SC UDP Null protocol

[Ringo]

As a few of you may know i was stuck with sending data via a UDP winsock, since then iv had a brake and came back to it, but i am having problems understanding the format of "00 00 00 00" SC UDP packets.
Here are some logs to show what i am on about:

Code Select Expand


1  192.168.0.135:4225  63.240.202.138:6112  96  Send 
0000  FF 1C 60 00 00 00 00 00 00 00 00 00 02 00 01 00    ..`.............
0010  1F 00 00 00 00 00 00 00 31 76 31 20 4F 6E 20 43    ........1v1 On C
0020  68 61 6C 6C 65 6E 67 65 72 00 00 2C 33 34 2C 31    hallenger..,34,1
0030  32 2C 36 2C 31 2C 32 2C 2C 31 2C 64 34 31 66 38    2,6,1,2,,1,d41f8
0040  36 64 36 2C 2C 2C 54 48 49 53 69 73 4D 59 61 63    6d6,,,THISisMYac
0050  63 49 44 0D 43 68 61 6C 6C 65 6E 67 65 72 0D 00    cID.Challenger..

2  63.240.202.138:6112  192.168.0.135:4225  8  Recv 
0000  FF 1C 08 00 00 00 00 00                            ........

3  192.168.0.135:4225  63.240.202.138:6112  4  Send 
0000  FF 10 04 00                                        ....

Telling the server the SC client has created a game

Code Select Expand


4  :0  192.168.0.135:6112  8  RecvFrom 
0000  03 00 00 00 00 00 00 00                            ........

5  192.168.0.135:6112  :0  8  SendTo 
0000  03 00 00 00 01 00 00 00                            ........
SC (in this case) Recv/Sent this UDP packet 80 more times untill somone joined the game.
This must be some kinda ping packet or somthing.

Code Select Expand


172  :0  192.168.0.135:6112  8  RecvFrom 
0000  03 00 00 00 00 00 00 00                            ........

173  192.168.0.135:6112  :0  8  SendTo 
0000  03 00 00 00 01 00 00 00                            ........

174  :0  192.168.0.135:6112  20  RecvFrom 
0000  00 00 00 00 28 C4 10 00 00 00 01 00 00 01 FF 00    ....(...........
0010  01 00 00 00                                        ....

175  :0  192.168.0.135:6112  20  RecvFrom 
0000  00 00 00 00 28 C4 10 00 00 00 01 00 00 01 FF 00    ....(...........
0010  01 00 00 00                                        ....

176  :0  192.168.0.135:6112  20  RecvFrom 
0000  00 00 00 00 28 C4 10 00 00 00 01 00 00 01 FF 00    ....(...........
0010  01 00 00 00                                        ....

These 3 Null UDP packets are sent to the SC client when another SC client try's to join the game.
You may have already noticed that the 7th and 8th byte Word is the packet lengh (Not including the 1st Null DWord)

Code Select Expand


177  192.168.0.135:6112  :0  20  SendTo 
0000  00 00 00 00 33 B7 10 00 01 00 01 00 00 02 00 00    ....3...........
0010  01 00 00 00                                        ....

So SC responds with this

Code Select Expand


178  :0  192.168.0.135:6112  20  RecvFrom 
0000  00 00 00 00 40 A8 10 00 01 00 02 00 00 03 FF 00    ....@...........
0010  01 00 00 00                                        ....

179  :0  192.168.0.135:6112  59  RecvFrom 
0000  00 00 00 00 01 39 37 00 02 00 02 00 00 07 FF 00    .....97.........
0010  52 65 6D 69 74 6F 75 72 69 6E 69 29 45 28 00 52    Remitourini)E(.R
0020  41 54 53 20 30 20 30 20 32 36 20 30 20 30 20 30    ATS 0 0 26 0 0 0
0030  20 30 20 30 20 52 41 54 53 00 00                    0 0 RATS..

But now it gets interesting because the 2nd packet recv here with the players username, client and stats string varys.
The 5th and 6th byte Word varys every time a player trys to join and SC recv's this packet.

