUEST
+0x4c0 PnPRef : _REFERENCE
+0x4d0 MediaType : _NDIS_MEDIUM
+0x4d4 PhysicalMediaType : _NDIS_PHYSICAL_MEDIUM
+0x4d8 MediaConnectState : _NET_IF_MEDIA_CONNECT_STATE
+0x4dc MediaDuplexState : _NET_IF_MEDIA_DUPLEX_STATE
+0x4e0 XmitLinkSpeed : Uint8B
+0x4e8 RcvLinkSpeed : Uint8B
+0x4f0 PauseFunctions : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x4f4 AutoNegotiationFlags : Uint4B
+0x4f8 XState : UChar
+0x4f9 Reserved1 : UChar
+0x4fa Reserved2 : UChar
+0x4fb Reserved3 : UChar
+0x4fc MediaConnectStateIndicateUp : _NET_IF_MEDIA_CONNECT_STATE
+0x500 MediaDuplexStateIndicateUp : _NET_IF_MEDIA_DUPLEX_STATE
+0x508 XmitLinkSpeedIndicateUp : Uint8B
+0x510 RcvLinkSpeedIndicateUp : Uint8B
+0x518 PauseFunctionsIndicateUp : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x51c AutoNegotiationFlagsIndicateUp : Uint4B
+0x520 NextRequestHandle : Ptr64 Void
+0x528 NextSendNetBufferListsHandler : Ptr64 void
+0x530 NextSendNetBufferListsContext : Ptr64 Void
+0x538 NextSendNetBufferListsObject : Ptr64 Void
+0x540 NextSendNetBufferListsCompleteHandler : Ptr64 void
+0x548 NextSendNetBufferListsCompleteContext : Ptr64 Void
+0x550 NextIndicateReceiveNetBufferListsHandler : Ptr64 void
+0x558 NextIndicateReceiveNetBufferListsContext : Ptr64 Void
+0x560 NextReturnNetBufferListsHandler : Ptr64 void
+0x568 NextReturnNetBufferListsContext : Ptr64 Void
+0x570 NextIndicateStatusHandle : Ptr64 Void
+0x578 NextDevicePnPEventNotifyHandle : Ptr64 Void
+0x580 NextNetPnPEventHandle : Ptr64 Void
+0x588 NextCancelSendNetBufferListsHandler : Ptr64 void
+0x590 NextCancelSendNetBufferListsContext : Ptr64 Void
+0x598 SetFilterModuleOptionalHandlers : Ptr64 int
+0x5a0 Characteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x5d0 SavedCharacteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x600 OidRequestHandler : Ptr64 int
+0x608 OidRequestCompleteHandler : Ptr64 void
+0x610 CancelRequestHandler : Ptr64 void
+0x618 DevicePnPEventNotifyHandler : Ptr64 void
+0x620 NetPnPEventHandler : Ptr64 int
+0x628 StatusHandler : Ptr64 void
+0x630 FilterSendNetBufferListsHandler : Ptr64 void
+0x638 FilterIndicateReceiveNetBufferListsHandler : Ptr64 void
+0x640 FilterCancelSendNetBufferListsHandler : Ptr64 void
+0x648 InitiateOffloadCompleteHandler : Ptr64 void
+0x650 TerminateOffloadCompleteHandler : Ptr64 void
+0x658 UpdateOffloadCompleteHandler : Ptr64 void
+0x660 InvalidateOffloadCompleteHandler : Ptr64 void
+0x668 QueryOffloadCompleteHandler : Ptr64 void
+0x670 IndicateOffloadEventHandler : Ptr64 void
+0x678 TcpOffloadSendCompleteHandler : Ptr64 void
+0x680 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x688 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x690 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x698 TcpOffloadEventHandler : Ptr64 void
+0x6a0 TcpOffloadReceiveIndicateHandler : Ptr64 int
+0x6a8 InitiateOffloadHandler : Ptr64 void
+0x6b0 TerminateOffloadHandler : Ptr64 void
+0x6b8 UpdateOffloadHandler : Ptr64 void
+0x6c0 InvalidateOffloadHandler : Ptr64 void
+0x6c8 QueryOffloadHandler : Ptr64 void
+0x6d0 TcpOffloadSendHandler : Ptr64 int
+0x6d8 TcpOffloadReceiveHandler : Ptr64 int
+0x6e0 TcpOffloadDisconnectHandler : Ptr64 int
+0x6e8 TcpOffloadForwardHandler : Ptr64 int
