|
阅读:5794回复:62
能否新开一个专栏,专门讨论IPSec? |
|
|
|
沙发#
发布于:2002-01-05 23:39
十分感谢
见面时我们可以好好聊聊 |
|
|
板凳#
发布于:2002-01-05 16:41
1、实在不能提前了。 不要用winsock,你编译w2k ddk里面的packet, 然后用它的inf文件安装,然后用如下代码抓包。 你的主函数里面循环调用recvpacket函数。 #ifndef __GLOBALFUNC_H__ #define __GLOBALFUNC_H__ #include <windows.h> #include <windowsx.h> #include \"winsvc.h\" // if have not this line,compiler not know what\'s sc_handle #include <ntddndis.h> #include \"ntddpack.h\" #include \"FmsAngentView.h\" #include \"struct.h\" #define UNICODE 1 #define DOSNAMEPREFIX TEXT(\"Packet_\") #define MAX_LINK_NAME_LENGTH 64 // 全局变量 ADAPTER Adapter[6]; int g_iAdapterNum; HANDLE g_hFileMap[6]; HANDLE g_hFileMapping[6]; BYTE * g_pbFileMap[6]; long g_lBuffer_Size; // buffer size(byte) DWORD g_dwCount[6]={0,0,0,0,0,0}; CFmsAngentView *pFmsAngentView; LOG g_Log; STAT g_Stat[6]; bool g_bListen; HANDLE g_hThread_GetPacket; DWORD g_dwID_GetPacket; BYTE* g_pbIndex[6]; // packet index DWORD g_dwBuffer_Size; bool g_bDoPacketExit=false; bool g_bFirstCall=true; // weather recvpacket first call? int g_iComboSelect=0; BOOLEAN StartPacketDriver( LPTSTR ServiceName ); WORD swaps(WORD net) { WORD lo,hi; WORD host; lo=net&0xff; hi=net&0xff00; lo=lo<<8; hi=hi>>8; host=hi|lo; return host; } BOOLEAN PacketOpenAdapter( LPADAPTER lpAdapter ) { BOOLEAN Result; wsprintf( lpAdapter->SymbolicLink, TEXT(\"\\\\\\\\.\\\\%s%s\"), DOSNAMEPREFIX, &lpAdapter->AdapterName[8] ); Result=DefineDosDevice( DDD_RAW_TARGET_PATH, &lpAdapter->SymbolicLink[4], lpAdapter->AdapterName ); if (Result) { lpAdapter->hFile=CreateFile(lpAdapter->SymbolicLink, GENERIC_WRITE | GENERIC_READ, 0, NULL, CREATE_ALWAYS, FILE_FLAG_OVERLAPPED, 0 ); if (lpAdapter->hFile != INVALID_HANDLE_VALUE) { return true ; } } return false; } VOID PacketCloseAdapter( LPADAPTER lpAdapter ) { CloseHandle(lpAdapter->hFile); GlobalFreePtr(lpAdapter); } PVOID PacketAllocatePacket( void ) { LPPACKET lpPacket; lpPacket=(LPPACKET)GlobalAllocPtr( GMEM_MOVEABLE | GMEM_ZEROINIT, sizeof(PACKET) ); if (lpPacket==NULL) { return NULL; } lpPacket->OverLapped.hEvent=CreateEvent( NULL, FALSE, FALSE, NULL ); // auto reset,initial=false if (lpPacket->OverLapped.hEvent==NULL) { GlobalFreePtr(lpPacket); return NULL; } return lpPacket; } VOID PacketFreePacket( LPPACKET lpPacket ) { CloseHandle(lpPacket->OverLapped.hEvent); GlobalFreePtr(lpPacket); } BOOLEAN PacketSendPacket( LPADAPTER AdapterObject, LPPACKET lpPacket, BOOLEAN Sync ) { BOOLEAN Result; DWORD BytesTransfered; lpPacket->OverLapped.Offset=0; lpPacket->OverLapped.OffsetHigh=0; if (!ResetEvent(lpPacket->OverLapped.hEvent)) { return FALSE; } Result=WriteFile( AdapterObject->hFile, lpPacket->Buffer, lpPacket->Length, &BytesTransfered, &lpPacket->OverLapped ); if (Sync) { // // They want to wait // Result=GetOverlappedResult( AdapterObject->hFile, &lpPacket->OverLapped, &BytesTransfered, TRUE ); } else { // // They don\'t want to wait, they will call PacketWaitPacket to get // The real result // Result=TRUE; } return Result; } BOOLEAN InitPacket(LPPACKET lpPacket) { lpPacket->Length =0x2000; lpPacket->OverLapped.hEvent=CreateEvent( NULL, FALSE, // 