Code Select Expand


180  192.168.0.135:4225  63.240.202.138:6112  96  Send 
0000  FF 1C 60 00 06 00 00 00 30 00 00 00 02 00 01 00    ..`.....0.......
0010  1F 00 00 00 00 00 00 00 31 76 31 20 4F 6E 20 43    ........1v1 On C
0020  68 61 6C 6C 65 6E 67 65 72 00 00 2C 33 34 2C 31    hallenger..,34,1
0030  32 2C 36 2C 31 2C 32 2C 2C 31 2C 64 34 31 66 38    2,6,1,2,,1,d41f8
0040  36 64 36 2C 2C 2C 54 48 49 53 69 73 4D 59 61 63    6d6,,,THISisMYac
0050  63 49 44 0D 43 68 61 6C 6C 65 6E 67 65 72 0D 00    cID.Challenger..

SC Notifys the server that the game state is now full.

Code Select Expand


181  192.168.0.135:6112  :0  108  SendTo 
0000  00 00 00 00 57 3A 68 00 02 00 03 00 00 08 00 00    ....W:h.........
0010  01 00 00 00 02 00 00 00 B5 00 00 00 06 00 00 00    ................
0020  30 00 00 00 31 76 31 20 4F 6E 20 43 68 61 6C 6C    0...1v1 On Chall
0030  65 6E 67 65 72 00 2C 33 34 2C 31 32 2C 36 2C 31    enger.,34,12,6,1
0040  2C 32 2C 2C 31 2C 64 34 31 66 38 36 64 36 2C 2C    ,2,,1,d41f86d6,,
0050  2C 54 48 49 53 69 73 4D 59 61 63 63 49 44 0D 43    ,THISisMYaccID.C
0060  68 61 6C 6C 65 6E 67 65 72 0D 00 00                hallenger...

Now SC sends the player the game info with added  Words and DWords.
Also the 5th and 6th byte Word that SC sends also varys.

Code Select Expand


182  192.168.0.135:6112  :0  67  SendTo 
0000  00 00 00 00 BC 9B 3F 00 03 00 03 00 00 06 00 00    ......?.........
0010  33 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00    3...............
0020  B5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................
0030  00 00 00 00 54 48 49 53 69 73 4D 59 61 63 63 49    ....THISisMYaccI
0040  44 00 00                                           D..

Now SC sends the player lots more Dwords and my account name.

Code Select Expand


183  192.168.0.135:6112  :0  20  SendTo 
0000  00 00 00 00 A3 36 10 00 04 00 03 00 00 0F 00 00    .....6..........
0010  00 00 00 00                                        ....

184  192.168.0.135:6112  :0  48  SendTo 
0000  00 00 00 00 78 09 2C 00 05 00 03 00 00 09 00 00    ....x.,.........
0010  02 00 01 00 00 00 00 00 01 01 01 02 02 00 03 01    ................
0020  00 01 00 00 00 00 00 32 00 00 00 00 00 00 00 00    .......2........

185  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 F9 88 0D 00 B3 00 B5 00 02 00 00 00    ................
0010  05                                                 .

186  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 FC 84 0D 00 B4 00 B5 00 02 00 00 00    ................
0010  05                                                 .

187  192.168.0.135:6112  :0  16  SendTo 
0000  00 00 00 00 4D 99 0C 00 06 00 03 00 00 04 00 00    ....M...........

188  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 FF 80 0D 00 B5 00 B5 00 02 00 00 00    ................
0010  05                                                 .

Then SC sends the player all that...

Code Select Expand


191  :0  192.168.0.135:6112  16  RecvFrom 
0000  00 00 00 00 69 7A 0C 00 03 00 07 00 00 05 01 00    ....iz..........

192  :0  192.168.0.135:6112  16  RecvFrom 
0000  00 00 00 00 64 7F 0C 00 04 00 07 00 00 04 01 00    ....d...........

Then the player sends SC this..

Code Select Expand


193  192.168.0.135:6112  :0  16  SendTo 
0000  00 00 00 00 62 80 0C 00 07 00 05 00 00 05 00 00    ....b...........

So SC sends this..

Code Select Expand


194  63.240.202.138:6112  192.168.0.135:4225  8  Recv 
0000  FF 1C 08 00 00 00 00 00                            ........