+0x6f0 TcpOffloadReceiveReturnHandler : Ptr64 int
+0x6f8 Offload : Ptr64 _NDIS_FILTER_TASK_OFFLOAD
+0x700 InterfaceGuid : _GUID
+0x710 IfIndex : Uint4B
+0x718 IfBlock : Ptr64 _NDIS_IF_BLOCK
vista sp2 32 bit
dt ndis!_NDIS_FILTER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 NextFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x008 FilterDriver : Ptr32 _NDIS_FILTER_DRIVER_BLOCK
+0x00c FilterModuleContext : Ptr32 Void
+0x010 Miniport : Ptr32 _NDIS_MINIPORT_BLOCK
+0x014 FilterInstanceName : Ptr32 _UNICODE_STRING
+0x018 FilterFriendlyName : Ptr32 _UNICODE_STRING
+0x01c ReadWriteLock : _NDIS_RW_LOCK
+0x22c Flags : Uint4B
+0x230 State : _NDIS_FILTER_STATE
+0x234 Ref : _REFERENCE
+0x23c FakeStatus : Int4B
+0x240 NextGlobalFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x244 LowerFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x248 HigherFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x24c AsyncOpContext : Ptr32 _FILTER_PAUSE_RESTART_CONTEXT
+0x250 NumOfPauseRestartRequests : Int4B
+0x254 Lock : Uint4B
+0x258 LockThread : Ptr32 Void
+0x25c LockDbg : Uint4B
+0x260 OidRequestList : _LIST_ENTRY
+0x268 PendingOidRequest : Ptr32 _NDIS_OID_REQUEST
+0x26c PnPRef : _REFERENCE
+0x274 MediaType : _NDIS_MEDIUM
+0x278 PhysicalMediaType : _NDIS_PHYSICAL_MEDIUM
+0x27c MediaConnectState : _NET_IF_MEDIA_CONNECT_STATE
+0x280 MediaDuplexState : _NET_IF_MEDIA_DUPLEX_STATE
+0x288 XmitLinkSpeed : Uint8B
+0x290 RcvLinkSpeed : Uint8B
+0x298 PauseFunctions : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x29c AutoNegotiationFlags : Uint4B
+0x2a0 XState : UChar
+0x2a1 Reserved1 : UChar
+0x2a2 Reserved2 : UChar
+0x2a3 Reserved3 : UChar
+0x2a4 MediaConnectStateIndicateUp : _NET_IF_MEDIA_CONNECT_STATE
+0x2a8 MediaDuplexStateIndicateUp : _NET_IF_MEDIA_DUPLEX_STATE
+0x2b0 XmitLinkSpeedIndicateUp : Uint8B
+0x2b8 RcvLinkSpeedIndicateUp : Uint8B
+0x2c0 PauseFunctionsIndicateUp : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x2c4 AutoNegotiationFlagsIndicateUp : Uint4B
+0x2c8 NextRequestHandle : Ptr32 Void
+0x2cc NextSendNetBufferListsHandler : Ptr32 void
+0x2d0 NextSendNetBufferListsContext : Ptr32 Void
+0x2d4 NextSendNetBufferListsObject : Ptr32 Void
+0x2d8 NextSendNetBufferListsCompleteHandler : Ptr32 void
+0x2dc NextSendNetBufferListsCompleteContext : Ptr32 Void
+0x2e0 NextIndicateReceiveNetBufferListsHandler : Ptr32 void
+0x2e4 NextIndicateReceiveNetBufferListsContext : Ptr32 Void
+0x2e8 NextReturnNetBufferListsHandler : Ptr32 void
+0x2ec NextReturnNetBufferListsContext : Ptr32 Void
+0x2f0 NextIndicateStatusHandle : Ptr32 Void
+0x2f4 NextDevicePnPEventNotifyHandle : Ptr32 Void
+0x2f8 NextNetPnPEventHandle : Ptr32 Void
+0x2fc NextCancelSendNetBufferListsHandler : Ptr32 void
+0x300 NextCancelSendNetBufferListsContext : Ptr32 Void
+0x304 SetFilterModuleOptionalHandlers : Ptr32 int
+0x308 Characteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x324 SavedCharacteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x340 OidRequestHandler : Ptr32 int
+0x344 OidRequestCompleteHandler : Ptr32 void
+0x348 CancelRequestHandler : Ptr32 void
+0x34c DevicePnPEventNotifyHandler : Ptr32 void
+0x350 NetPnPEventHandler : Ptr32 int
+0x354 StatusHandler : Ptr32 void
+0x358 FilterSendNetBufferListsHandler : Ptr32 void
