How to resolve IP Addresses into Hostnames in Windows Kernel Driver












0















I am writing a Windows Kernel Driver, in which I need to resolve IP addresses into corresponding hostnames. There is very little documentation available for this on Microsoft pages:



Resolving Host Names and IP Addresses



How can this be done? What lookup order does Windows follow when we resolve hostnames from the kernel?










share|improve this question

























  • WskGetNameInfo is the function you want. It is an interface that can obtain the hostname by IP address. The link you posted already has the answer. Perhaps you have not asked exactly what you do not understand.

    – reinhard v.z.
    Dec 3 '18 at 12:23











  • I want to know if the lookup from kernel first checks the hosts file for the given IP. This is because I do not want the kernel to make lookup request on the DNS.

    – Ramchandra
    Dec 6 '18 at 6:04













  • Is the WskGetNameInfo call in kernel sufficient to get the result or do I have to setup WskProviderNPI before making the kernel call?

    – Ramchandra
    Dec 6 '18 at 6:06


















0















I am writing a Windows Kernel Driver, in which I need to resolve IP addresses into corresponding hostnames. There is very little documentation available for this on Microsoft pages:



Resolving Host Names and IP Addresses



How can this be done? What lookup order does Windows follow when we resolve hostnames from the kernel?










share|improve this question

























  • WskGetNameInfo is the function you want. It is an interface that can obtain the hostname by IP address. The link you posted already has the answer. Perhaps you have not asked exactly what you do not understand.

    – reinhard v.z.
    Dec 3 '18 at 12:23











  • I want to know if the lookup from kernel first checks the hosts file for the given IP. This is because I do not want the kernel to make lookup request on the DNS.

    – Ramchandra
    Dec 6 '18 at 6:04













  • Is the WskGetNameInfo call in kernel sufficient to get the result or do I have to setup WskProviderNPI before making the kernel call?

    – Ramchandra
    Dec 6 '18 at 6:06
















0












0








0








I am writing a Windows Kernel Driver, in which I need to resolve IP addresses into corresponding hostnames. There is very little documentation available for this on Microsoft pages:



Resolving Host Names and IP Addresses



How can this be done? What lookup order does Windows follow when we resolve hostnames from the kernel?










share|improve this question
















I am writing a Windows Kernel Driver, in which I need to resolve IP addresses into corresponding hostnames. There is very little documentation available for this on Microsoft pages:



Resolving Host Names and IP Addresses



How can this be done? What lookup order does Windows follow when we resolve hostnames from the kernel?







windows winsock winsock2 wdk windows-kernel






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 21 '18 at 9:23









Remy Lebeau

332k18251445




332k18251445










asked Nov 20 '18 at 19:23









RamchandraRamchandra

11




11













  • WskGetNameInfo is the function you want. It is an interface that can obtain the hostname by IP address. The link you posted already has the answer. Perhaps you have not asked exactly what you do not understand.

    – reinhard v.z.
    Dec 3 '18 at 12:23











  • I want to know if the lookup from kernel first checks the hosts file for the given IP. This is because I do not want the kernel to make lookup request on the DNS.

    – Ramchandra
    Dec 6 '18 at 6:04













  • Is the WskGetNameInfo call in kernel sufficient to get the result or do I have to setup WskProviderNPI before making the kernel call?

    – Ramchandra
    Dec 6 '18 at 6:06





















  • WskGetNameInfo is the function you want. It is an interface that can obtain the hostname by IP address. The link you posted already has the answer. Perhaps you have not asked exactly what you do not understand.

    – reinhard v.z.
    Dec 3 '18 at 12:23











  • I want to know if the lookup from kernel first checks the hosts file for the given IP. This is because I do not want the kernel to make lookup request on the DNS.

    – Ramchandra
    Dec 6 '18 at 6:04













  • Is the WskGetNameInfo call in kernel sufficient to get the result or do I have to setup WskProviderNPI before making the kernel call?

    – Ramchandra
    Dec 6 '18 at 6:06



















WskGetNameInfo is the function you want. It is an interface that can obtain the hostname by IP address. The link you posted already has the answer. Perhaps you have not asked exactly what you do not understand.