Finaly the chat server replys for the change of game state (when the player joined)

Code Select Expand


195  :0  192.168.0.135:6112  8  RecvFrom 
0000  03 00 00 00 00 00 00 00                            ........

196  192.168.0.135:6112  :0  8  SendTo 
0000  03 00 00 00 01 00 00 00                            ........

The SC gets/sends this just for fun!

Code Select Expand


197  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 03 7C 0D 00 B6 00 B5 00 02 00 00 00    .....|..........
0010  05                                                 .

198  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 13 6A 0D 00 B5 00 B7 00 02 00 01 00    .....j..........
0010  05                                                 .

199  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 16 66 0D 00 B6 00 B7 00 02 00 01 00    .....f..........
0010  05                                                 .

200  :0  192.168.0.135:6112  16  RecvFrom 
0000  00 00 00 00 5F 82 0C 00 08 00 08 00 00 00 01 01    ...._...........

201  192.168.0.135:6112  :0  79  SendTo 
0000  00 00 00 00 1C 3D 4B 00 00 00 00 00 01 00 00 00    .....=K.........
0010  4A 00 00 60 00 80 00 06 06 00 00 00 00 00 00 00    J..`............
0020  00 00 00 06 06 02 01 00 02 01 00 00 00 00 00 06    ................
0030  06 00 00 00 00 00 00 00 00 00 00 01 01 00 00 00    ................
0040  00 00 00 01 00 00 00 01 01 00 00 00 00 00 00       ...............

202  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 8A 16 0D 00 01 00 00 00 01 00 00 00    ................
0010  50                                                 P

203  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 10 6C 0D 00 B7 00 B7 00 02 00 00 00    .....l..........
0010  05                                                 .

204  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 1E 5C 0D 00 B7 00 B8 00 02 00 01 00    .....\..........
0010  05                                                 .

205  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 18 62 0D 00 B8 00 B8 00 02 00 00 00    .....b..........
0010  05                                                 .

206  :0  192.168.0.135:6112  16  RecvFrom 
0000  00 00 00 00 36 B6 0C 00 02 00 02 00 01 00 01 01    ....6...........

207  :0  192.168.0.135:6112  34  RecvFrom 
0000  00 00 00 00 C1 8A 1E 00 B8 00 B9 00 02 00 01 00    ................
0010  40 00 00 00 00 00 00 00 00 01 00 05 00 00 6A D5    @.............j.
0020  6C 2D                                              l-

208  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 20 58 0D 00 B9 00 B9 00 02 00 00 00    .... X..........
0010  05                                                 .

209  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 2E 48 0D 00 B9 00 BA 00 02 00 01 00    .....H..........
0010  05                                                 .

Then after all that..

Code Select Expand


210  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 28 4E 0D 00 BA 00 BA 00 02 00 00 00    ....(N..........
0010  05                                                 .

211  192.168.0.135:6112  :0  21  SendTo 
0000  00 00 00 00 50 51 11 00 02 00 00 00 01 00 00 00    ....PQ..........
0010  49 01 00 00 00                                     I....

212  192.168.0.135:6112  :0  47  SendTo 
0000  00 00 00 00 B8 59 2B 00 03 00 00 00 01 00 00 00    .....Y+.........
0010  4F 1C 00 01 00 01 D8 00 00 43 F5 47 09 28 32 29    O........C.G.(2)
0020  43 68 61 6C 6C 65 6E 67 65 72 2E 73 63 6D 00       Challenger.scm.

213  192.168.0.135:4225  63.240.202.138:6112  26  Send 
0000  FF 0E 1A 00 2F 61 73 74 61 74 20 52 65 6D 69 74    ..../astat Remit
0010  6F 75 72 69 6E 69 29 45 28 00                      ourini)E(.

Now it seems all the checks or what ever are done and the client can join fully and become visible to my SC client in the game room. (as my SC has sent him the map for when the game starts and for him to check he/she has it)

Code Select Expand


214  :0  192.168.0.135:6112  27  RecvFrom 
0000  00 00 00 00 3F 71 17 00 00 00 04 00 01 00 01 00    ....?q..........
0010  4F 08 00 00 00 00 01 01 D8 00 00                   O..........

215  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 36 3E 0D 00 BA 00 BB 00 02 00 01 00    ....6>..........
0010  05                                                 .

