cgh93829
驱动牛犊
驱动牛犊
  • 注册日期2002-08-11
  • 最后登录2016-01-09
  • 粉丝0
  • 关注0
  • 积分1分
  • 威望10点
  • 贡献值0点
  • 好评度0点
  • 原创分0分
  • 专家分0分
阅读:2164回复:0

从NDIS BUFFER中直接提取TCPIP数据的Source Code

楼主#
更多 发布于:2002-07-08 17:14
TCPIP.H

#ifndef _TCPIPHEADER_
#define _TCPIPHEADER_

#ifdef __BORLANDC__

#define IP_TTL 80

#else

#endif

#define BUFFER_SIZE 8192
#define READ 1
#define WRITE 2

#define Null 0

#define WORD USHORT
#define BYTE UCHAR
#define DWORD ULONG

#define ETHER_PROTO_IP 0x0800 /* Ethernet protocol IP */
#define ETHER_PROTO_ARP 0x0806 /* Ethernet protocol ARP/RARP */

#define ETHER_HEAD_LEN 14/* Ethernet head length */

#define ARP_HARD_TYPE 1 /* Ethernet card*/
#define ARP_PROTO_TYPE 0x0800 /* IP protocol */

#define ARP_HARD_ADDR_LEN 6 /* Ethernet card address length */
#define ARP_ADDR_LEN 4 /* IP protocol address length */
#define ARP_PACKET_LEN 28 /* Arp packet length */

#define ARP_OPER_REQ 1 /* Arp request */
#define ARP_OPER_ANS 2 /* Arp answer */

#define RARP_HARD_TYPE 1 /* Ethernet card */
#define RARP_PROTO_TYPE 0x800 /* IP Protocol */

#define RARP_HARD_ADDR_LEN 6 /* Ethernet card address length */
#define RARP_ADDR_LEN 4 /* IP protocol address length */

#define RARP_OPER_REQ 3 /* Rarp request */
#define RARP_OPER_ANS 4 /* Rarp answer */

#define IP_VER 4 /* IP version */
#define IP_HEAD_LEN 5 /* IP head length */
#define IP_HEAD_BYTE_LEN 20 /* IP head length in byte */

#define IP_SERV_TYPE 0 /* IP service type */

#define IP_PROTO_TCP 6 /* TCP protocol */
#define IP_PROTO_UDP 17 /* UDP protocol */
#define IP_PROTO_ICMP 1 /* ICMP protocol */

#define IP_PAD 0 /* IP pseudohead padding */

#define IP_MF 0x4000 /* IP MF */
#define IP_DF 0x2000 /* IP DF */

#define IP_FLAG_MASK 0x1FFF /* IP flagoffset mask */

#define IP_DATAOFFSET NULL

#define TCP_HEAD_LEN 5 /* TCP head length */
#define TCP_HEAD_BYTE_LEN 20 /* TCP head length in byte */

#define TCP_URG 0x20 /* TCP URG */
#define TCP_ACK 0x10 /* TCP ACK */
#define TCP_PSH 0x08 /* TCP PSH */
#define TCP_RST 0x04 /* TCP RST */
#define TCP_SYN 0x02 /* TCP SYN */
#define TCP_FIN 0x01 /* TCP FIN */

#define UDP_HEAD_LEN 8 /* UDP head length */

#define PSEUDO_HEAD_LEN 12 /* Pseudo head length */

//ICMP Type

#define ICMP_REPLY       NULL
#define ICMP_UNREACHABLE 3
#define ICMP_ECHO        8

//ICMP Code

#define ICMP_NULL   NULL
#define ICMP_NOHOST 1
#define ICMP_NOPROT 2
#define ICMP_NOPORT 3

#define ICMP_HEAD_LEN 8 /* ICMP head length */
#define ICMP_DATA_LEN 32 /* ICMP Data Part Size */

#pragma pack(push)

#pragma pack(1)

typedef struct _EtherAddr
{
UCHAR AddrByte[6];
}
EtherAddr;

typedef struct _IPAddr
{
UCHAR AddrByte[4];
}
IPAddr;

typedef struct _EtherPacketHead
{
EtherAddr DestEther;
EtherAddr SourEther;
WORD ServType;
}
EtherPacketHead;

typedef struct _ARPPacketHead
{
WORD Type;
WORD Proto;
BYTE HardAddrLen;
BYTE AddrLen;
WORD Oper;
EtherAddr SourEther;
IPAddr SourIP;
EtherAddr DestEther;
IPAddr DestIP;
}
ARPPacketHead;

typedef struct _RARPPacketHead
{
WORD Type;
WORD Proto;
BYTE HardAddrLen;
BYTE AddrLen;
WORD Oper;
EtherAddr SourEther;
IPAddr SourIP;
EtherAddr DestEther;
IPAddr DestIP;
}
RARPPacketHead;

