From: joe briggs <jbriggs@briggsmedia.com>
To: Abhishek Agrawal <abhishek@abhishek.agrawal.name>,
Michael Knigge <Michael.Knigge@set-software.de>
Cc: Nir Livni <nir_l3@netvision.net.il>,
linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: FileSystem Filter Driver
Date: Wed, 23 Apr 2003 12:11:22 -0400 [thread overview]
Message-ID: <200304231211.22497.jbriggs@briggsmedia.com> (raw)
In-Reply-To: <1051099862.2099.6.camel@abhilinux.cygnet.co.in>
I once wrote a Windows 95/98 VXD that used the Microsoft mechanism -
frequently called a 'hooker'. In that case, you took a VXD template and made
a system call that 'hooked' onto either a device or a filename. In windows,
each file I/O action generated an event. You could listen for the event and
then check to see if it was for your file or device, and if so, choose to
selectively service (i.e, do the right thing), or pass it on to the normal
driver, or a combination of both. While at the time I thought "wow, what a
cool way wreak havoc", it was the only way at the time to get around some
other MS multimedia limitations. If someone wants it, I'll be glad to dig
it out.
On Wednesday 23 April 2003 08:11 am, Abhishek Agrawal wrote:
> On Wed, 2003-04-23 at 17:17, Michael Knigge wrote:
> > Under Windows a pretty well-known filter driver is FileMon at
> > www.sysinternals.com. Thex also have a Linux version but (ahhh)
> > without Source (the source for the Windows-Version is available). The
> > Linux-Version can be found at
> > http://www.sysinternals.com/linux/utilities/filemon.shtml
> >
> > I guess what they are doing is similar to the way strace works - but
> > I'm not sure. Hmmm, let us strace this thing ;-))))
>
> Filemon look like it will not work with kernel 2.5 up.
> From the link...
> "it replaces entries in the system call table with pointers to its own
> hook functions."
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
Joe Briggs
Briggs Media Systems
105 Burnsen Ave.
Manchester NH 01304 USA
TEL/FAX 603-232-3115 MOBILE 603-493-2386
www.briggsmedia.com
next prev parent reply other threads:[~2003-04-23 14:59 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-23 10:28 FileSystem Filter Driver Nir Livni
2003-04-23 1:05 ` Antonio Vargas
2003-04-23 12:20 ` Nir Livni
2003-04-23 12:22 ` Muli Ben-Yehuda
2003-04-23 10:08 ` Abhishek Agrawal
2003-04-23 11:47 ` Michael Knigge
2003-04-23 12:11 ` Abhishek Agrawal
2003-04-23 16:11 ` joe briggs [this message]
2003-04-23 15:48 ` Leonard Milcin, Jr
2003-04-23 16:21 ` Valdis.Kletnieks
2003-04-23 12:58 ` Nir Livni
2003-04-23 11:53 ` Rogier Wolff
2003-04-23 14:27 ` William Stearns
2003-04-23 19:12 Chuck Ebbert
2003-04-29 13:35 Nir Livni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200304231211.22497.jbriggs@briggsmedia.com \
--to=jbriggs@briggsmedia.com \
--cc=Michael.Knigge@set-software.de \
--cc=abhishek@abhishek.agrawal.name \
--cc=linux-kernel@vger.kernel.org \
--cc=nir_l3@netvision.net.il \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).