Then the player sends SC that.

Code Select Expand


219  192.168.0.135:6112  :0  82  SendTo 
0000  00 00 00 00 C8 1D 4E 00 BB 00 BB 00 02 00 00 00    ......N.........
0010  3D 64 3E 07 FF 00 00 00 3E 06 FF 00 01 00 3E 05    =d>.....>.....>.
0020  FF 00 02 00 3E 04 FF 00 00 00 3E 03 FF 00 01 00    ....>.....>.....
0030  3E 02 FF 00 02 00 3E 01 01 02 06 00 3E 00 00 02    >.....>.....>...
0040  06 00 3F 01 00 00 01 00 05 00 3F 00 00 00 01 00    ..?.......?.....
0050  05 00                                              ..

Now im guessing this packet or the large chunky packet before this (like this one) is alot of Word values for the ingame room state, like open/closed slots and my selected race, things like that?

Code Select Expand


220  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 3E 34 0D 00 BB 00 BC 00 02 00 01 00    ....>4..........
0010  05                                                 .

221  192.168.0.135:6112  :0  16  SendTo 
0000  00 00 00 00 25 CA 0C 00 01 00 01 00 01 00 00 01    ....%...........

222  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 38 3A 0D 00 BC 00 BC 00 02 00 00 00    ....8:..........
0010  05                                                 .

223  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 46 2A 0D 00 BC 00 BD 00 02 00 01 00    ....F*..........
0010  05                                                 .

224  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 40 30 0D 00 BD 00 BD 00 02 00 00 00    ....@0..........
0010  05                                                 .

225  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 4E 20 0D 00 BD 00 BE 00 02 00 01 00    ....N ..........
0010  05                                                 .

226  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 48 26 0D 00 BE 00 BE 00 02 00 00 00    ....H&..........
0010  05                                                 .

227  :0  192.168.0.135:6112  18  RecvFrom 
0000  00 00 00 00 76 58 0E 00 BE 00 BF 00 02 00 01 00    ....vX..........
0010  3D 64                                              =d

228  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 50 1C 0D 00 BF 00 BF 00 02 00 00 00    ....P...........
0010  05                                                 .

229  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 5E 0C 0D 00 BF 00 C0 00 02 00 01 00    ....^...........
0010  05                                                 .

230  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 58 12 0D 00 C0 00 C0 00 02 00 00 00    ....X...........
0010  05                                                 .

And some more...

Code Select Expand


231  :0  192.168.0.135:6112  21  RecvFrom 
0000  00 00 00 00 2F 25 11 00 01 00 04 00 01 00 01 00    ..../%..........
0010  4C 68 65 79 00                                     Lhey.

232  :0  192.168.0.135:6112  17  RecvFrom 
0000  00 00 00 00 66 02 0D 00 C0 00 C1 00 02 00 01 00    ....f...........
0010  05                                                 .

233  192.168.0.135:6112  :0  17  SendTo 
0000  00 00 00 00 60 08 0D 00 C1 00 C1 00 02 00 00 00    ....`...........
0010  05                                                 .

234  192.168.0.135:6112  :0  16  SendTo 
0000  00 00 00 00 2D C0 0C 00 02 00 02 00 01 00 00 01    ....-...........

235  192.168.0.135:6112  :0  107  SendTo 
0000  00 00 00 00 1C B1 67 00 04 00 02 00 01 00 00 00    ......g.........
0010  4C 68 69 68 69 68 68 69 68 69 68 69 68 69 68 69    Lhihihhihihihihi
0020  68 69 68 69 68 69 68 69 68 69 68 68 69 68 69 68    hihihihihihhihih
0030  69 68 69 68 69 68 69 68 69 68 69 68 69 68 69 68    ihihihihihihihih
0040  69 68 69 68 69 68 69 68 68 69 68 69 68 69 68 69    ihihihihhihihihi
0050  68 69 68 69 68 69 68 69 68 69 68 69 68 69 68 69    hihihihihihihihi
0060  68 69 68 69 68 69 68 69 68 69 00                   hihihihihi.