+0x35c FilterIndicateReceiveNetBufferListsHandler : Ptr32 void
+0x360 FilterCancelSendNetBufferListsHandler : Ptr32 void
+0x364 InitiateOffloadCompleteHandler : Ptr32 void
+0x368 TerminateOffloadCompleteHandler : Ptr32 void
+0x36c UpdateOffloadCompleteHandler : Ptr32 void
+0x370 InvalidateOffloadCompleteHandler : Ptr32 void
+0x374 QueryOffloadCompleteHandler : Ptr32 void
+0x378 IndicateOffloadEventHandler : Ptr32 void
+0x37c TcpOffloadSendCompleteHandler : Ptr32 void
+0x380 TcpOffloadReceiveCompleteHandler : Ptr32 void
+0x384 TcpOffloadDisconnectCompleteHandler : Ptr32 void
+0x388 TcpOffloadForwardCompleteHandler : Ptr32 void
+0x38c TcpOffloadEventHandler : Ptr32 void
+0x390 TcpOffloadReceiveIndicateHandler : Ptr32 int
+0x394 InitiateOffloadHandler : Ptr32 void
+0x398 TerminateOffloadHandler : Ptr32 void
+0x39c UpdateOffloadHandler : Ptr32 void
+0x3a0 InvalidateOffloadHandler : Ptr32 void
+0x3a4 QueryOffloadHandler : Ptr32 void
+0x3a8 TcpOffloadSendHandler : Ptr32 int
+0x3ac TcpOffloadReceiveHandler : Ptr32 int
+0x3b0 TcpOffloadDisconnectHandler : Ptr32 int
+0x3b4 TcpOffloadForwardHandler : Ptr32 int
+0x3b8 TcpOffloadReceiveReturnHandler : Ptr32 int
+0x3bc Offload : Ptr32 _NDIS_FILTER_TASK_OFFLOAD
+0x3c0 InterfaceGuid : _GUID
+0x3d0 IfIndex : Uint4B
+0x3d4 IfBlock : Ptr32 _NDIS_IF_BLOCK
+0x3d8 DirectOidRequestHandler : Ptr32 int
+0x3dc DirectOidRequestCompleteHandler : Ptr32 void
+0x3e0 NextDirectRequestHandle : Ptr32 Void
+0x3e4 DirectOidRequestCount : Uint4B
+0x3e8 CancelDirectOidRequestHandler : Ptr32 void
vista sp2 64 bit
dt ndis!_NDIS_FILTER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x010 FilterDriver : Ptr64 _NDIS_FILTER_DRIVER_BLOCK
+0x018 FilterModuleContext : Ptr64 Void
+0x020 Miniport : Ptr64 _NDIS_MINIPORT_BLOCK
+0x028 FilterInstanceName : Ptr64 _UNICODE_STRING
+0x030 FilterFriendlyName : Ptr64 _UNICODE_STRING
+0x038 ReadWriteLock : _NDIS_RW_LOCK
+0x448 Flags : Uint4B
+0x44c State : _NDIS_FILTER_STATE
+0x450 Ref : _REFERENCE
+0x460 FakeStatus : Int4B
+0x468 NextGlobalFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x470 LowerFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x478 HigherFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x480 AsyncOpContext : Ptr64 _FILTER_PAUSE_RESTART_CONTEXT
+0x488 NumOfPauseRestartRequests : Int4B
+0x490 Lock : Uint8B
+0x498 LockThread : Ptr64 Void
+0x4a0 LockDbg : Uint4B
+0x4a8 OidRequestList : _LIST_ENTRY
+0x4b8 PendingOidRequest : Ptr64 _NDIS_OID_REQUEST
+0x4c0 PnPRef : _REFERENCE
+0x4d0 MediaType : _NDIS_MEDIUM
+0x4d4 PhysicalMediaType : _NDIS_PHYSICAL_MEDIUM
+0x4d8 MediaConnectState : _NET_IF_MEDIA_CONNECT_STATE
+0x4dc MediaDuplexState : _NET_IF_MEDIA_DUPLEX_STATE
+0x4e0 XmitLinkSpeed : Uint8B
+0x4e8 RcvLinkSpeed : Uint8B
+0x4f0 PauseFunctions : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x4f4 AutoNegotiationFlags : Uint4B
+0x4f8 XState : UChar
+0x4f9 Reserved1 : UChar
+0x4fa Reserved2 : UChar
+0x4fb Reserved3 : UChar
+0x4fc MediaConnectStateIndicateUp : _NET_IF_MEDIA_CONNECT_STATE
+0x500 MediaDuplexStateIndicateUp : _NET_IF_MEDIA_DUPLEX_STATE
+0x508 XmitLinkSpeedIndicateUp : Uint8B
+0x510 RcvLinkSpeedIndicateUp : Uint8B