自动 FALSE, // 初使无信号 NULL ); if(lpPacket->OverLapped.hEvent == NULL) return false; else return true; } BOOLEAN RecvPacket( BYTE *pbuf, int *piAdapterNum, PULONG BytesReceived ) { static int iReadAdapterNum=0; BOOLEAN Result; static PACKET Packet[32]; static HANDLE hEvent[32]; DWORD dwByteReceive; HANDLE hEventTemp; int i,j,k; if(g_bFirstCall) // if first call ,let\'s call 32 times readfile first { for(i=0;i<32;i++) { Packet.OverLapped.Offset=0; Packet.OverLapped.OffsetHigh=0; Packet.OverLapped.hEvent=CreateEvent( 0, TRUE, FALSE, NULL ); // manual reset,initial=false hEvent=Packet.OverLapped.hEvent; Packet.Length =1514; // if someone shit send a packet>>1514,what\'s happen? Result=ReadFile( Adapter[iReadAdapterNum].hFile, Packet.Buffer, Packet.Length, &dwByteReceive, &Packet.OverLapped ); Packet.iAdapterNum =iReadAdapterNum; iReadAdapterNum++; iReadAdapterNum=iReadAdapterNum%g_iAdapterNum; // need use a global } g_bFirstCall=false; } i= WaitForMultipleObjects( // which read return? 32, hEvent, false, // wait untill one hevent signal INFINITE // wait ever ); if(i==WAIT_FAILED) return false; for(j=0;j<32;j++) if(Packet[j].OverLapped.hEvent ==hEvent) break; // which read return? k=j; dwByteReceive=0; Result=GetOverlappedResult( Adapter[Packet[k].iAdapterNum].hFile, &Packet[k].OverLapped, &dwByteReceive, false ); if(!Result) { AfxMessageBox(\"!!!\"); return false; } *piAdapterNum=Packet[k].iAdapterNum ; // return value memcpy((void *)pbuf,(void *)Packet[k].Buffer,dwByteReceive); *BytesReceived=dwByteReceive; CloseHandle(Packet[k].OverLapped.hEvent); for(j=i;j<32;i++) hEvent=hEvent[++j]; hEventTemp=CreateEvent(0, TRUE, 0, NULL); if(!hEventTemp) { MessageBox(NULL,\"Can not create event\",NULL,MB_OK); return false; } Packet[k].OverLapped.hEvent=hEventTemp; memset(Packet[k].Buffer,0,1514); Packet[k].Length =1514; hEvent[31]=hEventTemp; // k返回了,就再读K一次 Result=ReadFile( Adapter[Packet[k].iAdapterNum].hFile, Packet[k].Buffer, Packet[k].Length, &dwByteReceive, &Packet[k].OverLapped ); return Result; } BOOLEAN SyncReceivePacket( HANDLE hFile, LPPACKET lpPacket ) { BOOLEAN Result; lpPacket->OverLapped.Offset=0; lpPacket->OverLapped.OffsetHigh=0; Result=ReadFile( hFile, lpPacket->Buffer, lpPacket->Length, &lpPacket->Length , &lpPacket->OverLapped ); Result=GetOverlappedResult( hFile, &lpPacket->OverLapped, &lpPacket->Length , TRUE ); return Result; } BOOLEAN PacketResetAdapter( LPADAPTER AdapterObject ) { DWORD BytesReturned; int a=DeviceIoControl( AdapterObject->hFile, (DWORD)IOCTL_PROTOCOL_RESET, NULL, 0, NULL, 0, &BytesReturned, NULL ); return TRUE; } BOOLEAN PacketRequest( HANDLE hFile, BOOLEAN Set, PPACKET_OID_DATA OidData ) { DWORD BytesReturned; BOOLEAN Result; Result=DeviceIoControl( hFile, (DWORD) Set ? IOCTL_PROTOCOL_SET_OID : IOCTL_PROTOCOL_QUERY_OID, OidData, sizeof(PACKET_OID_DATA)-1+OidData->Length, OidData, sizeof(PACKET_OID_DATA)-1+OidData->Length, &BytesReturned, NULL ); if(Result==0) DWORD a=GetLastError(); return Result; } BOOLEAN PacketSetFilter( HANDLE hFile, ULONG Filter ) { BOOLEAN Status; ULONG