/*
struct IPPacketHead
{
BYTE VerHLen : 4;
BYTE HLen : 4; //Head Len(IP Head/4) (Per 32Bite)
BYTE Type; //Bits 0-2:  Precedence. Bit    3:  0 = Normal Delay,      1 = Low Delay.   Bits   4:  0 = Normal Throughput, 1 = High Throughput.  Bits   5:  0 = Normal Relibility, 1 = High Relibility.  Bit  6-7:  Reserved for Future Use.
WORD TtlLen; //All Ip Packet Len (IP Head+TCP/UDP Head+TCP/UDP Data)
WORD PacketId; // Every Pcket Id
BYTE ReServed : 3; //Bit 0: reserved, must be zero.  Bit 1: (DF) 0 = May Fragment,  1 = Don\'t Fragment.   Bit 2: (MF) 0 = Last Fragment, 1 = More Fragments.
WORD DataOff : 13;
BYTE TTL;
BYTE Proto;
WORD ChkSum; //Only IP Header
DWORD SourIP;
DWORD DestIP;
};

struct TCPPacketHead
{
WORD SourPort;
WORD DestPort;
DWORD SeqNo; //The sequence number of the first data octet in this segment (except when SYN is present). If SYN is present the sequence number is the initial sequence number (ISN) and the first data octet is ISN+1.
DWORD AckNo; //If the ACK control bit is set this field contains the value of the next sequence number the sender of the segment is expecting to receive.  Once a connection is established this is always sent.
BYTE HLen : 4; //Tcp Head Len/4 (Per 32Bite)
BYTE ReServed : 4; //Reserved for future use.  Must be zero.
BYTE TcpFlag; //(from left to right): URG:  Urgent Pointer field significant ACK:  Acknowledgment field significant PSH:  Push Function RST:  Reset the connection SYN:  Synchronize sequence numbers FIN:  No more data from sender
WORD WndSize;
WORD ChkSum; //TCP Header+User\'s Data
WORD UrgPtr;
};

* ACK flag (1 bit) - indicates that the acknowledgementfield is valid

* PSH flag (1 bit) - indicates pushed data (receivershould not buffer data upon arrival, but deliver it tothe application)

* RST flag (1 bit) - reset a connection (also used to rejectan invalid segment or refuse an attempt to open aconnection)

* SYN flag (1 bit) - used to establish a connection
  SYN = 1, ACK = 0 - denotes connection request
  SYN = 1, ACK = 1 - denotes connection accept

* FIN flag (1 bit) - used to close a connection (sender hasno more data to transmit, but may continue to receivedata indefinitely)

struct UDPPacketHead
{
WORD SourPort;
WORD DestPort;
WORD TtlLen;
WORD ChkSum;
}
*/

typedef struct _IPPacketHead
{
BYTE HLen : 4; //higher and lower bite switched
BYTE Ver : 4;
BYTE Type;
WORD TtlLen;
WORD PacketId;
WORD DataOffset;
BYTE Ttl;
BYTE Proto;
WORD ChkSum;
DWORD SourIP;
DWORD DestIP;
}
IPPacketHead;

typedef struct _TCPPacketHead
{
WORD SourPort;
WORD DestPort;
DWORD SeqNo;
DWORD AckNo;
BYTE Reserved : 4; //higher and lower bite switched
BYTE HLen : 4;
BYTE TcpFlag;
WORD WindowSize;
WORD ChkSum;
WORD Urgent;
}
TCPPacketHead;

typedef struct _ICMPPacketHead
{
BYTE Type;
BYTE Code; /*0 = net unreachable;1 = host unreachable;2 = protocol unreachable;3 = port unreachable;4 = fragmentation needed and DF set;5 = source route failed.*/
WORD Id;
WORD SeqNo;
WORD ChkSum;
//DWORD TimeStamp;
}
ICMPPacketHead;

