|
60楼#
发布于:2002-01-04 23:40
1、实在不能提前了。
2、我的APP是用WINSOCK写的,我实在不知道应该怎麽改进,能给点提示吗? |
|
|
61楼#
发布于:2002-01-05 16:41
1、实在不能提前了。 不要用winsock,你编译w2k ddk里面的packet, 然后用它的inf文件安装,然后用如下代码抓包。 你的主函数里面循环调用recvpacket函数。 #ifndef __GLOBALFUNC_H__ #define __GLOBALFUNC_H__ #include <windows.h> #include <windowsx.h> #include \"winsvc.h\" // if have not this line,compiler not know what\'s sc_handle #include <ntddndis.h> #include \"ntddpack.h\" #include \"FmsAngentView.h\" #include \"struct.h\" #define UNICODE 1 #define DOSNAMEPREFIX TEXT(\"Packet_\") #define MAX_LINK_NAME_LENGTH 64 // 全局变量 ADAPTER Adapter[6]; int g_iAdapterNum; HANDLE g_hFileMap[6]; HANDLE g_hFileMapping[6]; BYTE * g_pbFileMap[6]; long g_lBuffer_Size; // buffer size(byte) DWORD g_dwCount[6]={0,0,0,0,0,0}; CFmsAngentView *pFmsAngentView; LOG g_Log; STAT g_Stat[6]; bool g_bListen; HANDLE g_hThread_GetPacket; DWORD g_dwID_GetPacket; BYTE* g_pbIndex[6]; // packet index DWORD g_dwBuffer_Size; bool g_bDoPacketExit=false; bool g_bFirstCall=true; // weather recvpacket first call? int g_iComboSelect=0; BOOLEAN StartPacketDriver( LPTSTR ServiceName ); WORD swaps(WORD net) { WORD lo,hi; WORD host; lo=net&0xff; hi=net&0xff00; lo=lo<<8; hi=hi>>8; host=hi|lo; return host; } BOOLEAN PacketOpenAdapter( LPADAPTER lpAdapter ) { BOOLEAN Result; wsprintf( lpAdapter->SymbolicLink, TEXT(\"\\\\\\\\.\\\\%s%s\"), DOSNAMEPREFIX, &lpAdapter->AdapterName[8] ); Result=DefineDosDevice( DDD_RAW_TARGET_PATH, &lpAdapter->SymbolicLink[4], lpAdapter->AdapterName ); if (Result) { lpAdapter->hFile=CreateFile(lpAdapter->SymbolicLink, GENERIC_WRITE | GENERIC_READ, 0, NULL, CREATE_ALWAYS, FILE_FLAG_OVERLAPPED, 0 ); if (lpAdapter->hFile != INVALID_HANDLE_VALUE) { return true ; } } return false; } VOID PacketCloseAdapter( LPADAPTER lpAdapter ) { CloseHandle(lpAdapter->hFile); GlobalFreePtr(lpAdapter); } PVOID PacketAllocatePacket( void ) { LPPACKET lpPacket; lpPacket=(LPPACKET)GlobalAllocPtr( GMEM_MOVEABLE | GMEM_ZEROINIT, sizeof(PACKET) ); if (lpPacket==NULL) { return NULL; } lpPacket->OverLapped.hEvent=CreateEvent( NULL, FALSE, FALSE, NULL ); // auto reset,initial=false if (lpPacket->OverLapped.hEvent==NULL) { GlobalFreePtr(lpPacket); return NULL; } return lpPacket; } VOID PacketFreePacket( LPPACKET lpPacket ) { CloseHandle(lpPacket->OverLapped.hEvent); GlobalFreePtr(lpPacket); } BOOLEAN PacketSendPacket( LPADAPTER AdapterObject, LPPACKET lpPacket, BOOLEAN Sync ) { BOOLEAN Result; DWORD BytesTransfered; lpPacket->OverLapped.Offset=0; lpPacket->OverLapped.OffsetHigh=0; if (!ResetEvent(lpPacket->OverLapped.hEvent)) { return FALSE; } Result=WriteFile( AdapterObject->hFile, lpPacket->Buffer, lpPacket->Length, &BytesTransfered, &lpPacket->OverLapped ); if (Sync) { // // They want to wait // Result=GetOverlappedResult( AdapterObject->hFile, &lpPacket->OverLapped, &BytesTransfered, TRUE ); } else { // // They don\'t want to wait, they will call PacketWaitPacket to get // The real result // Result=TRUE; } return Result; } BOOLEAN