+0x518 PauseFunctionsIndicateUp : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x51c AutoNegotiationFlagsIndicateUp : Uint4B
+0x520 NextRequestHandle : Ptr64 Void
+0x528 NextSendNetBufferListsHandler : Ptr64 void
+0x530 NextSendNetBufferListsContext : Ptr64 Void
+0x538 NextSendNetBufferListsObject : Ptr64 Void
+0x540 NextSendNetBufferListsCompleteHandler : Ptr64 void
+0x548 NextSendNetBufferListsCompleteContext : Ptr64 Void
+0x550 NextIndicateReceiveNetBufferListsHandler : Ptr64 void
+0x558 NextIndicateReceiveNetBufferListsContext : Ptr64 Void
+0x560 NextReturnNetBufferListsHandler : Ptr64 void
+0x568 NextReturnNetBufferListsContext : Ptr64 Void
+0x570 NextIndicateStatusHandle : Ptr64 Void
+0x578 NextDevicePnPEventNotifyHandle : Ptr64 Void
+0x580 NextNetPnPEventHandle : Ptr64 Void
+0x588 NextCancelSendNetBufferListsHandler : Ptr64 void
+0x590 NextCancelSendNetBufferListsContext : Ptr64 Void
+0x598 SetFilterModuleOptionalHandlers : Ptr64 int
+0x5a0 Characteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x5d0 SavedCharacteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x600 OidRequestHandler : Ptr64 int
+0x608 OidRequestCompleteHandler : Ptr64 void
+0x610 CancelRequestHandler : Ptr64 void
+0x618 DevicePnPEventNotifyHandler : Ptr64 void
+0x620 NetPnPEventHandler : Ptr64 int
+0x628 StatusHandler : Ptr64 void
+0x630 FilterSendNetBufferListsHandler : Ptr64 void
+0x638 FilterIndicateReceiveNetBufferListsHandler : Ptr64 void
+0x640 FilterCancelSendNetBufferListsHandler : Ptr64 void
+0x648 InitiateOffloadCompleteHandler : Ptr64 void
+0x650 TerminateOffloadCompleteHandler : Ptr64 void
+0x658 UpdateOffloadCompleteHandler : Ptr64 void
+0x660 InvalidateOffloadCompleteHandler : Ptr64 void
+0x668 QueryOffloadCompleteHandler : Ptr64 void
+0x670 IndicateOffloadEventHandler : Ptr64 void
+0x678 TcpOffloadSendCompleteHandler : Ptr64 void
+0x680 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x688 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x690 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x698 TcpOffloadEventHandler : Ptr64 void
+0x6a0 TcpOffloadReceiveIndicateHandler : Ptr64 int
+0x6a8 InitiateOffloadHandler : Ptr64 void
+0x6b0 TerminateOffloadHandler : Ptr64 void
+0x6b8 UpdateOffloadHandler : Ptr64 void
+0x6c0 InvalidateOffloadHandler : Ptr64 void
+0x6c8 QueryOffloadHandler : Ptr64 void
+0x6d0 TcpOffloadSendHandler : Ptr64 int
+0x6d8 TcpOffloadReceiveHandler : Ptr64 int
+0x6e0 TcpOffloadDisconnectHandler : Ptr64 int
+0x6e8 TcpOffloadForwardHandler : Ptr64 int
+0x6f0 TcpOffloadReceiveReturnHandler : Ptr64 int
+0x6f8 Offload : Ptr64 _NDIS_FILTER_TASK_OFFLOAD
+0x700 InterfaceGuid : _GUID
+0x710 IfIndex : Uint4B
+0x718 IfBlock : Ptr64 _NDIS_IF_BLOCK
+0x720 DirectOidRequestHandler : Ptr64 int
+0x728 DirectOidRequestCompleteHandler : Ptr64 void
+0x730 NextDirectRequestHandle : Ptr64 Void
+0x738 DirectOidRequestCount : Uint4B
+0x740 CancelDirectOidRequestHandler : Ptr64 voiddt ndis!_NDIS_FILTER_DRIVER_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 MajorNdisVersion : UChar
+0x005 MinorNdisVersion : UChar
+0x006 MajorDriverVersion : UChar
+0x007 MinorDriverVersion : UChar
+0x008 Flags : Uint4B
+0x010 FriendlyName : _UNICODE_STRING
+0x020 UniqueName : _UNICODE_STRING
+0x030 ServiceName : _UNICODE_STRING