typedef struct _UDPPacketHead
{
WORD SourPort;
WORD DestPort;
WORD Len;
WORD ChkSum;
}
UDPPacketHead;

typedef struct _IPOptionHead
{
UCHAR Code;        // Option type
UCHAR Len;         // Length of option hdr
UCHAR Ptr;         // Offset into options
DWORD Addr[9];     // List of IP addrs
}
IPOptionHead;

typedef struct _TCPHelpHead
{
DWORD SourIP;
DWORD DestIP;
BYTE Pad;
BYTE Proto;
WORD TtlLen;
}
TCPHelpHead;

typedef struct _UDPHelpHead
{
DWORD SourIP;
DWORD DestIP;
BYTE Pad;
BYTE Proto;
WORD TtlLen;
}
UDPHelpHead;

#pragma pack(pop)

VOID GetData(
IN BYTE * Source,
IN DWORD Lenght,
IN VOID * * Data,
IN DWORD * Size,
IN DWORD * Protocol
);

WORD ntohs(
  IN WORD Data
);

WORD htons(
  IN WORD Data
);

#endif

TCPIP.C

#include \"tcpip.h\"

WORD ntohs(WORD Data)
{
WORD A,B;

A=Data & 0x00FF;
B=Data & 0xFF00;

A<<=8;
B>>=8;

return A+B;
}

WORD htons(WORD Data)
{
WORD A,B;

A=Data & 0x00FF;
B=Data & 0xFF00;

A<<=8;
B>>=8;

return A+B;
}

VOID GetData(BYTE * Source,DWORD Lenght,VOID * * Data,DWORD * Size,DWORD * Protocol)
{
EtherPacketHead * EtherHead;
IPPacketHead * IpHead;
TCPPacketHead * TcpHead;
UDPPacketHead * UdpHead;
ICMPPacketHead * IcmpHead;
ARPPacketHead * ArpHead;
DWORD HeadLen,TotalLen;
BYTE * UserData;

UserData=Null;

TotalLen=Null;

* Protocol=Null;

if(Source!=Null)
{
EtherHead=(EtherPacketHead *) Source;

switch(ntohs(EtherHead->ServType))
{
case ETHER_PROTO_IP: /* IP packet */

IpHead=(IPPacketHead *)(Source+sizeof(EtherPacketHead));

if(IpHead->Ver!=IP_VER)
{
break;
}

HeadLen=IpHead->HLen*4;

TotalLen=ntohs(IpHead->TtlLen);

TotalLen-=HeadLen;

* Protocol=IpHead->Proto;

switch(IpHead->Proto)
{
case IP_PROTO_TCP: /* TCP packet */

TcpHead=(TCPPacketHead *)(Source+sizeof(EtherPacketHead)+HeadLen);

HeadLen=TcpHead->HLen*4;

TotalLen-=HeadLen;

UserData=(BYTE *) TcpHead+HeadLen;

break;
case IP_PROTO_UDP: /* UDP packet */

UdpHead=(UDPPacketHead *)(Source+sizeof(EtherPacketHead)+HeadLen/*IP Head Len*/);

HeadLen=sizeof(UDPPacketHead);

TotalLen-=HeadLen;

UserData=(BYTE *) UdpHead+HeadLen;

break;
case IP_PROTO_ICMP: /* ICMP packet */

IcmpHead=(ICMPPacketHead *)(Source+sizeof(EtherPacketHead)+HeadLen/*IP Head Len*/);

HeadLen=sizeof(ICMPPacketHead);

TotalLen-=HeadLen;

UserData=(BYTE *) IcmpHead+HeadLen;

break;
default: /* Unknown packet */

UserData=Source;

TotalLen=Lenght;

break;
}

break;
case ETHER_PROTO_ARP: /* ARP packet */

ArpHead=(ARPPacketHead *)(Source+sizeof(EtherPacketHead));

HeadLen=Null;

TotalLen=sizeof(ARPPacketHead)-HeadLen;

UserData=(BYTE *) ArpHead+HeadLen;

* Protocol=ETHER_PROTO_ARP;

break;
default: /* Unknown packet */

UserData=Source;

TotalLen=Lenght;

break;
}
}

if(* Data==NULL)
{
* Data=UserData;
}
else
{
RtlCopyMemory(* Data,UserData,TotalLen);
}

* Size=TotalLen;
}

最新喜欢:

ljmmaryljmmar...
游客

返回顶部