InitPacket(LPPACKET lpPacket) { lpPacket->Length =0x2000; lpPacket->OverLapped.hEvent=CreateEvent( NULL, FALSE, // 自动 FALSE, // 初使无信号 NULL ); if(lpPacket->OverLapped.hEvent == NULL) return false; else return true; } BOOLEAN RecvPacket( BYTE *pbuf, int *piAdapterNum, PULONG BytesReceived ) { static int iReadAdapterNum=0; BOOLEAN Result; static PACKET Packet[32]; static HANDLE hEvent[32]; DWORD dwByteReceive; HANDLE hEventTemp; int i,j,k; if(g_bFirstCall) // if first call ,let\'s call 32 times readfile first { for(i=0;i<32;i++) { Packet.OverLapped.Offset=0; Packet.OverLapped.OffsetHigh=0; Packet.OverLapped.hEvent=CreateEvent( 0, TRUE, FALSE, NULL ); // manual reset,initial=false hEvent=Packet.OverLapped.hEvent; Packet.Length =1514; // if someone shit send a packet>>1514,what\'s happen? Result=ReadFile( Adapter[iReadAdapterNum].hFile, Packet.Buffer, Packet.Length, &dwByteReceive, &Packet.OverLapped ); Packet.iAdapterNum =iReadAdapterNum; iReadAdapterNum++; iReadAdapterNum=iReadAdapterNum%g_iAdapterNum; // need use a global } g_bFirstCall=false; } i= WaitForMultipleObjects( // which read return? 32, hEvent, false, // wait untill one hevent signal INFINITE // wait ever ); if(i==WAIT_FAILED) return false; for(j=0;j<32;j++) if(Packet[j].OverLapped.hEvent ==hEvent) break; // which read return? k=j; dwByteReceive=0; Result=GetOverlappedResult( Adapter[Packet[k].iAdapterNum].hFile, &Packet[k].OverLapped, &dwByteReceive, false ); if(!Result) { AfxMessageBox(\"!!!\"); return false; } *piAdapterNum=Packet[k].iAdapterNum ; // return value memcpy((void *)pbuf,(void *)Packet[k].Buffer,dwByteReceive); *BytesReceived=dwByteReceive; CloseHandle(Packet[k].OverLapped.hEvent); for(j=i;j<32;i++) hEvent=hEvent[++j]; hEventTemp=CreateEvent(0, TRUE, 0, NULL); if(!hEventTemp) { MessageBox(NULL,\"Can not create event\",NULL,MB_OK); return false; } Packet[k].OverLapped.hEvent=hEventTemp; memset(Packet[k].Buffer,0,1514); Packet[k].Length =1514; hEvent[31]=hEventTemp; // k返回了,就再读K一次 Result=ReadFile( Adapter[Packet[k].iAdapterNum].hFile, Packet[k].Buffer, Packet[k].Length, &dwByteReceive, &Packet[k].OverLapped ); return Result; } BOOLEAN SyncReceivePacket( HANDLE hFile, LPPACKET lpPacket ) { BOOLEAN Result; lpPacket->OverLapped.Offset=0; lpPacket->OverLapped.OffsetHigh=0; Result=ReadFile( hFile, lpPacket->Buffer, lpPacket->Length, &lpPacket->Length , &lpPacket->OverLapped ); Result=GetOverlappedResult( hFile, &lpPacket->OverLapped, &lpPacket->Length , TRUE ); return Result; } BOOLEAN PacketResetAdapter( LPADAPTER AdapterObject ) { DWORD BytesReturned; int a=DeviceIoControl( AdapterObject->hFile, (DWORD)IOCTL_PROTOCOL_RESET, NULL, 0, NULL, 0, &BytesReturned, NULL ); return TRUE; } BOOLEAN PacketRequest( HANDLE hFile, BOOLEAN Set, PPACKET_OID_DATA OidData ) { DWORD BytesReturned; BOOLEAN Result; Result=DeviceIoControl( hFile, (DWORD) Set ? IOCTL_PROTOCOL_SET_OID : IOCTL_PROTOCOL_QUERY_OID, OidData, sizeof(PACKET_OID_DATA)-1+OidData->Length, OidData, sizeof(PACKET_OID_DATA)-1+OidData->Length, &BytesReturned, NULL ); if(Result==0) DWORD a=GetLastError(); return Result; } BOOLEAN PacketSetFilter( HANDLE hFile, ULONG Filter ) { BOOLEAN Status; ULONG IoCtlBufferLength=(sizeof(PACKET_OID_DATA)+sizeof(ULONG)-1); PPACKET_OID_DATA OidData; OidData=(PACKET_OID_DATA*)GlobalAllocPtr( GMEM_MOVEABLE | GMEM_ZEROINIT, IoCtlBufferLength ); if (OidData == NULL) { return FALSE; } OidData->Oid=OID_GEN_CURRENT_PACKET_FILTER; OidData->Length=sizeof(ULONG); *((PULONG)OidData->Data)=Filter; Status=PacketRequest( hFile, TRUE, OidData ); GlobalFreePtr(OidData); return Status; } BOOLEAN StartPacketDriver( LPTSTR ServiceName ) { BOOLEAN Status; SC_HANDLE SCManagerHandle; SC_HANDLE SCServiceHandle; /* Open a handle to the SC Manager database. */ SCManagerHandle = OpenSCManager( NULL, /* local machine */ NULL, /* ServicesActive database */ SC_MANAGER_ALL_ACCESS); /* full access rights */ if (SCManagerHandle==NULL) { MessageBox(NULL,TEXT(\"Could not open SC\"),NULL,MB_OK); return FALSE; } else { SCServiceHandle=OpenService(SCManagerHandle, ServiceName, SERVICE_START ); if (SCServiceHandle == NULL) { MessageBox(NULL,TEXT(\"Could not open service\"),NULL,MB_OK); } Status=StartService( SCServiceHandle, 0, NULL ); if (!Status) { if (GetLastError()==ERROR_SERVICE_ALREADY_RUNNING) { return TRUE; } } return Status; } return FALSE; } ULONG PacketGetAdapterNames( PTSTR pStr, PULONG BufferSize, char* pKey ) { HKEY SystemKey; HKEY NdisPerfKey; HKEY LinkageKey; LONG Status; DWORD RegType; Status=RegOpenKeyEx( HKEY_LOCAL_MACHINE, TEXT(\"SYSTEM\\\\CurrentControlSet\\\\Services\"), 0, KEY_READ, &SystemKey ); if (Status == ERROR_SUCCESS) { Status=RegOpenKeyEx( SystemKey, pKey, 0, KEY_READ, &NdisPerfKey ); if (Status == ERROR_SUCCESS) { Status=RegOpenKeyEx( NdisPerfKey, TEXT(\"Linkage\"), 0, KEY_READ, &LinkageKey ); if (Status == ERROR_SUCCESS) { Status=RegQueryValueEx( LinkageKey, TEXT(\"Export\"), NULL, &RegType, (LPBYTE)pStr, // use buffersize to get the next string BufferSize ); RegCloseKey(LinkageKey); } RegCloseKey(NdisPerfKey); } RegCloseKey(SystemKey); } return Status; } bool RegRead(int *pnNetCardNum,TCHAR *szServiceName) { HKEY hkNetworkCards,hkCard; if(RegOpenKey(HKEY_LOCAL_MACHINE,\"Software\\\\Microsoft\\\\Windows NT\\\\CurrentVersion\\\\NetworkCards\",&hkNetworkCards)!=ERROR_SUCCESS) { MessageBox(NULL,\"read register failed!\",NULL,MB_OK); return false; } int i; char szCard[80]; char lpData[100],lpType[100]; DWORD cbValue; cbValue=100; for(i=0;i<6;i++) { if(RegEnumKey(hkNetworkCards,i,szCard,40)==ERROR_SUCCESS) { if(RegOpenKey(hkNetworkCards,szCard,&hkCard)!