IoCtlBufferLength=(sizeof(PACKET_OID_DATA)+sizeof(ULONG)-1); PPACKET_OID_DATA OidData; OidData=(PACKET_OID_DATA*)GlobalAllocPtr( GMEM_MOVEABLE | GMEM_ZEROINIT, IoCtlBufferLength ); if (OidData == NULL) { return FALSE; } OidData->Oid=OID_GEN_CURRENT_PACKET_FILTER; OidData->Length=sizeof(ULONG); *((PULONG)OidData->Data)=Filter; Status=PacketRequest( hFile, TRUE, OidData ); GlobalFreePtr(OidData); return Status; } BOOLEAN StartPacketDriver( LPTSTR ServiceName ) { BOOLEAN Status; SC_HANDLE SCManagerHandle; SC_HANDLE SCServiceHandle; /* Open a handle to the SC Manager database. */ SCManagerHandle = OpenSCManager( NULL, /* local machine */ NULL, /* ServicesActive database */ SC_MANAGER_ALL_ACCESS); /* full access rights */ if (SCManagerHandle==NULL) { MessageBox(NULL,TEXT(\"Could not open SC\"),NULL,MB_OK); return FALSE; } else { SCServiceHandle=OpenService(SCManagerHandle, ServiceName, SERVICE_START ); if (SCServiceHandle == NULL) { MessageBox(NULL,TEXT(\"Could not open service\"),NULL,MB_OK); } Status=StartService( SCServiceHandle, 0, NULL ); if (!Status) { if (GetLastError()==ERROR_SERVICE_ALREADY_RUNNING) { return TRUE; } } return Status; } return FALSE; } ULONG PacketGetAdapterNames( PTSTR pStr, PULONG BufferSize, char* pKey ) { HKEY SystemKey; HKEY NdisPerfKey; HKEY LinkageKey; LONG Status; DWORD RegType; Status=RegOpenKeyEx( HKEY_LOCAL_MACHINE, TEXT(\"SYSTEM\\\\CurrentControlSet\\\\Services\"), 0, KEY_READ, &SystemKey ); if (Status == ERROR_SUCCESS) { Status=RegOpenKeyEx( SystemKey, pKey, 0, KEY_READ, &NdisPerfKey ); if (Status == ERROR_SUCCESS) { Status=RegOpenKeyEx( NdisPerfKey, TEXT(\"Linkage\"), 0, KEY_READ, &LinkageKey ); if (Status == ERROR_SUCCESS) { Status=RegQueryValueEx( LinkageKey, TEXT(\"Export\"), NULL, &RegType, (LPBYTE)pStr, // use buffersize to get the next string BufferSize ); RegCloseKey(LinkageKey); } RegCloseKey(NdisPerfKey); } RegCloseKey(SystemKey); } return Status; } bool RegRead(int *pnNetCardNum,TCHAR *szServiceName) { HKEY hkNetworkCards,hkCard; if(RegOpenKey(HKEY_LOCAL_MACHINE,\"Software\\\\Microsoft\\\\Windows NT\\\\CurrentVersion\\\\NetworkCards\",&hkNetworkCards)!=ERROR_SUCCESS) { MessageBox(NULL,\"read register failed!\",NULL,MB_OK); return false; } int i; char szCard[80]; char lpData[100],lpType[100]; DWORD cbValue; cbValue=100; for(i=0;i<6;i++) { if(RegEnumKey(hkNetworkCards,i,szCard,40)==ERROR_SUCCESS) { if(RegOpenKey(hkNetworkCards,szCard,&hkCard)!=ERROR_SUCCESS) return false; *pnNetCardNum=i+1; RegQueryValueEx( hkCard, \"ServiceName\", NULL, (unsigned long*)lpType, (unsigned char*)lpData, &cbValue ); sprintf(szServiceName+40*i,lpData); } else { sprintf(szServiceName+40*i,\"ffffffff\"); } } return true; } inline bool CreateMappingFile(int iAdapterNum,DWORD dwFileSize) { DWORD dwErrorCode; char ErrorMsg[256]; char szFileName[256]; // create a file mapping sprintf(szFileName,\"%d\",iAdapterNum); strcat(szFileName,\".dat\"); // EnterCriticalSection(&g_CriticalSection_Ctl_Msg); g_hFileMap[iAdapterNum]=CreateFile(szFileName, GENERIC_READ|GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); if (g_hFileMap[iAdapterNum]== INVALID_HANDLE_VALUE) { dwErrorCode = GetLastError(); sprintf(ErrorMsg,\"%s Create mapping file error,error code is %d\",szFileName,dwErrorCode); MessageBox(NULL,ErrorMsg,\"错误信息\",MB_OK); return false; } g_hFileMapping[iAdapterNum]=CreateFileMapping(g_hFileMap[iAdapterNum], NULL, PAGE_READWRITE, 0, dwFileSize, NULL); if (g_hFileMapping[iAdapterNum]==NULL) { dwErrorCode=GetLastError(); sprintf(ErrorMsg,\"%s GreateFileMapping return error,error code is %d\",szFileName,dwErrorCode); MessageBox(NULL,ErrorMsg,\"错误信息\",MB_OK); return false; } g_pbFileMap[iAdapterNum]=(PBYTE)MapViewOfFile(g_hFileMapping[iAdapterNum], FILE_MAP_WRITE, 0, 0, 0); if(g_pbFileMap[iAdapterNum]==NULL) { dwErrorCode=GetLastError(); sprintf(ErrorMsg,\"%s MapViewOfFile return error,error code is %d\",szFileName,dwErrorCode); MessageBox(NULL,ErrorMsg,\"错误信息\",MB_OK); return false; } // LeaveCriticalSection(&g_CriticalSection_Ctl_Msg); return true; } DWORD WINAPI CtlServer(LPVOID lpvThreadParm) { // CSocket ListSocket; // ListSocket.Create (5000); // ListSocket.Listen (); return 0; } bool GetAdapterArray(ADAPTER* Adapter,int* piAdapterNum) { ULONG RegNameLength=640; TCHAR pKey[60]; wsprintf(pKey,\"Packet2\"); int j; PacketGetAdapterNames(Adapter[0].AdapterName, &RegNameLength, pKey); j=0; for(WORD i=0;i<RegNameLength;i++) { if(*(Adapter[0].AdapterName +i)==\'\\0\') { j++; if(*(Adapter[0].AdapterName +i+1)==\'\\0\') break; sprintf(Adapter[j].AdapterName ,Adapter[0].AdapterName +i+1); } } *piAdapterNum=j ; // iAdapterNum 是从PACKET2绑定的网卡总数 return true; } bool Openadapter(ADAPTER* Adapter,int iAdapterNum) { int i; // open adapter for(i=0;i<iAdapterNum;i++) { PacketOpenAdapter(&Adapter); if (Adapter.hFile != NULL) { // AfxMessageBox(Adapter.AdapterName); } else { AfxMessageBox(\"canot open adapter!\"); } // set filter PacketSetFilter(Adapter.hFile ,NDIS_PACKET_TYPE_PROMISCUOUS); g_dwCount=0; } // read packet // 必须保证在本函数调用之前dopacket已经退出 // g_bDoPacketExit=false; // g_bFirstCall=true; // weather recvpacket first call? // g_hThread_GetPacket[0]=CreateThread(NULL,0,DoPacket,NULL,0,&g_dwID[0]); return true; } void AddLogList(LOG* pLog) { int i; CListCtrl& ListCtrl = pFmsAngentView->GetListCtrl(); i=ListCtrl.GetItemCount (); LV_ITEM lvi; lvi.mask = LVIF_TEXT | LVIF_IMAGE | LVIF_STATE; lvi.iItem = i; lvi.iSubItem = 0; switch(pLog->Type) { case 0: lvi.pszText=\"Normal\"; break; case 1: lvi.pszText=\"Warnging\"; break; case 2: lvi.pszText=\"Error\"; break; } lvi.iImage = pLog->Type ; lvi.stateMask = LVIS_STATEIMAGEMASK; lvi.state = INDEXTOSTATEIMAGEMASK(1); ListCtrl.InsertItem(&lvi); char pBuf[256]; sprintf(pBuf,\"%ld\",i ); ListCtrl.SetItemText(i,1,pBuf); sprintf(pBuf,\"%ld/%ld/%ld %ld:%ld:%ld:%ld\", pLog->time.wYear,pLog->time.wMonth ,pLog->time.wDay , pLog->time.wHour ,pLog->time.wMinute,pLog->time.wSecond, pLog->time.wMilliseconds); ListCtrl.SetItemText(i,2,pBuf); ListCtrl.SetItemText(i,3,pLog->strSource); sprintf(pBuf,\"%ld\",pLog->dwNum ); ListCtrl.SetItemText(i,4,pBuf); ListCtrl.SetItemText(i,5,pLog->strDescribe ); } void