<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.5726" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2></FONT> </DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=swzhao@gmail.com href="mailto:swzhao@gmail.com">Joshua (Shiwei)
Zhao</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=winpcap-users@winpcap.org
href="mailto:winpcap-users@winpcap.org">winpcap-users@winpcap.org</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Tuesday, July 14, 2009 5:21
PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [Winpcap-users] related to a
capture device</DIV>
<DIV><FONT size=2></FONT><BR></DIV>
<DIV>I'm using Wireshark as sniffer where it opens capture devices via
winpcap. I want to edit the window registry related to the
capture device opened by winpcap.<BR>To get the registry path of a capture
device, we need to know its SubDriverKey which could be specified somewhere in
windows registry. <BR>Right now in Wireshark we only have the name,
description, and ip_address of an opened device. Were they retrieved from
registry table by winpcap? </DIV>
<DIV> </DIV></BLOCKQUOTE>
<DIV><FONT size=2>The description is retrieved with an OID to the miniport
controlling the NIC. The name is generated out of the original GUID of the
device prepended with a prefix (prefix that is not documented). </FONT></DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV><FONT size=2>IP addresses are retrieved in a combination of ways,
including registry and IP helper API.</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV>Is there a way to get their corresponding driver key?</DIV>
<DIV> </DIV></BLOCKQUOTE>
<DIV><FONT size=2>It might be possible to get the device hardware subkeys out of
the GUID of the device, but I never tried myself, and in any case it goes into
the undocumented land. What I would do is use the Setup API to enumerate all the
network devices until you find the one you are interested in and change the
appropriate parameters.</FONT></DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV><FONT size=2></FONT> </DIV>
<DIV>In addition, I hope to be able to disable/enable the capture
device programmingly. Does winpcap offer this kind of functionality?</DIV>
<DIV> </DIV></BLOCKQUOTE>
<DIV><FONT size=2>No. You need to use the Setup API for
that.</FONT></DIV><FONT size=2></FONT>
<DIV><FONT size=2>Have a nice day</FONT></DIV>
<DIV><FONT size=2>GV</FONT></DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV><BR> <BR>Many thanks,<BR>Joshua</DIV>
<P>
<HR>
<P></P>_______________________________________________<BR>Winpcap-users
mailing
list<BR>Winpcap-users@winpcap.org<BR>https://www.winpcap.org/mailman/listinfo/winpcap-users<BR></BLOCKQUOTE></BODY></HTML>