=ERROR_SUCCESS) return false; *pnNetCardNum=i+1; RegQueryValueEx( hkCard, \"ServiceName\", NULL, (unsigned long*)lpType, (unsigned char*)lpData, &cbValue ); sprintf(szServiceName+40*i,lpData); } else { sprintf(szServiceName+40*i,\"ffffffff\"); } } return true; } inline bool CreateMappingFile(int iAdapterNum,DWORD dwFileSize) { DWORD dwErrorCode; char ErrorMsg[256]; char szFileName[256]; // create a file mapping sprintf(szFileName,\"%d\",iAdapterNum); strcat(szFileName,\".dat\"); // EnterCriticalSection(&g_CriticalSection_Ctl_Msg); g_hFileMap[iAdapterNum]=CreateFile(szFileName, GENERIC_READ|GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); if (g_hFileMap[iAdapterNum]== INVALID_HANDLE_VALUE) { dwErrorCode = GetLastError(); sprintf(ErrorMsg,\"%s Create mapping file error,error code is %d\",szFileName,dwErrorCode); MessageBox(NULL,ErrorMsg,\"错误信息\",MB_OK); return false; } g_hFileMapping[iAdapterNum]=CreateFileMapping(g_hFileMap[iAdapterNum], NULL, PAGE_READWRITE, 0, dwFileSize, NULL); if (g_hFileMapping[iAdapterNum]==NULL) { dwErrorCode=GetLastError(); sprintf(ErrorMsg,\"%s GreateFileMapping return error,error code is %d\",szFileName,dwErrorCode); MessageBox(NULL,ErrorMsg,\"错误信息\",MB_OK); return false; } g_pbFileMap[iAdapterNum]=(PBYTE)MapViewOfFile(g_hFileMapping[iAdapterNum], FILE_MAP_WRITE, 0, 0, 0); if(g_pbFileMap[iAdapterNum]==NULL) { dwErrorCode=GetLastError(); sprintf(ErrorMsg,\"%s MapViewOfFile return error,error code is %d\",szFileName,dwErrorCode); MessageBox(NULL,ErrorMsg,\"错误信息\",MB_OK); return false; } // LeaveCriticalSection(&g_CriticalSection_Ctl_Msg); return true; } DWORD WINAPI CtlServer(LPVOID lpvThreadParm) { // CSocket ListSocket; // ListSocket.Create (5000); // ListSocket.Listen (); return 0; } bool GetAdapterArray(ADAPTER* Adapter,int* piAdapterNum) { ULONG RegNameLength=640; TCHAR pKey[60]; wsprintf(pKey,\"Packet2\"); int j; PacketGetAdapterNames(Adapter[0].AdapterName, &RegNameLength, pKey); j=0; for(WORD i=0;i<RegNameLength;i++) { if(*(Adapter[0].AdapterName +i)==\'\\0\') { j++; if(*(Adapter[0].AdapterName +i+1)==\'\\0\') break; sprintf(Adapter[j].AdapterName ,Adapter[0].AdapterName +i+1); } } *piAdapterNum=j ; // iAdapterNum 是从PACKET2绑定的网卡总数 return true; } bool Openadapter(ADAPTER* Adapter,int iAdapterNum) { int i; // open adapter for(i=0;i<iAdapterNum;i++) { PacketOpenAdapter(&Adapter); if (Adapter.hFile != NULL) { // AfxMessageBox(Adapter.AdapterName); } else { AfxMessageBox(\"canot open adapter!\"); } // set filter PacketSetFilter(Adapter.hFile ,NDIS_PACKET_TYPE_PROMISCUOUS); g_dwCount=0; } // read packet // 必须保证在本函数调用之前dopacket已经退出 // g_bDoPacketExit=false; // g_bFirstCall=true; // weather recvpacket first call? // g_hThread_GetPacket[0]=CreateThread(NULL,0,DoPacket,NULL,0,&g_dwID[0]); return true; } void AddLogList(LOG* pLog) { int i; CListCtrl& ListCtrl = pFmsAngentView->GetListCtrl(); i=ListCtrl.GetItemCount (); LV_ITEM lvi; lvi.mask = LVIF_TEXT | LVIF_IMAGE | LVIF_STATE; lvi.iItem = i; lvi.iSubItem = 0; switch(pLog->Type) { case 0: lvi.pszText=\"Normal\"; break; case 1: lvi.pszText=\"Warnging\"; break; case 2: lvi.pszText=\"Error\"; break; } lvi.iImage = pLog->Type ; lvi.stateMask = LVIS_STATEIMAGEMASK; lvi.state = INDEXTOSTATEIMAGEMASK(1); ListCtrl.InsertItem(&lvi); char pBuf[256]; sprintf(pBuf,\"%ld\",i ); ListCtrl.SetItemText(i,1,pBuf); sprintf(pBuf,\"%ld/%ld/%ld %ld:%ld:%ld:%ld\", pLog->time.wYear,pLog->time.wMonth ,pLog->time.wDay , pLog->time.wHour ,pLog->time.wMinute,pLog->time.wSecond, pLog->time.wMilliseconds); ListCtrl.SetItemText(i,2,pBuf); ListCtrl.SetItemText(i,3,pLog->strSource); sprintf(pBuf,\"%ld\",pLog->dwNum ); ListCtrl.SetItemText(i,4,pBuf); ListCtrl.SetItemText(i,5,pLog->strDescribe ); } void FillLogStruct(LOG* pLog,int type,DWORD dwId, SYSTEMTIME time,CString strsource, DWORD dwnum, CString strdescribe) { pLog->Type =type; pLog->dwID =dwId; pLog->time =time; pLog->strSource =strsource; pLog->dwNum =dwnum; pLog->strDescribe =strdescribe; } PVOID CreateIndex(DWORD dwSize) { SYSTEMTIME time; char ptemp[256]; DWORD dwErrCode; LOG Log; PVOID pvMem; pvMem= VirtualAlloc(NULL, dwSize, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE); if(pvMem==NULL) { dwErrCode=GetLastError(); sprintf(ptemp,\"Cannot Create Index,Error Code = %ld\",dwErrCode); GetLocalTime(&time); FillLogStruct(&Log,2,0,time,\"Local\",5001,ptemp); AddLogList(&Log); } else { GetLocalTime(&time); FillLogStruct(&Log,0,0,time,\"Local\",5000, \"Create Index \"); AddLogList(&Log); } return pvMem; } bool FilterPacket(BYTE* pBuf,DWORD dwBufLen,int iAdapterNum) { return true; } void StatPacket(BYTE* pBuf,DWORD dwBufLen,int iAdapterNum) { if(FilterPacket(pBuf,dwBufLen,iAdapterNum)) { g_Stat[iAdapterNum].dwCapturePackets+=1 ; g_Stat[iAdapterNum].dwCaptureOctets+=dwBufLen; } g_Stat[iAdapterNum].dwTotalPackets +=1; g_Stat[iAdapterNum].dwTotalOctets +=dwBufLen; // int i,headlen,totallen; EtherPacketHead *pEtherHead; IPPacketHead *pIPHead; IPAddr *psourip,*pdestip; EtherAddr *psoureth,*pdesteth; WORD sourport,destport; TCPPacketHead *pTCPHead; ARPPacket *pARPHead; ICMPPacketHead *pICMPHead; UDPPacketHead *pUDPHead; BYTE *pdata; pEtherHead=(struct EtherPacketHead *)pBuf; psoureth=&(pEtherHead->SourEther); pdesteth=&(pEtherHead->DestEther); // is this packet multicast? for(i=0;i<6;i++) { if(pdesteth->AddrByte!=0xff) break; } if(i==6) { g_Stat[iAdapterNum].dwBoardcastPackets +=1; g_Stat[iAdapterNum].dwBoardcastOctets +=dwBufLen; } else { g_Stat[iAdapterNum].dwUnicastPackets +=1; g_Stat[iAdapterNum].dwUnicastOctets +=dwBufLen; } // we need see ethernet or 802.3 if(pEtherHead->ServType >=0 &&pEtherHead->ServType<=0x5dc) { // 802.3 g_Stat[iAdapterNum].dwLLCPackets +=1; g_Stat[iAdapterNum].dwLLCOctets +=dwBufLen; } else { // ethernet g_Stat[iAdapterNum].dwEtherIIPackets +=1; g_Stat[iAdapterNum].dwEtherIIOctets +=dwBufLen; } switch (swaps(pEtherHead->ServType)) { case ETHER_PROTO_IP: // IP packet g_Stat[iAdapterNum].dwIPPackets +=1; g_Stat[iAdapterNum].dwIPOctets +=dwBufLen; pIPHead=(struct IPPacketHead *)(pBuf+ETHER_HEAD_LEN); switch (pIPHead->Proto) { case IP_PROTO_TCP: // TCP packet g_Stat[iAdapterNum].dwTCPPackets +=1; g_Stat[iAdapterNum].dwTCPOctets +=dwBufLen; break; case IP_PROTO_UDP: // UDP packet g_Stat[iAdapterNum].dwUDPPackets +=1; g_Stat[iAdapterNum].dwUDPOctets +=dwBufLen; break; case