+0x040 SetOptionsHandler : Ptr64 int
+0x048 SetFilterModuleOptionsHandler : Ptr64 int
+0x050 AttachHandler : Ptr64 int
+0x058 DetachHandler : Ptr64 void
+0x060 RestartHandler : Ptr64 int
+0x068 PauseHandler : Ptr64 int
+0x070 SendNetBufferListsHandler : Ptr64 void
+0x078 SendNetBufferListsCompleteHandler : Ptr64 void
+0x080 CancelSendNetBufferListsHandler : Ptr64 void
+0x088 ReceiveNetBufferListsHandler : Ptr64 void
+0x090 ReturnNetBufferListsHandler : Ptr64 void
+0x098 OidRequestHandler : Ptr64 int
+0x0a0 OidRequestCompleteHandler : Ptr64 void
+0x0a8 CancelOidRequestHandler : Ptr64 void
+0x0b0 DevicePnPEventNotifyHandler : Ptr64 void
+0x0b8 NetPnPEventHandler : Ptr64 int
+0x0c0 StatusHandler : Ptr64 void
+0x0c8 DirectOidRequestHandler : Ptr64 int
+0x0d0 DirectOidRequestCompleteHandler : Ptr64 void
+0x0d8 CancelDirectOidRequestHandler : Ptr64 void
windows 7 32 bit
dt ndis!_NDIS_FILTER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 NextFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x008 FilterDriver : Ptr32 _NDIS_FILTER_DRIVER_BLOCK
+0x00c FilterModuleContext : Ptr32 Void
+0x010 Miniport : Ptr32 _NDIS_MINIPORT_BLOCK
+0x014 FilterInstanceName : Ptr32 _UNICODE_STRING
+0x018 FilterFriendlyName : Ptr32 _UNICODE_STRING
+0x01c Flags : Uint4B
+0x020 State : _NDIS_FILTER_STATE
+0x024 Ref : _REFERENCE
+0x02c FakeStatus : Int4B
+0x030 NextGlobalFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x034 LowerFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x038 HigherFilter : Ptr32 _NDIS_FILTER_BLOCK
+0x03c AsyncOpContext : Ptr32 _FILTER_PAUSE_RESTART_CONTEXT
+0x040 NumOfPauseRestartRequests : Int4B
+0x044 Lock : Uint4B
+0x048 LockThread : Ptr32 Void
+0x04c LockDbg : Uint4B
+0x050 OidRequestList : _LIST_ENTRY
+0x058 PendingOidRequest : Ptr32 _NDIS_OID_REQUEST
+0x05c PnPRef : _REFERENCE
+0x064 MediaType : _NDIS_MEDIUM
+0x068 PhysicalMediaType : _NDIS_PHYSICAL_MEDIUM
+0x06c MediaConnectState : _NET_IF_MEDIA_CONNECT_STATE
+0x070 MediaDuplexState : _NET_IF_MEDIA_DUPLEX_STATE
+0x078 XmitLinkSpeed : Uint8B
+0x080 RcvLinkSpeed : Uint8B
+0x088 PauseFunctions : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x08c AutoNegotiationFlags : Uint4B
+0x090 XState : UChar
+0x091 Reserved1 : UChar
+0x092 Reserved2 : UChar
+0x093 Reserved3 : UChar
+0x094 MediaConnectStateIndicateUp : _NET_IF_MEDIA_CONNECT_STATE
+0x098 MediaDuplexStateIndicateUp : _NET_IF_MEDIA_DUPLEX_STATE
+0x0a0 XmitLinkSpeedIndicateUp : Uint8B
+0x0a8 RcvLinkSpeedIndicateUp : Uint8B
+0x0b0 PauseFunctionsIndicateUp : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x0b4 AutoNegotiationFlagsIndicateUp : Uint4B
+0x0b8 NextRequestHandle : Ptr32 Void
+0x0bc NextSendNetBufferListsHandler : Ptr32 void
+0x0c0 NextSendNetBufferListsContext : Ptr32 Void
+0x0c4 NextSendNetBufferListsObject : Ptr32 Void
+0x0c8 NextSendNetBufferListsCompleteHandler : Ptr32 void
+0x0cc NextSendNetBufferListsCompleteContext : Ptr32 Void
+0x0d0 NextSendNetBufferListsCompleteObject : Ptr32 Void
+0x0d4 NextIndicateReceiveNetBufferListsHandler : Ptr32 void
+0x0d8 NextIndicateReceiveNetBufferListsContext : Ptr32 Void
+0x0dc NextIndicateReceiveNetBufferListsObject : Ptr32 Void
+0x0e0 NextReturnNetBufferListsHandler : Ptr32 void
+0x0e4 NextReturnNetBufferListsContext : Ptr32 Void