FillLogStruct(LOG* pLog,int type,DWORD dwId, SYSTEMTIME time,CString strsource, DWORD dwnum, CString strdescribe) { pLog->Type =type; pLog->dwID =dwId; pLog->time =time; pLog->strSource =strsource; pLog->dwNum =dwnum; pLog->strDescribe =strdescribe; } PVOID CreateIndex(DWORD dwSize) { SYSTEMTIME time; char ptemp[256]; DWORD dwErrCode; LOG Log; PVOID pvMem; pvMem= VirtualAlloc(NULL, dwSize, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE); if(pvMem==NULL) { dwErrCode=GetLastError(); sprintf(ptemp,\"Cannot Create Index,Error Code = %ld\",dwErrCode); GetLocalTime(&time); FillLogStruct(&Log,2,0,time,\"Local\",5001,ptemp); AddLogList(&Log); } else { GetLocalTime(&time); FillLogStruct(&Log,0,0,time,\"Local\",5000, \"Create Index \"); AddLogList(&Log); } return pvMem; } bool FilterPacket(BYTE* pBuf,DWORD dwBufLen,int iAdapterNum) { return true; } void StatPacket(BYTE* pBuf,DWORD dwBufLen,int iAdapterNum) { if(FilterPacket(pBuf,dwBufLen,iAdapterNum)) { g_Stat[iAdapterNum].dwCapturePackets+=1 ; g_Stat[iAdapterNum].dwCaptureOctets+=dwBufLen; } g_Stat[iAdapterNum].dwTotalPackets +=1; g_Stat[iAdapterNum].dwTotalOctets +=dwBufLen; // int i,headlen,totallen; EtherPacketHead *pEtherHead; IPPacketHead *pIPHead; IPAddr *psourip,*pdestip; EtherAddr *psoureth,*pdesteth; WORD sourport,destport; TCPPacketHead *pTCPHead; ARPPacket *pARPHead; ICMPPacketHead *pICMPHead; UDPPacketHead *pUDPHead; BYTE *pdata; pEtherHead=(struct EtherPacketHead *)pBuf; psoureth=&(pEtherHead->SourEther); pdesteth=&(pEtherHead->DestEther); // is this packet multicast? for(i=0;i<6;i++) { if(pdesteth->AddrByte!=0xff) break; } if(i==6) { g_Stat[iAdapterNum].dwBoardcastPackets +=1; g_Stat[iAdapterNum].dwBoardcastOctets +=dwBufLen; } else { g_Stat[iAdapterNum].dwUnicastPackets +=1; g_Stat[iAdapterNum].dwUnicastOctets +=dwBufLen; } // we need see ethernet or 802.3 if(pEtherHead->ServType >=0 &&pEtherHead->ServType<=0x5dc) { // 802.3 g_Stat[iAdapterNum].dwLLCPackets +=1; g_Stat[iAdapterNum].dwLLCOctets +=dwBufLen; } else { // ethernet g_Stat[iAdapterNum].dwEtherIIPackets +=1; g_Stat[iAdapterNum].dwEtherIIOctets +=dwBufLen; } switch (swaps(pEtherHead->ServType)) { case ETHER_PROTO_IP: // IP packet g_Stat[iAdapterNum].dwIPPackets +=1; g_Stat[iAdapterNum].dwIPOctets +=dwBufLen; pIPHead=(struct IPPacketHead *)(pBuf+ETHER_HEAD_LEN); switch (pIPHead->Proto) { case IP_PROTO_TCP: // TCP packet g_Stat[iAdapterNum].dwTCPPackets +=1; g_Stat[iAdapterNum].dwTCPOctets +=dwBufLen; break; case IP_PROTO_UDP: // UDP packet g_Stat[iAdapterNum].dwUDPPackets +=1; g_Stat[iAdapterNum].dwUDPOctets +=dwBufLen; break; case IP_PROTO_ICMP: // ICMP packet g_Stat[iAdapterNum].dwICMPPackets +=1; g_Stat[iAdapterNum].dwICMPOctets +=dwBufLen; break; default: // Unknown IP packet break; } break; case ETHER_PROTO_ARP: // ARP packet g_Stat[iAdapterNum].dwARPPackets +=1; g_Stat[iAdapterNum].dwARPOctets +=dwBufLen; break; default: // Unknown Ethernet packet break; } } DWORD WINAPI DoPacket(LPVOID lpvThreadParm) { TCHAR szBuf[0x2000]; WORD i; BYTE* pbFilePacket[6]; // 文件当前的位置 DWORD dwGetPacketTime; // Packet