IP_PROTO_ICMP: // ICMP packet g_Stat[iAdapterNum].dwICMPPackets +=1; g_Stat[iAdapterNum].dwICMPOctets +=dwBufLen; break; default: // Unknown IP packet break; } break; case ETHER_PROTO_ARP: // ARP packet g_Stat[iAdapterNum].dwARPPackets +=1; g_Stat[iAdapterNum].dwARPOctets +=dwBufLen; break; default: // Unknown Ethernet packet break; } } DWORD WINAPI DoPacket(LPVOID lpvThreadParm) { TCHAR szBuf[0x2000]; WORD i; BYTE* pbFilePacket[6]; // 文件当前的位置 DWORD dwGetPacketTime; // Packet Capture Time SYSTEMTIME SystemTime; LOG Log; SYSTEMTIME time; TCHAR szTemp[256]; for(i=0;i<g_iAdapterNum;i++) { if(!CreateMappingFile(i,g_dwBuffer_Size)) ExitThread(-1); pbFilePacket=g_pbFileMap; sprintf((char*)pbFilePacket,\"%s\",Adapter.AdapterName); pbFilePacket+=64; // sizeof(Adapter.AdapterName)<64 GetLocalTime(&SystemTime); sprintf((char*)pbFilePacket,\"%ldYear%ldMonth%ldDay%ldHour%ldMintue%ldSecond%ldMillSecend\",SystemTime.wYear,SystemTime.wMonth,SystemTime.wDay ,SystemTime.wHour ,SystemTime.wMinute,SystemTime.wSecond,SystemTime.wMilliseconds); pbFilePacket+=136; // 136+64=200,也即正文从第200个字节开始 } for(i=0;i<g_iAdapterNum;i++) // 创建INDEX,提交内存 { g_pbIndex=(BYTE*)CreateIndex((DWORD)(g_dwBuffer_Size*4/64)); } while(1) { sprintf(szBuf,\"\"); BYTE pbuf[0x2000]; DWORD dwByteReceived; int iAdapterNum; RecvPacket(pbuf,&iAdapterNum,&dwByteReceived); if(g_bDoPacketExit) { // first close mapping file for(i=0;i<g_iAdapterNum;i++) { UnmapViewOfFile(g_pbFileMap); CloseHandle(g_hFileMapping); SetFilePointer(g_hFileMap,pbFilePacket-g_pbFileMap,NULL,FILE_BEGIN); SetEndOfFile(g_hFileMap); CloseHandle(g_hFileMap); } // then free index memory ExitThread(0); } // FilterPacket StatPacket(pbuf,dwByteReceived,iAdapterNum); if (pbFilePacket[iAdapterNum]>=g_pbFileMap[iAdapterNum]+g_dwBuffer_Size-20-dwByteReceived) { // need wrap GetLocalTime(&time); g_dwCount[iAdapterNum]=0; pbFilePacket[iAdapterNum]=g_pbFileMap[iAdapterNum]; sprintf(szTemp,\"%d Buffer Wrap\",iAdapterNum); FillLogStruct(&Log,1,0,time,\"Local\",7000,szTemp); AddLogList(&Log); } g_dwCount[iAdapterNum]++; dwGetPacketTime=GetTickCount(); memcpy(g_pbIndex[iAdapterNum]+(g_dwCount[iAdapterNum]-1)*4,&(pbFilePacket[iAdapterNum]),sizeof(pbFilePacket[iAdapterNum])); memcpy(pbFilePacket[iAdapterNum],&dwByteReceived,sizeof(dwByteReceived)); pbFilePacket[iAdapterNum]+=sizeof(dwByteReceived); memcpy(pbFilePacket[iAdapterNum],&dwGetPacketTime,sizeof(dwGetPacketTime)); pbFilePacket[iAdapterNum]+=sizeof(dwGetPacketTime); for(i=0;i<dwByteReceived;i++) { *(pbFilePacket[iAdapterNum]+i)=pbuf; } pbFilePacket[iAdapterNum]+=dwByteReceived; } return true; } bool StartCapture(void) { DWORD dwErrCode; SYSTEMTIME time; char ptemp[256]; LOG Log; g_hThread_GetPacket=CreateThread(NULL, 0,DoPacket,NULL,0,&g_dwID_GetPacket); if(g_hThread_GetPacket) { GetLocalTime(&time); FillLogStruct(&Log,0,0,time, \"Local\",6000,\"Start Capture Packet\"); AddLogList(&Log); return true; } else { GetLocalTime(&time); dwErrCode=GetLastError(); sprintf(ptemp, \"Create