I am trying to find a way to programmatically get the network statistics for a specific adapter in Windows 10. I found that GetIpStatistics() function, but it returns statistics for all adapters. Does anyone know of a function that gets the same type of statistics but only for a specific adapter?
You can use GetIfTable() or GetIfTable2(), and then look for the desired interface in the returned table.
Or, if you already know the LUID/index of the desired interface, you can use GetIfEntry2() or GetIfEntry2Ex() instead.
Related
Is there any clean way of detecting what is the type of the Ndi\Interfaces LowerRange of the adapter that we are attaching to in the FilterAttach of NDIS LWF?
I guess one dirty way is using the BaseMiniportInstanceName of AttachParameters in the FilterAttach, and then enumerate keys in SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318} and find the one that has the same value in DriverDesc (Or using the BaseMiniportName and comparing it to ndi\linkage\export), afterwards go to xxx\ndi\interfaces and reading the LowerRange value.
But this seems so dirty, there has to be an easier way to finding the type of Ndi\Interfaces LowerRange of the corresponding adapter? Tried looking at different members of AttachParameters but didn't find anything that can help me with this.
I'm asking this because we want to only attach to very specific virtual adapters that have a Nolower LowerRange, and considering that attaching to these type of interfaces is not supported in NDIS LWF, we only want to attach to those that we know will not cause issues, such as Kerio's Virtual Adapter.
So if there's any other way to tell the OS to only attach us to a specific adapters in case it has a nolower LowerRange (maybe by changing our INF file or using a certain API or checking a member of a structure to see if its nolower or..), please let me know.
To manage display adapters and display properties, my code uses APIs from two different Windows DLLs:
CfgMgr32.dll
I use functions in CfgMgr32 (successor to SetupApi) to:
enumerate adapters (get ids & properties)
determine whether a specific adapter exists
determine whether an adapter is enabled/disabled
enabled/disabled an adapter
register a callback to receive PnP device events
APIs in CfgMgr32 (and SetupApi) use an adapter id (called DeviceInstanceId or PNPDeviceID) of the form: "SWD\MyEnumerator\MyInstance"
User32.dll
I use functions in User32 to:
enumerate adapters (get ids & properties)
query an adapter's supported resolutions
query an adapter's current display mode
change an adapter's current orientation
change an adapter's current resolution
APIs in User32 uses use a completely different adapter id (called DeviceName) of the form: "\\.\DISPLAY23"
The (Astonishing) Problem:
There appears to be no documented way of mapping between these two forms of unique identifiers. I can enable an adapter, but when I want to change its orientation or resolution, I have no way of knowing which of the identifiers returned by EnumDisplayDevices(...) refers to the same adapter I just enabled.
The APIs I need are split across two libraries; neither library provides a complete set of display adapter management functions.
Both libraries have functions that let you get information about a particular adapter, and there is some minor overlap, but critically: nothing that's unique to a single adapter. Maybe there's some way to unambiguously relate properties from one side to the other, but I've dumped out everything that's available (including SystemInformation, Screen.AllScreens, Wmi queries like Win32_VideoController, DISPLAY_DEVICE...) and in all that information I can't find anything mappable.
Has anyone solved this, or know of some open source project that might be worth looking over?
I am performing a multilayer packet capture on Windows using the built-in NDIS capture service in order to determine where in the stack packets for my application are being dropped. When viewing the resulting ETL file in Microsoft Message Analyzer, I'm provided with data points containing two items in particular that I'm looking for:
MiniportIfIndex - this corresponds with the adapter interface ID, which I can translate into a logical name by running Get-NetAdapter in PowerShell (as one method).
LowerIfIndex - this is the specific layer/filter of the NDIS stack that the packet is progressing through during the traffic flow and is the subject of this question.
I have yet to find a way to gather what specific layer/filter the lowerIfIndex is referencing. I found this article which led me to the WMI class MSNdis_EnumerateReceiveFilters that I was hoping would give me an output similar to that of Get-NetAdapter, listing the logical name of the filter as well as the corresponding ID. When I try to run the command in the format similar to how the MSDN article references, I'm always receiving an 'incorrect parameter' stop error.
One other command Get-NetAdapterBinding appears to display the logical names of the NDIS filters/layers, but no corresponding ID.
Is anyone aware of a way to correlate the lowerIfIndex to a filter name?
I currently have a script to glean QoS data from differing cisco routers and this is working well but missing the bandwidth data for each class.
I can see that the data is available in that querying:
enterprises.9.9.166.1.9.1.1.1.1608 = INTEGER: 425
Returns the correct bandwidth for this particular class [425kb]. I have seen this index elsewhere:
enterprises.9.9.166.1.5.1.1.2.6933270.5456067 = Gauge32: 1608
With '6933270' being one of the indexes associated with the interface I am interested in.
How though do I 'learn' the second index '5456067' or is there another way to derive the class bandwidth?
I have scoured Google which has me at this point but I am unable to get any closer to the second index. Multiple snmpwalks grepping the second index show no light either in that I can find no way to relate to this from existing known data.
Thanks
I think you get the wrong oid entry. enterprises.9.9.166.1.5.1.1.2 stands for cisco cbQosConfigIndex from mib, if you want to get the bandwidth, you should use the 1.3.6.1.4.1.9.9.166.1.9.1.1.2 which means QueueingBandwidthUnits instead.
I have a list of IP addresses or Cisco router. Now i need to find out, which IP address is assigned to which interface (e.g. i have IP 192.168.1.1 and i need to learn that it is IP address of fa0/0 interface). Which MIB can i use to get the list of IP add with corresponding interfaces via SNMP?
Thanks
I believe the SNMP OID you need for this is 1.3.6.1.2.1.4.34, the object being ipAddressTable from the IP-MIB. See the following URL:
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=1.3.6.1.2.1.4.34#oidContent
Cisco has very good SNMP info on their site. The SNMP Object Navigator, or the IOS MIB Locator are your friends. Tons of info there, and you can look at it from any angle you want. For example, provide the router's IOS image filename and see what MIBs it supports, etc.
As far as interfaces and IP address info, that's the most basic of stuff so you will be ok, no need to find any weird MIB for that.
My suggestion would be: make sure SNMP is enabled on the router and an SNMP community is set, jump on a Unix/Linux box and point snmpwalk to it and pull all available info. That, paired with the MIB file, is usually the best way to make sure which element you want. If on Windows, there are several free SNMP clients that can "snmpwalk" a device and do the equivalent.
Let me know how that goes!
You can try the OID 1.3.6.1.2.1.4.20 to get the list of IP add with corresponding interfaces via SNMP.
Actually, i had a list of IPs before, i needed just to match them with int names. I did it using 2 MIBs - 1.3.6.1.2.1.4.20.1.2.+IPaddress returns the index of interface and using this index i used 1.3.6.1.2.1.2.2.1.2.+IntfIndex (obtained in previous step). I did it for every IP address in list and works like charm.
There is also the ifxTable which has improved interface speed information for high speed ethernet ports:
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=true&objectInput=ifXTable