|
阅读:689回复:1
奇怪问题??
NTSTATUS IPFilterHookDevice::DeviceControl(KIrp I)
{ NTSTATUS status; FILTER_MSG_LIST * pMsgRecord; I.Information() = 0; t << \"Entering IPFilterHookDevice::Device Control, \" << I; switch (I.IoctlCode()) { case 0x802://IPFILTERHOOK_IOCTL_READ_MSGRECORD: if( I.IoctlOutputBufferSize() < sizeof(FILTER_MSG_LIST)) { status = STATUS_BUFFER_TOO_SMALL; break; } //pMsgRecord = (FILTER_MSG_LIST *)I.IoctlBuffer(); pMsgRecord = new FILTER_MSG_LIST; if( !m_theHook->m_FilterMsgQueue.IsEmpty() ) { int nRead = 0; nRead = m_theHook->m_FilterMsgQueue.Read( pMsgRecord, 1); if( nRead > 0) { RtlCopyBytes( (FILTER_MSG_LIST *)I.IoctlBuffer(), pMsgRecord, sizeof(FILTER_MSG_LIST) ); FILTER_MSG_LIST * ptempRecord = new FILTER_MSG_LIST; RtlCopyBytes( ptempRecord, (FILTER_MSG_LIST *)I.IoctlBuffer(), sizeof(FILTER_MSG_LIST)); DbgPrint(\"\\n\"); DbgPrint(\"%d.%d.%d.%d--%d\\n\", ptempRecord->sourceIp0, ptempRecord->sourceIp1, ptempRecord->sourceIp2, ptempRecord->sourceIp3, ptempRecord->sourcePort); DbgPrint(\"time:%d-%d-%d-%d-%d\\n\", ptempRecord->Year, ptempRecord->Month, ptempRecord->Day, ptempRecord->Hour, ptempRecord->Minute); t<<\"ReadFilterMsgRecord ok\\n\"; } else { t<<\"ReadFilterMsgRecord failed\\n\"; } I.Information() = sizeof(FILTER_MSG_LIST); } else { // pMsgRecord = NULL; t<<\"because the fifo is full, readrecord failed!!\\n\"; } status = STATUS_SUCCESS; break; default: // Unrecognized IOCTL request status = STATUS_INVALID_PARAMETER; break; } // If the IRP\'s IOCTL handler deferred processing using some driver // specific scheme, the status variable is set to STATUS_PENDING. // In this case we simply return that status, and the IRP will be // completed later. Otherwise, complete the IRP using the status // returned by the IOCTL handler. if (status == STATUS_PENDING) { return status; } else { return I.Complete(status); } } ////////////////////////////////////////////////////////// Ring3 Application FILTER_MSG_LIST * ReadMsgRecord( void ) { // Note that Input and Output are named from the point of view // of the DEVICE: // bufInput supplies data to the device // bufOutput is written by the device to return data to this application FILTER_MSG_LIST *bufInput = new FILTER_MSG_LIST; FILTER_MSG_LIST *bufOutput = new FILTER_MSG_LIST; ULONG nOutput; HANDLE hDevice = OpenByName(); // Call device IO Control interface (IPFILTERHOOK_IOCTL_ClearHook) in driver if (!DeviceIoControl(hDevice, 0x802,//IPFILTERHOOK_IOCTL_READ_MSGRECORD, bufInput, sizeof(FILTER_MSG_LIST), bufInput,//bufOutput, sizeof(FILTER_MSG_LIST), &nOutput, NULL) ) { MessageBox( NULL, \"DeviceIoControl:IOCTL_READ_MSGRECORD failed!\", \"MessageInfo\", MB_OK); } else { if( nOutput == sizeof(FILTER_MSG_LIST)) { CloseHandle( hDevice); // MessageBox( NULL, \"DeviceIoControl:IOCTL_READ_MSGRECORD ok!\", \"MessageInfo\", MB_OK); if( bufOutput->destIp0==0) MessageBox( NULL, \"DeviceIoControl:IOCTL_READ_MSGRECORD failed!\", \"MessageInfo\", MB_OK); return bufOutput; } } CloseHandle( hDevice); return NULL; } 上面这段代码以前我调试成功啦后来不知怎么回事却不能读出记录拉很沮丧. |
|
|
沙发#
发布于:2002-06-26 11:45
道理是很简单但不知为什么失败啦?
|
|