Him saying "hay"
And me happy to see him
(lots of hi's)


In a number of them send/recv packets the 5th and 6th Word varys and im not sure why or what makes it.
And also if client to client packets are Null DWord then there must be a 2nd packet ID or somthing in the packet. So far iv been useing the 13th to 16th byte DWord as a referance to guild me.

If anyone can inlighten me a little on the format of the null dword sc UDP packet i would be most greatfull!!

thanks in advance!

Ringo

[R.a.B.B.i.T]

They appear to be just SID_NULLS (or rather the UDP variant of it).  You may want to log several games and compare values to see if you can figure out what's what.

Also, 213 is a normal Battle.Net BNCS TCP packet not UDP.

[Ringo]

They appear to be just SID_NULLS (or rather the UDP variant of it).  You may want to log several games and compare values to see if you can figure out what's what.

Also, 213 is a normal Battle.Net BNCS TCP packet not UDP.

I left the 213 chat packet in to show its when the client shows in the game room and you view there stats.

But when SC gets these packets, the 1st DWord i would say is somthing like a packet ID but more like a packet class, null being client game interaction?

The fact that the lengh of the packet is with in the packet its self and it blatently doesnt count the 1st null Dword, would say to me that SC reads them from the 5th byte on.
Also i now think the 9th and 10th byte Word is the packet ID.

This would make it somthing like:
Word ?
Word packet lengh
Word Packet ID
(void) data

or possibly somthing like this:
Word ?
Word packet lengh
Word Packet ID
Word ?
Word ?
Word ?
(void) data

? = 1 of the things im trying to figger out.

Or maybe the Word Packet ID is infact a packet ID byte followed by a null byte?

Iv also done many logs of exacly the same style games, hence saying the 1st word (after the null Dword) can vary both ways and couldnt find many clues.

but i really need some help veryifying this.

Ringo

[UserLoser.]

Nice work.  Good to see someone do something their selves these days.  The first WORD after the first DWORD is a checksum result performed on the packet's data.  The other few unknowns I'm not quite sure of, though, but I think some should be treated as 8-bit (BYTE) values.  I do know one of them is your player id.  Search forum, adron or iago or someone posted an explanation not too long ago

[Ringo]

The first WORD after the first DWORD is a checksum result performed on the packet's data.

Thanks for the fast reply UserLoser!

Ah ha, a check sum of the data would make sence as to why there were no visible clues as to how they were generated!

**Edit**
i was unable to find the post, but what offsets/bytes would be used to create a check sum of the packet? (If not all)
and what other things would i need to know if i were to write a function for this?

Thanks again in advance.
HAPPY NEW YEAR EVERYONE!!


Ringo

[R.a.B.B.i.T]

I noticed a few spots where the 3rd DWORD increments its second byte, but only for a few packets in a row, before it changes.  Note 181-184, then 185 changes and begins a new increment series, but 187 jumps back to the 181-184 series.  It looks like an identifier to which stream the packet is coming from, and is a counter as well as a checksum.  I don't have any values right now for the checksum, but I'll see if I can figure something out.

[R.a.B.B.i.T]

I'm working on that now (thanks for distracting me, I needed it!).  My question is what are the VB6 equivs of >> and <<?  Also, these don't work for values < 100.

[Arta]

I don't think there are any in VB6. You'll need to write (or find) equivalent functions.

[R.a.B.B.i.T]

Hmm.  Well then could you explain how they operate in C++?  All I know is that they are overloaders, but not much else.

[UserLoser.]

Hmm.  Well then could you explain how they operate in C++?  All I know is that they are overloaders, but not much else.

They shift a value X number of bits either to the right or left.  This could be done in VB (or any language) with some simple math

[R.a.B.B.i.T]

Thank you.  Now for clarity: they shift the number x bits as in ring-counter style, or filler-style, and if filler, 0 or 1?

[tA-Kane]

Thank you. Now for clarity: they shift the number x bits as in ring-counter style, or filler-style, and if filler, 0 or 1?

Remember, it's bit shift, not bit rotate
0x0000000F << 4 == 0x000000F0
0xF0000000 >> 4 == 0x0F000000


Easy enough.

[R.a.B.B.i.T]

Ho-hum!