– reinhard v.z.
Dec 3 '18 at 12:23





WskGetNameInfo is the function you want. It is an interface that can obtain the hostname by IP address. The link you posted already has the answer. Perhaps you have not asked exactly what you do not understand.

– reinhard v.z.
Dec 3 '18 at 12:23













I want to know if the lookup from kernel first checks the hosts file for the given IP. This is because I do not want the kernel to make lookup request on the DNS.

– Ramchandra
Dec 6 '18 at 6:04







I want to know if the lookup from kernel first checks the hosts file for the given IP. This is because I do not want the kernel to make lookup request on the DNS.

– Ramchandra
Dec 6 '18 at 6:04















Is the WskGetNameInfo call in kernel sufficient to get the result or do I have to setup WskProviderNPI before making the kernel call?

– Ramchandra
Dec 6 '18 at 6:06







Is the WskGetNameInfo call in kernel sufficient to get the result or do I have to setup WskProviderNPI before making the kernel call?

– Ramchandra
Dec 6 '18 at 6:06














1 Answer
1






active

oldest

votes


















0














https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/content/wsk/nc-wsk-pfn_wsk_get_name_info




The WskGetNameInfo function provides protocol-independent translation
from a transport address to a host name.




According to the WDK document, it is said to provide protocol independent translation. So WskGetNameInfo seems to be providing you the way you want. I have not checked this part myself, but you can check it out with a simple test if you want. Check with a tool like Wireshark to see if DNS queries are occurring.



I do not think WskGetNameInfo will ever perform DNS queries. If so, it would be garbage.






share|improve this answer























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53400118%2fhow-to-resolve-ip-addresses-into-hostnames-in-windows-kernel-driver%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/content/wsk/nc-wsk-pfn_wsk_get_name_info




    The WskGetNameInfo function provides protocol-independent translation
    from a transport address to a host name.




    According to the WDK document, it is said to provide protocol independent translation. So WskGetNameInfo seems to be providing you the way you want. I have not checked this part myself, but you can check it out with a simple test if you want. Check with a tool like Wireshark to see if DNS queries are occurring.



    I do not think WskGetNameInfo will ever perform DNS queries. If so, it would be garbage.






    share|improve this answer




























      0














      https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/content/wsk/nc-wsk-pfn_wsk_get_name_info




      The WskGetNameInfo function provides protocol-independent translation
      from a transport address to a host name.




      According to the WDK document, it is said to provide protocol independent translation. So WskGetNameInfo seems to be providing you the way you want. I have not checked this part myself, but you can check it out with a simple test if you want. Check with a tool like Wireshark to see if DNS queries are occurring.



      I do not think WskGetNameInfo will ever perform DNS queries. If so, it would be garbage.






      share|improve this answer


























        0












        0








        0







        https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/content/wsk/nc-wsk-pfn_wsk_get_name_info




        The WskGetNameInfo function provides protocol-independent translation
        from a transport address to a host name.




        According to the WDK document, it is said to provide protocol independent translation. So WskGetNameInfo seems to be providing you the way you want. I have not checked this part myself, but you can check it out with a simple test if you want. Check with a tool like Wireshark to see if DNS queries are occurring.



        I do not think WskGetNameInfo will ever perform DNS queries. If so, it would be garbage.






        share|improve this answer













        https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/content/wsk/nc-wsk-pfn_wsk_get_name_info




        The WskGetNameInfo function provides protocol-independent translation
        from a transport address to a host name.




        According to the WDK document, it is said to provide protocol independent translation. So WskGetNameInfo seems to be providing you the way you want. I have not checked this part myself, but you can check it out with a simple test if you want. Check with a tool like Wireshark to see if DNS queries are occurring.



        I do not think WskGetNameInfo will ever perform DNS queries. If so, it would be garbage.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Dec 6 '18 at 6:26









        reinhard v.z.reinhard v.z.

        1154




        1154






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53400118%2fhow-to-resolve-ip-addresses-into-hostnames-in-windows-kernel-driver%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

            Alcedinidae

            Origin of the phrase “under your belt”?