Get Packet Thread Failed! Error Code = %ld\", dwErrCode); FillLogStruct(&Log,2,0,time,\"Local\", 6001,ptemp); AddLogList(&Log); return false; } } void StatSerialize(CArchive& ar,STAT& Stat) { if(ar.IsStoring()) { ar << Stat.dwTotalPackets; ar << Stat.dwBoardcastPackets; ar << Stat.dwMulticastPackets; ar << Stat.dwUnicastPackets; ar << Stat.dwCapturePackets; ar << Stat.dwEtherIIPackets; ar << Stat.dwLLCPackets; ar << Stat.dwSNAPPackets; ar << Stat.dwIPPackets; ar << Stat.dwTCPPackets; ar << Stat.dwUDPPackets; ar << Stat.dwARPPackets; ar << Stat.dwICMPPackets; ar << Stat.dwTotalOctets; ar << Stat.dwBoardcastOctets; ar << Stat.dwMulticastOctets; ar << Stat.dwUnicastOctets; ar << Stat.dwCaptureOctets; ar << Stat.dwEtherIIOctets; ar << Stat.dwLLCOctets; ar << Stat.dwSNAPOctets; ar << Stat.dwIPOctets; ar << Stat.dwTCPOctets; ar << Stat.dwUDPOctets; ar << Stat.dwARPOctets; ar << Stat.dwICMPOctets; } else { ar >> Stat.dwTotalPackets; ar >> Stat.dwBoardcastPackets; ar >> Stat.dwMulticastPackets; ar >> Stat.dwUnicastPackets; ar >> Stat.dwCapturePackets; ar >> Stat.dwEtherIIPackets; ar >> Stat.dwLLCPackets; ar >> Stat.dwSNAPPackets; ar >> Stat.dwIPPackets; ar >> Stat.dwTCPPackets; ar >> Stat.dwUDPPackets; ar >> Stat.dwARPPackets; ar >> Stat.dwICMPPackets; ar >> Stat.dwTotalOctets; ar >> Stat.dwBoardcastOctets; ar >> Stat.dwMulticastOctets; ar >> Stat.dwUnicastOctets; ar >> Stat.dwCaptureOctets; ar >> Stat.dwEtherIIOctets; ar >> Stat.dwLLCOctets; ar >> Stat.dwSNAPOctets; ar >> Stat.dwIPOctets; ar >> Stat.dwTCPOctets; ar >> Stat.dwUDPOctets; ar >> Stat.dwARPOctets; ar >> Stat.dwICMPOctets; } } void TimeSerialize(CArchive& ar,SYSTEMTIME& time) { if (ar.IsStoring()) { ar << time.wYear ; ar << time.wMonth ; ar << time.wDay ; ar << time.wDayOfWeek ; ar << time.wHour ; ar << time.wMinute ; ar << time.wSecond ; ar << time.wMilliseconds ; } else { ar >> time.wYear ; ar >> time.wMonth ; ar >> time.wDay ; ar >> time.wDayOfWeek ; ar >> time.wHour ; ar >> time.wMinute ; ar >> time.wSecond ; ar >> time.wMilliseconds ; } } SYSTEMTIME Tick2System(DWORD dwTickCount) { // ctime &ctimespan havenot millsecond,so we must first save it DWORD dwCount=dwTickCount-((CFmsAngentApp*)AfxGetApp())->m_TickCount; SYSTEMTIME stime; stime= ((CFmsAngentApp*)AfxGetApp())->m_LocalTime ; dwCount-= stime.wMilliseconds ; CTimeSpan timepass(0,0,0,dwCount/1000); CTime time(stime); time+=timepass; time.GetAsSystemTime (stime); stime.wMilliseconds = (WORD)(dwCount- (dwCount/1000)*1000); return stime; } DWORD System2Tick(SYSTEMTIME stime) { SYSTEMTIME ltime = ((CFmsAngentApp*)AfxGetApp())->m_LocalTime ; DWORD dwTick = ((CFmsAngentApp*)AfxGetApp())->m_TickCount ; DWORD dwMill=stime.wMilliseconds - ltime.wMilliseconds ; DWORD dwTickReturn; CTime cltime(ltime); CTime cstime(stime); CTimeSpan cspantime = cltime-cstime; dwTickReturn = cspantime.GetTotalSeconds ()*1000+dwMill; return dwTickReturn; } #endif // |
|
|
|
62楼#
发布于:2002-01-05 23:39
十分感谢
见面时我们可以好好聊聊 |
|
上一页
下一页