+0x0e8 NextReturnNetBufferListsObject : Ptr32 Void
+0x0ec NextIndicateStatusHandle : Ptr32 Void
+0x0f0 NextDevicePnPEventNotifyHandle : Ptr32 Void
+0x0f4 NextNetPnPEventHandle : Ptr32 Void
+0x0f8 NextCancelSendNetBufferListsHandler : Ptr32 void
+0x0fc NextCancelSendNetBufferListsContext : Ptr32 Void
+0x100 SetFilterModuleOptionalHandlers : Ptr32 int
+0x104 Characteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x120 SavedCharacteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x13c OidRequestHandler : Ptr32 int
+0x140 OidRequestCompleteHandler : Ptr32 void
+0x144 CancelRequestHandler : Ptr32 void
+0x148 DevicePnPEventNotifyHandler : Ptr32 void
+0x14c NetPnPEventHandler : Ptr32 int
+0x150 StatusHandler : Ptr32 void
+0x154 FilterSendNetBufferListsHandler : Ptr32 void
+0x158 FilterIndicateReceiveNetBufferListsHandler : Ptr32 void
+0x15c FilterCancelSendNetBufferListsHandler : Ptr32 void
+0x160 InitiateOffloadCompleteHandler : Ptr32 void
+0x164 TerminateOffloadCompleteHandler : Ptr32 void
+0x168 UpdateOffloadCompleteHandler : Ptr32 void
+0x16c InvalidateOffloadCompleteHandler : Ptr32 void
+0x170 QueryOffloadCompleteHandler : Ptr32 void
+0x174 IndicateOffloadEventHandler : Ptr32 void
+0x178 TcpOffloadSendCompleteHandler : Ptr32 void
+0x17c TcpOffloadReceiveCompleteHandler : Ptr32 void
+0x180 TcpOffloadDisconnectCompleteHandler : Ptr32 void
+0x184 TcpOffloadForwardCompleteHandler : Ptr32 void
+0x188 TcpOffloadEventHandler : Ptr32 void
+0x18c TcpOffloadReceiveIndicateHandler : Ptr32 int
+0x190 InitiateOffloadHandler : Ptr32 void
+0x194 TerminateOffloadHandler : Ptr32 void
+0x198 UpdateOffloadHandler : Ptr32 void
+0x19c InvalidateOffloadHandler : Ptr32 void
+0x1a0 QueryOffloadHandler : Ptr32 void
+0x1a4 TcpOffloadSendHandler : Ptr32 int
+0x1a8 TcpOffloadReceiveHandler : Ptr32 int
+0x1ac TcpOffloadDisconnectHandler : Ptr32 int
+0x1b0 TcpOffloadForwardHandler : Ptr32 int
+0x1b4 TcpOffloadReceiveReturnHandler : Ptr32 int
+0x1b8 Offload : Ptr32 _NDIS_FILTER_TASK_OFFLOAD
+0x1bc InterfaceGuid : _GUID
+0x1cc IfIndex : Uint4B
+0x1d0 IfBlock : Ptr32 _NDIS_IF_BLOCK
+0x1d4 DirectOidRequestHandler : Ptr32 int
+0x1d8 DirectOidRequestCompleteHandler : Ptr32 void
+0x1dc NextDirectRequestHandle : Ptr32 Void
+0x1e0 DirectOidRequestCount : Uint4B
+0x1e4 CancelDirectOidRequestHandler : Ptr32 void
+0x1e8 WOLPatternList : _SINGLE_LIST_ENTRY
+0x1ec PMProtocolOffloadList : _SINGLE_LIST_ENTRY
+0x1f0 PMCurrentParameters : _NDIS_PM_PARAMETERSdt ndis!_NDIS_FILTER_DRIVER_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 MajorNdisVersion : UChar
+0x005 MinorNdisVersion : UChar
+0x006 MajorDriverVersion : UChar
+0x007 MinorDriverVersion : UChar
+0x008 Flags : Uint4B
+0x00c FriendlyName : _UNICODE_STRING
+0x014 UniqueName : _UNICODE_STRING
+0x01c ServiceName : _UNICODE_STRING
+0x024 SetOptionsHandler : Ptr32 int
+0x028 SetFilterModuleOptionsHandler : Ptr32 int
+0x02c AttachHandler : Ptr32 int
+0x030 DetachHandler : Ptr32 void
+0x034 RestartHandler : Ptr32 int
+0x038 PauseHandler : Ptr32 int
+0x03c SendNetBufferListsHandler : Ptr32 void
+0x040 SendNetBufferListsCompleteHandler : Ptr32 void
+0x044 CancelSendNetBufferListsHandler : Ptr32 void
+0x048 ReceiveNetBufferListsHandler : Ptr32 void
