WinHEC 05 Madhurima Pawar Program Manager Windows Networking mpawar @ microsoft.com Microsoft Corporation Eric Stenson Development LeadWindows Networking ericsten @ microsoft.com Microsoft Corporation

1. Windows Filtering Platform And Winsock Kernel: Next-Generation Kernel Networking APIs Madhurima Pawar Program Manager Windows Networking mpawar @ microsoft.com Microsoft Corporation Eric Stenson Development Lead Windows Networking ericsten @ microsoft.com Microsoft Corporation

4. Windows Filtering Platform (WFP)

7. WFP Architecture Base Filtering Engine Filtering Engine TDI, WSK NAT Firewall or other filter applications LH Firewall WFP APIs ALE Stream Layer TCP, UDP Transport Layer Network Layer NDIS Layer Forwarding Layer Packetprocessing path Callout APIs IDS callout Parental control Anti-virus Callout modules user kernel Provided by: Microsoft ISV OEM IHV

18. Winsock Kernel (WSK)

22. TDI Overview Kernel Mode Networking Client Apps Transport (TCP/IPv4) eviceCP eviceDP eviceAW Transport (TCP/IPv6) eviceCP6 eviceDP6 eviceAW6 Transport (3 rd Party) evicelt; proto> <proto> – Determined by 3 rd Party Transport Implementers I/O Manager TDI.SYS Provided by: Microsoft ISV IHV

23. Windows Codenamed “Longhorn” Stack Overview WFP WS2_32.DLL LSP #1 LSP #2 MSWSOCK.DLL AFD TDI Next Generation TCP/IP Stack NetBT 3 rd Party TDX Private WSK HTTP.SYS Winsock 1.0/2.x SPI SPI SPI Winsock Catalog User Kernel WSK LSP = Winsock Layered Service Provider

26. WSK Overview N etwork M odule R egistration (NMR) Winsock Kernel (WSK) Kernel Mode Networking Client Apps Transport (3 rd Party) Transport (TCP/IPv4) Transport (TCP/IPv6) ... I/O Manager Provided by: Microsoft ISV IHV

27. WSK Scenarios: Create Connection (TDI) // // Create AO // Build FILE_FULL_EA_INFORMATION (TA_ADDRESS) InitializeObjectAttributes (TDI Device Name) IoCreateFile( &AOHandle, MAXIMUM_ALLOWED, // DesiredAccess &object_attributes, &io_status_block, 0, // AllocationSize 0, // FileAttributes 0, // ShareAccess, FILE_CREATE, 0, // CreateOptions. ea_buffer, ea_length, CreateFileTypeNone, NULL, // ExtraCreateParameters create_options ); // // Create CO // Build FILE_FULL_EA_INFORMATION (TdiConnectionContext) InitializeObjectAttributes (TDI Device Name) IoCreateFile( &COHandle, MAXIMUM_ALLOWED, // DesiredAccess &object_attributes, &io_status_block, 0, // AllocationSize 0, // FileAttributes 0, // ShareAccess, FILE_CREATE, 0, // CreateOptions. ea_buffer, ea_length, CreateFileTypeNone, NULL, // ExtraCreateParameters create_options ); // // Associate CO to AO // Allocate IRP Get File and Device Object pointers from CO_FileHandle TdiBuildAssociateAddress(CO, AOHandle, CompletionRtn/Ctx) IoCallDriver(IRP) // // Issue connect when AssociateAddress request is completed. // Allocate IRP or reuse IRP from previous step TdiBuildConnect(CO, TA_ADDRESS, CompletionRtn/Ctx) IoCallDriver(IRP)

28. WSK Scenarios: Create Connection (WSK) // // Create and connect a WSK socket in one call // Allocate IRP IoSetCompletionRoutine(IRP, CompletionRtn/Ctx); WskProviderDispatch->WskSocketConnect( WskClient, SOCK_STREAM, IPPROTO_TCP, LocalAddress, // SOCKADDR RemoteAddress, // SOCKADDR 0, // Flags SocketCallbackContext, SocketCallbackDispatch, Process, Thread, SecurityDescriptor, IRP );

29. WSK Scenarios: WSK Socket Control // // Setting SO_RCVBUF socket option // ULONG rcvbufsize = 16384; Allocate IRP; IoSetCompletionRoutine(IRP, CompletionRtn/Ctx); WskSocketDispatch-> WskControlSocket ( WskSocket, WskSetOption, // RequestType: set, get, ioctl SO_RCVBUF, // OptionName SOL_SOCKET, // Level sizeof(rcvbufsize), // InputSize &rcvbufsize, // InputBuffer 0, // OutputSize NULL, // OutputBuffer NULL, // OutputSizeReturned IRP );