Capture Time SYSTEMTIME SystemTime; LOG Log; SYSTEMTIME time; TCHAR szTemp[256]; for(i=0;i<g_iAdapterNum;i++) { if(!CreateMappingFile(i,g_dwBuffer_Size)) ExitThread(-1); pbFilePacket=g_pbFileMap; sprintf((char*)pbFilePacket,\"%s\",Adapter.AdapterName); pbFilePacket+=64; // sizeof(Adapter.AdapterName)<64 GetLocalTime(&SystemTime); sprintf((char*)pbFilePacket,\"%ldYear%ldMonth%ldDay%ldHour%ldMintue%ldSecond%ldMillSecend\",SystemTime.wYear,SystemTime.wMonth,SystemTime.wDay ,SystemTime.wHour ,SystemTime.wMinute,SystemTime.wSecond,SystemTime.wMilliseconds); pbFilePacket+=136; // 136+64=200,也即正文从第200个字节开始 } for(i=0;i<g_iAdapterNum;i++) // 创建INDEX,提交内存 { g_pbIndex=(BYTE*)CreateIndex((DWORD)(g_dwBuffer_Size*4/64)); } while(1) { sprintf(szBuf,\"\"); BYTE pbuf[0x2000]; DWORD dwByteReceived; int iAdapterNum; RecvPacket(pbuf,&iAdapterNum,&dwByteReceived); if(g_bDoPacketExit) { // first close mapping file for(i=0;i<g_iAdapterNum;i++) { UnmapViewOfFile(g_pbFileMap); CloseHandle(g_hFileMapping); SetFilePointer(g_hFileMap,pbFilePacket-g_pbFileMap,NULL,FILE_BEGIN); SetEndOfFile(g_hFileMap); CloseHandle(g_hFileMap); } // then free index memory ExitThread(0); } // FilterPacket StatPacket(pbuf,dwByteReceived,iAdapterNum); if (pbFilePacket[iAdapterNum]>=g_pbFileMap[iAdapterNum]+g_dwBuffer_Size-20-dwByteReceived) { // need wrap GetLocalTime(&time); g_dwCount[iAdapterNum]=0; pbFilePacket[iAdapterNum]=g_pbFileMap[iAdapterNum]; sprintf(szTemp,\"%d Buffer Wrap\",iAdapterNum); FillLogStruct(&Log,1,0,time,\"Local\",7000,szTemp); AddLogList(&Log); } g_dwCount[iAdapterNum]++; dwGetPacketTime=GetTickCount(); memcpy(g_pbIndex[iAdapterNum]+(g_dwCount[iAdapterNum]-1)*4,&(pbFilePacket[iAdapterNum]),sizeof(pbFilePacket[iAdapterNum])); memcpy(pbFilePacket[iAdapterNum],&dwByteReceived,sizeof(dwByteReceived)); pbFilePacket[iAdapterNum]+=sizeof(dwByteReceived); memcpy(pbFilePacket[iAdapterNum],&dwGetPacketTime,sizeof(dwGetPacketTime)); pbFilePacket[iAdapterNum]+=sizeof(dwGetPacketTime); for(i=0;i<dwByteReceived;i++) { *(pbFilePacket[iAdapterNum]+i)=pbuf; } pbFilePacket[iAdapterNum]+=dwByteReceived; } return true; } bool StartCapture(void) { DWORD dwErrCode; SYSTEMTIME time; char ptemp[256]; LOG Log; g_hThread_GetPacket=CreateThread(NULL, 0,DoPacket,NULL,0,&g_dwID_GetPacket); if(g_hThread_GetPacket) { GetLocalTime(&time); FillLogStruct(&Log,0,0,time, \"Local\",6000,\"Start Capture Packet\"); AddLogList(&Log); return true; } else { GetLocalTime(&time); dwErrCode=GetLastError(); sprintf(ptemp, \"Create Get Packet Thread Failed! Error Code = %ld\", dwErrCode); FillLogStruct(&Log,2,0,time,\"Local\", 6001,ptemp); AddLogList(&Log); return false; } } void StatSerialize(CArchive& ar,STAT& Stat) { if(ar.IsStoring()) { ar << Stat.dwTotalPackets; ar << Stat.dwBoardcastPackets; ar << Stat.dwMulticastPackets; ar << Stat.dwUnicastPackets; ar << Stat.dwCapturePackets; ar << Stat.dwEtherIIPackets; ar << Stat.dwLLCPackets; ar << Stat.dwSNAPPackets; ar << Stat.dwIPPackets; ar << Stat.dwTCPPackets; ar << Stat.dwUDPPackets; ar << Stat.dwARPPackets; ar << Stat.dwICMPPackets; ar << Stat.dwTotalOctets; ar << Stat.dwBoardcastOctets; ar << Stat.dwMulticastOctets; ar << Stat.dwUnicastOctets; ar << Stat.dwCaptureOctets; ar << Stat.dwEtherIIOctets; ar << Stat.dwLLCOctets; ar << Stat.dwSNAPOctets; ar << Stat.dwIPOctets; ar << Stat.dwTCPOctets; ar << Stat.dwUDPOctets; ar << Stat.dwARPOctets; ar << Stat.dwICMPOctets; } else { ar >> Stat.dwTotalPackets; ar >> Stat.dwBoardcastPackets; ar >> Stat.dwMulticastPackets; ar >> Stat.dwUnicastPackets; ar >> Stat.dwCapturePackets; ar >> Stat.dwEtherIIPackets; ar >> Stat.dwLLCPackets; ar >> Stat.dwSNAPPackets; ar >> Stat.dwIPPackets; ar >> Stat.dwTCPPackets; ar >> Stat.dwUDPPackets; ar >> Stat.dwARPPackets; ar >> Stat.dwICMPPackets; ar >> Stat.dwTotalOctets; ar >> Stat.dwBoardcastOctets; ar >> Stat.dwMulticastOctets; ar >> Stat.dwUnicastOctets; ar >> Stat.dwCaptureOctets; ar >> Stat.dwEtherIIOctets; ar >> Stat.dwLLCOctets; ar >> Stat.dwSNAPOctets; ar >> Stat.dwIPOctets; ar >> Stat.dwTCPOctets; ar >> Stat.dwUDPOctets; ar >> Stat.dwARPOctets; ar >> Stat.dwICMPOctets; } } void TimeSerialize(CArchive& ar,SYSTEMTIME& time) { if (ar.IsStoring()) { ar << time.wYear ; ar << time.wMonth ; ar << time.wDay ; ar << time.wDayOfWeek ; ar << time.wHour ; ar << time.wMinute ; ar << time.wSecond ; ar << time.wMilliseconds ; } else { ar >> time.wYear ; ar >> time.wMonth ; ar >> time.wDay ; ar >> time.wDayOfWeek ; ar >> time.wHour ; ar >> time.wMinute ; ar >> time.wSecond ; ar >> time.wMilliseconds ; } } SYSTEMTIME Tick2System(DWORD dwTickCount) { // ctime &ctimespan havenot millsecond,so we must first save it DWORD dwCount=dwTickCount-((CFmsAngentApp*)AfxGetApp())->m_TickCount; SYSTEMTIME stime; stime= ((CFmsAngentApp*)AfxGetApp())->m_LocalTime ; dwCount-= stime.wMilliseconds ; CTimeSpan timepass(0,0,0,dwCount/1000); CTime time(stime); time+=timepass; time.GetAsSystemTime (stime); stime.wMilliseconds = (WORD)(dwCount- (dwCount/1000)*1000); return stime; } DWORD System2Tick(SYSTEMTIME stime) { SYSTEMTIME ltime = ((CFmsAngentApp*)AfxGetApp())->m_LocalTime ; DWORD dwTick = ((CFmsAngentApp*)AfxGetApp())->m_TickCount ; DWORD dwMill=stime.wMilliseconds - ltime.wMilliseconds ; DWORD dwTickReturn; CTime cltime(ltime); CTime cstime(stime); CTimeSpan cspantime = cltime-cstime; dwTickReturn = cspantime.GetTotalSeconds ()*1000+dwMill; return dwTickReturn; } #endif // |
|
|
|
地板#
发布于:2002-01-04 23:40
1、实在不能提前了。
2、我的APP是用WINSOCK写的,我实在不知道应该怎麽改进,能给点提示吗? |
|
|
地下室#
发布于:2002-01-03 19:25
我不在航天部。 希望你请客时间提前一点,否则我就回家过年去了。 netxray应该不会丢包,是否你的缓冲区分配不够大? 此外,你确信发了2k个包?你的app丢了200个包是因为 你的app写得不够好。 我曾经用packet.sys抓过4快网卡的包,基本上没有丢包。 |
|
|
|
5楼#
发布于:2002-01-03 18:35
我不在航天部。
时间一定要等到二月,最好在春节前,就这段时间,如何?希望我们见面前,你还没有转业,呵呵 另外向斑竹请教个问题,我用MCU作了个嵌入式系统,可以发UDP包,用它发2000个包,在PC端用NETXRAY只能收到1900个包,而自己写的APP只能收到1800个包,这是为甚麽呀? 我快疯了!!! [编辑 - 1/3/02 作者: jjs] |
|
|
6楼#
发布于:2002-01-03 12:11
我也很想聚聚,不过这个月实在离不开。等闲下来,我请撮饭。呵呵 好的,既然jjs发话了,他离我们单位又不远,那就吃定他了。 jjs,说个点吧,别让大家等的花儿也谢了。 littSW可能离我们比较远,我曾经去过你们那边,好像有一趟 车直达? jjs,你是不是在航天部啊?我们单位旁边我看也没有多少别 的单位了。 |
|
|
|
7楼#
发布于:2002-01-03 00:41
我也很想聚聚,不过这个月实在离不开。等闲下来,我请撮饭。呵呵
|
|
|
8楼#
发布于:2002-01-03 00:12
真的没有办法了???