+0x04c ReturnNetBufferListsHandler : Ptr32 void
+0x050 OidRequestHandler : Ptr32 int
+0x054 OidRequestCompleteHandler : Ptr32 void
+0x058 CancelOidRequestHandler : Ptr32 void
+0x05c DevicePnPEventNotifyHandler : Ptr32 void
+0x060 NetPnPEventHandler : Ptr32 int
+0x064 StatusHandler : Ptr32 void
+0x068 DirectOidRequestHandler : Ptr32 int
+0x06c DirectOidRequestCompleteHandler : Ptr32 void
+0x070 CancelDirectOidRequestHandler : Ptr32 void
windows 7 64 bit
dt ndis!_NDIS_FILTER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x010 FilterDriver : Ptr64 _NDIS_FILTER_DRIVER_BLOCK
+0x018 FilterModuleContext : Ptr64 Void
+0x020 Miniport : Ptr64 _NDIS_MINIPORT_BLOCK
+0x028 FilterInstanceName : Ptr64 _UNICODE_STRING
+0x030 FilterFriendlyName : Ptr64 _UNICODE_STRING
+0x038 Flags : Uint4B
+0x03c State : _NDIS_FILTER_STATE
+0x040 Ref : _REFERENCE
+0x050 FakeStatus : Int4B
+0x058 NextGlobalFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x060 LowerFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x068 HigherFilter : Ptr64 _NDIS_FILTER_BLOCK
+0x070 AsyncOpContext : Ptr64 _FILTER_PAUSE_RESTART_CONTEXT
+0x078 NumOfPauseRestartRequests : Int4B
+0x080 Lock : Uint8B
+0x088 LockThread : Ptr64 Void
+0x090 LockDbg : Uint4B
+0x098 OidRequestList : _LIST_ENTRY
+0x0a8 PendingOidRequest : Ptr64 _NDIS_OID_REQUEST
+0x0b0 PnPRef : _REFERENCE
+0x0c0 MediaType : _NDIS_MEDIUM
+0x0c4 PhysicalMediaType : _NDIS_PHYSICAL_MEDIUM
+0x0c8 MediaConnectState : _NET_IF_MEDIA_CONNECT_STATE
+0x0cc MediaDuplexState : _NET_IF_MEDIA_DUPLEX_STATE
+0x0d0 XmitLinkSpeed : Uint8B
+0x0d8 RcvLinkSpeed : Uint8B
+0x0e0 PauseFunctions : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x0e4 AutoNegotiationFlags : Uint4B
+0x0e8 XState : UChar
+0x0e9 Reserved1 : UChar
+0x0ea Reserved2 : UChar
+0x0eb Reserved3 : UChar
+0x0ec MediaConnectStateIndicateUp : _NET_IF_MEDIA_CONNECT_STATE
+0x0f0 MediaDuplexStateIndicateUp : _NET_IF_MEDIA_DUPLEX_STATE
+0x0f8 XmitLinkSpeedIndicateUp : Uint8B
+0x100 RcvLinkSpeedIndicateUp : Uint8B
+0x108 PauseFunctionsIndicateUp : _NDIS_SUPPORTED_PAUSE_FUNCTIONS
+0x10c AutoNegotiationFlagsIndicateUp : Uint4B
+0x110 NextRequestHandle : Ptr64 Void
+0x118 NextSendNetBufferListsHandler : Ptr64 void
+0x120 NextSendNetBufferListsContext : Ptr64 Void
+0x128 NextSendNetBufferListsObject : Ptr64 Void
+0x130 NextSendNetBufferListsCompleteHandler : Ptr64 void
+0x138 NextSendNetBufferListsCompleteContext : Ptr64 Void
+0x140 NextSendNetBufferListsCompleteObject : Ptr64 Void
+0x148 NextIndicateReceiveNetBufferListsHandler : Ptr64 void
+0x150 NextIndicateReceiveNetBufferListsContext : Ptr64 Void
+0x158 NextIndicateReceiveNetBufferListsObject : Ptr64 Void
+0x160 NextReturnNetBufferListsHandler : Ptr64 void
+0x168 NextReturnNetBufferListsContext : Ptr64 Void
+0x170 NextReturnNetBufferListsObject : Ptr64 Void
+0x178 NextIndicateStatusHandle : Ptr64 Void
+0x180 NextDevicePnPEventNotifyHandle : Ptr64 Void
+0x188 NextNetPnPEventHandle : Ptr64 Void
+0x190 NextCancelSendNetBufferListsHandler : Ptr64 void
+0x198 NextCancelSendNetBufferListsContext : Ptr64 Void
+0x1a0 SetFilterModuleOptionalHandlers : Ptr64 int
+0x1a8 Characteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x1d8 SavedCharacteristics : _NDIS_FILTER_PARTIAL_CHARACTERISTICS
