|
阅读:1222回复:2
怎样得到源IP地址和目标IP地址???
小弟是新手,恳请各位大虾多指点!!
小弟弄不明白,怎样才能从下面的代码中分离出源IP地址和目标IP地址,或还有更好的办法请各位指点一二。能教会我,小弟会给分的。 部分代码如下: *********************************************************** NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) { NTSTATUS status = 0; ULONG i; DBGPRINT(\"DriverEntry Loading...\\n\"); DriverObject->DriverUnload = PacketUnload; //卸载函数 /* 利用循环语句将驱动程序所有的IRP请示函数指针指向PacketDispatch函数, 这样所有的IRP请示将经过自已的函数PacketDispatch中转 */ for (i=0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++) { DriverObject->MajorFunction = PacketDispatch; } /* 调用自定义函数TCPFilter_Attach,将此驱动程序提款挂接到TCP/IP协议驱动程序上 */ status = TCPFilter_Attach(DriverObject,RegistryPath); return status; } //自已的函数PacketDispatch中转函数 NTSTATUS PacketDispatch( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ) { NTSTATUS RC = STATUS_SUCCESS; PTDIH_DeviceExtension pTDIH_DeviceExtension; PIO_STACK_LOCATION IrpStack; PIO_STACK_LOCATION NextIrpStack; pTDIH_DeviceExtension = (PTDIH_DeviceExtension )(DeviceObject->DeviceExtension); IrpStack = IoGetCurrentIrpStackLocation(Irp); switch(IrpStack->MajorFunction) { case IRP_MJ_CREATE: DBGPRINT(\"PacketDispatch(IRP_MJ_CREATE)...\\n\"); break; case IRP_MJ_CLOSE: DBGPRINT(\"PacketDispatch(IRP_MJ_CLOSE)...\\n\"); break; case IRP_MJ_CLEANUP: . . . . . case IRP_MJ_DEVICE_CONTROL: DBGPRINT(\"PacketDispatch(IRP_MJ_DEVICE_CONTROL)...\\n\"); break; default: DBGPRINT(\"PacketDispatch(OTHER_MAJOR_FUNCTION)...\\n\"); break; } if (Irp->CurrentLocation == 1) { ULONG ReturnedInformation = 0; DBGPRINT((\"PacketDispatch encountered bogus current location\\n\")); RC = STATUS_INVALID_DEVICE_REQUEST; Irp->IoStatus.Status = RC; Irp->IoStatus.Information = ReturnedInformation; IoCompleteRequest(Irp, IO_NO_INCREMENT); return( RC ); } NextIrpStack = IoGetNextIrpStackLocation(Irp); *NextIrpStack = *IrpStack; IoSetCompletionRoutine(Irp,PacketCompletion,NULL,TRUE,TRUE,TRUE); return IoCallDriver(pTDIH_DeviceExtension->LowerDeviceObject,Irp); } [编辑 - 10/16/02 by bhjinhou] |
|
|
沙发#
发布于:2002-10-15 11:19
有没有nt4的ddk?里面有个packet离子,估计是在Irpstack里面,
真搞不明白,还可以用softice在你的 dispatch里面设端点,看irpstack的内容吧 [编辑 - 10/15/02 by ooze] |
|
|
|
板凳#
发布于:2002-10-15 11:58
我说的哪个例子,里面read.c的函数
PacketReceiveIndicate你看下 |
|
|