Initial release

.gitignore

@@ -0,0 +1,7 @@
+.vs
+*.err
+*.log
+*.wrn
+objchk*
+objfre*
+redist_*

LICENSE

@@ -0,0 +1,7 @@
+Copyright 2020 Colin Finck, ENLYZE GmbH <[email protected]>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -0,0 +1,48 @@
+<img width="150" align="right" src="img/PortSniffer.svg" />
+
+# ENLYZE PortSniffer
+
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+An open-source driver and tool to monitor the traffic between applications and arbitrary serial or parallel ports.  
+Compatible with Windows XP or later (32-bit and 64-bit).
+
+## Comparison with Sysinternals Portmon
+ENLYZE PortSniffer has been inspired by the [Sysinternals Portmon](https://docs.microsoft.com/en-us/sysinternals/downloads/portmon) tool, but has several distinct differences:
+
+**Advantages**
+* Based on the modern Kernel-Mode Driver Framework (KMDF) instead of the legacy NT4 driver model, thereby correctly reacting to Plug&Play events concerning serial/parallel ports.
+* Compatible with 64-bit Windows versions.
+* The freely available source code under the permissive MIT license and a documented public interface allow easy integration into an own application.
+
+**Disadvantages**
+* Comes with only a simple CLI application instead of a feature-rich GUI.
+* Captures only Read and Write events (whereas Portmon captures several additional port events).
+
+## How to build
+1. Install the [Windows Driver Kit 7.1.0](https://www.microsoft.com/en-us/download/details.aspx?id=11800).
+2. Open the WDK Build Environment for the minimum Windows version you want to support, your desired architecture, and the debug level.
+   I use _Windows XP x86 Free Build Environment_ and _Windows Server 2003 x64 Free Build Environment_ for release versions.
+3. Move to the root directory of your Git checkout and call `build_all`.
+
+The `build_on_ci.ps1` PowerShell script automates the building of release binaries with precise version information.
+It is currently unused, because I haven't found a public CI system with WDK 7.1.0 yet.
+
+## Goals
+All bug reports and pull requests improving the driver and tool quality are very welcome!  
+The code has been written to follow all known best practices and coding style guidelines for Windows driver development.
+It currently builds with zero compiler and PREfast warnings, and shall continue to do so.
+
+As of now, there are no plans to add a GUI or capture additional events like Portmon does.
+Due to the documented public interface, a GUI could very well be developed as a separate project outside the PortSniffer repository.
+If somebody wants to do that, this is the recommended approach, as it would also free you from the limitations of the WDK 7.1.0 Build Environment.
+
+There are also no plans to move away from WDK 7.1.0, because the driver shall remain compatible with Windows XP.
+
+## Driver Signature
+Currently, the published driver binaries are unsigned and therefore only work in Test Mode under 64-bit Windows versions.
+This may change in the future depending on the availability of a suitable code-signing certificate and Microsoft's blessing...  
+32-bit operating systems are not affected by this Windows limitation.
+
+## Contact
+Colin Finck ([[email protected]](mailto:[email protected]))

build_all.cmd

@@ -0,0 +1,36 @@
+@echo off
+::
+:: PortSniffer - Monitor the traffic of arbitrary serial or parallel ports
+:: Copyright 2020 Colin Finck, ENLYZE GmbH <[email protected]>
+::
+:: SPDX-License-Identifier: MIT
+::
+
+setlocal
+
+if "%_BUILDARCH%" == "x86" (
+    set OBJ_DIR=obj%BUILD_ALT_DIR%\i386
+) else if "%_BUILDARCH%" == "AMD64" (
+    set OBJ_DIR=obj%BUILD_ALT_DIR%\amd64
+) else (
+    echo Unknown build architecture: %_BUILDARCH%
+    echo Please run this script in a WDK command prompt.
+    goto :EOF
+)
+
+set REDIST_DIR=redist_%_BUILDARCH%
+mkdir %REDIST_DIR% 2>NUL
+copy %BASEDIR%\redist\wdf\%_BUILDARCH%\WdfCoInstaller01009.dll %REDIST_DIR%
+cd src
+
+cd driver
+rd /s /q %OBJ_DIR%
+build
+copy %OBJ_DIR%\EnlyzePortSniffer.sys ..\..\%REDIST_DIR%
+cd ..
+
+cd tool
+rd /s /q %OBJ_DIR%
+build
+copy %OBJ_DIR%\PortSniffer-Tool.exe ..\..\%REDIST_DIR%
+cd ..

build_on_ci.ps1

@@ -0,0 +1,14 @@
+#
+# PortSniffer - Monitor the traffic of arbitrary serial or parallel ports
+# Copyright 2020 Colin Finck, ENLYZE GmbH <[email protected]>
+#
+# SPDX-License-Identifier: MIT
+#
+
+# Set the current Git revision in version.h
+$gitRevision = & git rev-parse HEAD
+((Get-Content -Path src\version.h -Raw) -Replace 'unknown revision',$gitRevision) | Set-Content -Path src\version.h
+
+# Build release versions of driver and tool for x86 and amd64
+cmd /c "call C:\WinDDK\7600.16385.1\bin\setenv.bat C:\WinDDK\7600.16385.1\ fre x86 WXP && cd /d $pwd && build_all"
+cmd /c "call C:\WinDDK\7600.16385.1\bin\setenv.bat C:\WinDDK\7600.16385.1\ fre x64 WNET && cd /d $pwd && build_all"