Thanks.  I think I should be able to make this work in VB now

[R.a.B.B.i.T]

*bump*
Okay, with the help of PiaNKa, UDPChecksum() in VB6 works

Code Select Expand

Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" _
    (ByRef Destination As Any, ByRef Source As Any, ByVal numBytes As Long)

Private Function UDPCheckSum(bufa As String) As Long
    Dim subsum As Long
    Dim a As Long
    Dim b As Long
    Dim c As Long
    Dim lnt As Integer
   
    CopyMemory lnt, ByVal Mid$(bufa, 3, 2), 2
    lnt = lnt - 2
    subsum = SubChecksum(Mid(bufa, 3), lnt)
    a = &HFF - ((subsum And &HFF) + (ShiftRight(subsum, 8))) Mod &HFF
    b = ((&HFF - (a + (ShiftRight(subsum, 8))) Mod &HFF) And &HFF) Or ShiftLeft(a, 8)
   
    CopyMemory c, b, 2
    UDPCheckSum = c + 1
End Function

Private Function SubChecksum(ByRef buf As String, length As Integer) As Long
    Dim sum1 As Double
    Dim sum2 As Double
    Dim p As Long

    sum1 = sum2 = 0

    For p = length To 1 Step -1
        If Len(CStr(buf)) < p Then Exit For
        sum2 = sum2 + Asc(Mid$(buf, p, 1))
        If sum2 > &HFF Then sum2 = sum2 - &HFF
        sum1 = sum1 + sum2
    Next p

    SubChecksum = ShiftLeft((sum2 And &HFF), 8) Or ((sum1 Mod &HFF) And &HFF)
End Function

Public Function ShiftRight(ByVal a As Long, ByVal L As Long) As Long
    ShiftRight = CLng(a / (2 ^ L))
End Function

Public Function ShiftLeft(ByVal a As Long, ByVal L As Long) As Long
    ShiftLeft = CLng(a * (2 ^ L))
End Function

[pianka]

*sigh*, your code is...yeah...here... ...lol

Code Select Expand


Private Function RShift(ByVal pnValue As Long, ByVal pnShift As Long) As Double
On Error Resume Next
    RShift = CDbl(pnValue \ (2 ^ pnShift))
End Function

Private Function LShift(ByVal pnValue As Long, ByVal pnShift As Long) As Double
On Error Resume Next
    LShift = CDbl(pnValue * (2 ^ pnShift))
End Function

Private Function SubCheckSum(ByVal buf As String, ByVal length As Integer) As Long
    Dim sum1, sum2
    Dim i As Integer, iY As Integer
        For iY = 0 To length - 1
            i = length - iY
            sum2 = sum2 + Asc(Mid(buf, i, 1))
            If sum2 > &HFF Then
                sum2 = sum2 - &HFF
            End If
            sum1 = sum1 + sum2
        Next iY
        SubCheckSum = (LShift((sum2 And &HFF), 8)) Or ((sum1 Mod &HFF) And &HFF)
End Function

Private Function UDPCheckSum(buf As String) As Integer
    Dim subsum As Long, length As Integer
    Dim a As Long, b As Long, Ret As Integer
        CopyMemory length, ByVal Mid$(buf, 3, 2), 2
        length = length - 2
        subsum = SubCheckSum(Mid$(buf, 3), length)
        a = &HFF - ((subsum And &HFF) + (RShift(subsum, 8))) Mod &HFF
        b = CLng((((&HFF - (a + RShift(subsum, 8)) Mod &HFF) And &HFF) Or LShift(a, 8)))
        CopyMemory Ret, b, 2
        UDPCheckSum = Ret
End Function

Public Sub SendUDPPacket(ByVal Sock As Winsock, ByVal bytPacketID As Byte)
    Dim Checksum As Integer
    If bytPacketID = &H3 Then
        Sock.SendData MakeDWORD(CLng(&H3)) & strBuffer
        Clear
    Else
        Checksum = UDPCheckSum(MakeWORD(0) & MakeWORD(Len(strBuffer)) & strBuffer)
        Sock.SendData MakeDWORD(0) & MakeWORD(Checksum) & MakeWORD(Len(strBuffer)) & _
            strBuffer
        Clear
    End If
End Sub


Note that the SendUDPPacket has not been tested, although it exemplifies the correct usage of the UDPCheckSum() function...enjoy