Click here to Skip to main content
13,089,246 members (65,500 online)
Rate this:
Please Sign up or sign in to vote.
See more:

TCPView is a Sysinternals tool that gives a superset of information of netstat. It gives per connection stats such as packets/ bytes sent/ received.

It uses Windows IP Helper API GetPerTcpConnectionEStats and GetPerTcp6ConnectionEStats presumably for TCP and TCP6 sockets.

However IP helper does not have similar functions for UDP. Moreover IPHelper does not support XP. But TCPView gives stats for UDP sockets and works on XP too.

TCPView has a binary resource embedded which I read somewhere could be a driver that supports getting the stats. I deleted this resource and saved the exe and still it runs the same on XP and WIndows 7.

Can someone help how TCPView is showing stats for UDP sockets and work on XP as well.

Thanks in advance.
Posted 25-Oct-10 3:41am
Updated 25-Oct-10 19:00pm

1 solution

Rate this: bad
Please Sign up or sign in to vote.

Solution 1

I'm not 100% sure that tcpview uses GetPerTcpConnectionEStats as you mention, in fact, im pretty sure that it doesn't use them, if you look at the PE these calls are not imported. (but i may be wrong on this)

What i can tell you for sure is that TCPview leverages on ETW for monitoring network activity.
Search for APIs StartTrace, OpenTrace, ProcessTrace.

I'm about to implement the same functionality and im running into these issues as well, hope this helps...

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy |
Web04 | 2.8.170813.1 | Last Updated 15 Jun 2011
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100