+0x208 OidRequestHandler : Ptr64 int
+0x210 OidRequestCompleteHandler : Ptr64 void
+0x218 CancelRequestHandler : Ptr64 void
+0x220 DevicePnPEventNotifyHandler : Ptr64 void
+0x228 NetPnPEventHandler : Ptr64 int
+0x230 StatusHandler : Ptr64 void
+0x238 FilterSendNetBufferListsHandler : Ptr64 void
+0x240 FilterIndicateReceiveNetBufferListsHandler : Ptr64 void
+0x248 FilterCancelSendNetBufferListsHandler : Ptr64 void
+0x250 InitiateOffloadCompleteHandler : Ptr64 void
+0x258 TerminateOffloadCompleteHandler : Ptr64 void
+0x260 UpdateOffloadCompleteHandler : Ptr64 void
+0x268 InvalidateOffloadCompleteHandler : Ptr64 void
+0x270 QueryOffloadCompleteHandler : Ptr64 void
+0x278 IndicateOffloadEventHandler : Ptr64 void
+0x280 TcpOffloadSendCompleteHandler : Ptr64 void
+0x288 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x290 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x298 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x2a0 TcpOffloadEventHandler : Ptr64 void
+0x2a8 TcpOffloadReceiveIndicateHandler : Ptr64 int
+0x2b0 InitiateOffloadHandler : Ptr64 void
+0x2b8 TerminateOffloadHandler : Ptr64 void
+0x2c0 UpdateOffloadHandler : Ptr64 void
+0x2c8 InvalidateOffloadHandler : Ptr64 void
+0x2d0 QueryOffloadHandler : Ptr64 void
+0x2d8 TcpOffloadSendHandler : Ptr64 int
+0x2e0 TcpOffloadReceiveHandler : Ptr64 int
+0x2e8 TcpOffloadDisconnectHandler : Ptr64 int
+0x2f0 TcpOffloadForwardHandler : Ptr64 int
+0x2f8 TcpOffloadReceiveReturnHandler : Ptr64 int
+0x300 Offload : Ptr64 _NDIS_FILTER_TASK_OFFLOAD
+0x308 InterfaceGuid : _GUID
+0x318 IfIndex : Uint4B
+0x320 IfBlock : Ptr64 _NDIS_IF_BLOCK
+0x328 DirectOidRequestHandler : Ptr64 int
+0x330 DirectOidRequestCompleteHandler : Ptr64 void
+0x338 NextDirectRequestHandle : Ptr64 Void
+0x340 DirectOidRequestCount : Uint4B
+0x348 CancelDirectOidRequestHandler : Ptr64 void
+0x350 WOLPatternList : _SINGLE_LIST_ENTRY
+0x358 PMProtocolOffloadList : _SINGLE_LIST_ENTRY
+0x360 PMCurrentParameters : _NDIS_PM_PARAMETERSdt ndis!_NDIS_FILTER_DRIVER_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 MajorNdisVersion : UChar
+0x005 MinorNdisVersion : UChar
+0x006 MajorDriverVersion : UChar
+0x007 MinorDriverVersion : UChar
+0x008 Flags : Uint4B
+0x010 FriendlyName : _UNICODE_STRING
+0x020 UniqueName : _UNICODE_STRING
+0x030 ServiceName : _UNICODE_STRING
+0x040 SetOptionsHandler : Ptr64 int
+0x048 SetFilterModuleOptionsHandler : Ptr64 int
+0x050 AttachHandler : Ptr64 int
+0x058 DetachHandler : Ptr64 void
+0x060 RestartHandler : Ptr64 int
+0x068 PauseHandler : Ptr64 int
+0x070 SendNetBufferListsHandler : Ptr64 void
+0x078 SendNetBufferListsCompleteHandler : Ptr64 void
+0x080 CancelSendNetBufferListsHandler : Ptr64 void
+0x088 ReceiveNetBufferListsHandler : Ptr64 void
+0x090 ReturnNetBufferListsHandler : Ptr64 void
+0x098 OidRequestHandler : Ptr64 int
+0x0a0 OidRequestCompleteHandler : Ptr64 void
+0x0a8 CancelOidRequestHandler : Ptr64 void
+0x0b0 DevicePnPEventNotifyHandler : Ptr64 void
+0x0b8 NetPnPEventHandler : Ptr64 int
+0x0c0 StatusHandler : Ptr64 void
+0x0c8 DirectOidRequestHandler : Ptr64 int
+0x0d0 DirectOidRequestCompleteHandler : Ptr64 void
+0x0d8 CancelDirectOidRequestHandler : Ptr64 void
Комментариев нет:
Отправить комментарий