|
|
|
|
9楼#
发布于:2002-01-02 23:34
我也不愿意,人在江湖身不由己啊!
|
|
|
10楼#
发布于:2002-01-02 22:56
喝,老兄可真是发奋呀!难道连一天都抽不出来吗??
还有,胡版主不是说要聚聚吗?什么时候有空呀?? |
|
|
|
11楼#
发布于:2002-01-01 22:56
to huyg and LitteSW:
我在北京,离空一所不远。去过很多次,某次,被空一所两个哥们灌倒,一直吐到我们单位门口,真惨。 最近实在太忙,要到二月才有空。这几天一直在埋头苦干。 原来LitteSW是师兄啊,失敬。快满八年了,想转业吗,呵呵 |
|
|
12楼#
发布于:2002-01-01 19:47
To Hugy:
完全赞同! 不过2号我有事,而且时间也不允许。3号怎么样? To jjs: 我是“沟5”的,你算是我的师弟!哈哈 |
|
|
|
13楼#
发布于:2002-01-01 15:37
to LitteSW 妈的,既然大家都是部队的,不知道jjs是否在北京, 何不借此机会出来聚聚,总比元旦还在机房无所事事 强得多。 |
|
|
|
14楼#
发布于:2002-01-01 13:12
to LitteSW
eight. 在山西我被区队长搞的好惨。 你是那年的?你在卢沟桥吗? |
|
|
15楼#
发布于:2002-01-01 00:53
[quote]to HUYG 你的看法极端错误。我们所有好几个军艺的mm,都非常pp, 我以为章子仪赵薇周迅之类的当红花旦不如她们pp。 本人认为,军队的ppmm的比例比外面高。不信的可以去 一些部队大院走走看看。 [/quote] 胡版主说的没错。而且不止是搞军艺的。上回军训时有个战友,是南京一个什么学院的,非常的pp,害得我整天捧着她的照片看。 to sirroom: 你现在不敢回家算什么,现在我老爸老妈就住在我这里,说要监督我找GF,什么时候找到了他们什么时候走! 真是惨不忍睹。 to jjs: 你也是“黄龙”的?你是沟几的? 哈哈,想不到还能碰到战友! |
|
|
|
16楼#
发布于:2001-12-30 23:56
1、如果胡大侠毕业的时候分到我们单位就好了。
2、部队里PPMM不少,不过也是珍稀动物。而且一般很快被搞定。 3、另外有谁在山西忻州完成了转变呀? |
|
|
17楼#
发布于:2001-12-30 15:11
to HUYG 你的看法极端错误。我们所有好几个军艺的mm,都非常pp, 我以为章子仪赵薇周迅之类的当红花旦不如她们pp。 本人认为,军队的ppmm的比例比外面高。不信的可以去 一些部队大院走走看看。 |
|
|
|
18楼#
发布于:2001-12-30 10:19
to HUYG
皮蛋瘦肉粥怎么看都象是偶在某个mud中的食品啊?偶有很多年没有大醉过了,现在戒酒了 要找pp一点的mm,很显然要转业三,那边基本上就见不到几个pp一点的mm吧,现在看来,要找pp一点的mm,得从小开始,年级越高越发现mm不pp了,居然发现原来初高中时看着很一般的mm现在看来都是暴pp的。 to littleSW 偶ft,家里人不催你??偶现在都不敢回家了,一回去父母就叨唠着这事。现在看来偶得到外地避难去了 |
|
|
|
19楼#
发布于:2001-12-29 09:02
94,找一个一般pp(丑的不要),但温柔可爱的,这样什么时候都不会变质.... 没有追求。 是否变质和使用者有关。 如果老婆pp,就算洗2套衣服我也愿意。 |
|
|
上一页
下一页