📄 network programming - table of contents.htm
字号:
href="http://www.codeguru.com/dialog/index.shtml">dialog</A><BR><A
href="http://www.codeguru.com/docking/index.shtml">docking
window</A><BR><A
href="http://www.codeguru.com/doc_view/index.shtml">doc/view</A><BR><A
href="http://www.codeguru.com/splitter/index.shtml">splitter</A><BR></SMALL></TD></TR>
<TR>
<TD><SPAN class=navBarH1>Interact</SPAN></TD></TR>
<TR>
<TD><SMALL><A
href="http://e-newsletters.internet.com/">Newsletters</A><BR><A
href="http://www.codeguru.com/Guestbook/guestbook.shtml">Guestbook</A><BR><A
href="http://www.codeguru.com/cgi-bin/recommend.cgi">Recommend
Us!</A><BR><A href="http://www.codeguru.com/about.shtml">About
Us</A><BR><BR></SMALL></TD></TR></TBODY></TABLE><!-- JOB BUTTON -->
<TABLE border=0 cellPadding=5 cellSpacing=0 width=150>
<TBODY>
<TR>
<TD align=middle><A href="http://jobs.internet.com/"
target=new><IMG alt="[Internet Jobs]"
src="Network Programming - Table of Contents.files/jobs.gif">
</A></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE><!--/navbar>
<!-- blank column for spacing -->
<TD vAlign=top width=20> </TD><!-- end blank column for spacing --><!-- begin content column -->
<TD vAlign=top><!--
<table cellpadding="0" cellspacing="0">
<tr>
--><!-- begin main content column --><!-- closign of column, row, and table are in subfoot file -->
<SCRIPT language=javascript type=text/javascript> if (screen.width==640 || screen.width==800){ document.write("<link rel=stylesheet href='/global/global800.css'>"); } else { document.write("<link rel=stylesheet href='/global/global.css'>"); } </SCRIPT>
<CENTER>
<H3><FONT color=#a0a099>IP Packet Monitor for Windows 2000
</FONT></H3></CENTER>
<HR>
<!-- Author and contact details -->This article was contributed by <A
href="mailto:arkadyf@hotmail.com">Arkady Frankel</A>. <!-- Sample image - gif or jpg -->
<P><IMG src="Network Programming - Table of Contents.files/ipmon.gif"> <!-- For which environment is this code specific??? -->
<P><U>Environment:</U> VC6 with Platform SDK , W2K ( only )
<P>This program was developed because of the demand to have custom packet
monitoring utility for purposes of application system . But it shows too
how easy, it is to write sniffer in a modern operation system like Windows
2000. When I first time read this wonderful ( IMHO ) book of Jon C. Snader
"Effective TCP/IP Programming. 44 Tips to Improve Your Network Programs"
with envy I read the lines how simple is to write the sniffer in Linux.
You simply put the line s = socket( AF_NET , SOCK_PACKET , htons(
ETH_P_ALL ) ) ; and sniffer is ready. Simple and elegant decision . No
need in NDIS , DDK , pcaplib and all this stuff , well known to everyone ,
who tried to do it in Win9x or NT. But in Windows 2000 to write sniffer is
quicker then saying Jack Robinson. WSAIoctl from WinSock2 with SIO_RCVALL
parameter do the job , so from this moment only knowledge of IP,TCP,ICMP
packets are needed to make your own custom sniffer.
<P>I will show here such monitoring utility which was build on standard
MFC dialog box application. I did such an app with VC6 application wizard
and add two IP address controls , one start/stop button , check box and
listbox to show the packet's contents. First IP Address control is for IP
of this monitoring computer. I have multihomed computers in LAN both
Servers and Professional Windows 2000 , so I need to enter one of few IP's
of monitoring computer. Next IP Address control is for IP of host you want
to monitor ( in Windump it's like with parameter 'host hostname') , only
if this IP is zero, I verify the check box and if it's empty I show data
from all packets of all computers in the system , otherwise I show the
data of IP packets of monitoring computer( in Windump it's like with
parameter 'host thishostname').
<P>When all needed data exists , it is possible to press the Start button
, which changes it's text to 'Stop' ( from this moment this button is to
stop the monitoring thread ). Pressing the button next time changes the
text to Start. For monitoring I use working thread , so I decided to use
synchronous socket. Because I use WinSock2 , I have the opportunity to
reduce receiving time-out. I set timeout to 5 second , usually it's 45.
This thread function I announced as a friend of main dialog class to
simplify setting/receiving data in class-members of main dialog class
where I set few class members for application functioning. Because my main
thread is doing almost nothing , only start or stop worker thread or close
dialog , I'm writing data from packets directly to the listbox. But be
careful in the case of some work of main thread with controls it can cause
the deadlock. This happened to me when I used WaitForSingleObject with
time-out INFINITE after I did PostThreadMessage with WM_CLOSE and in the
worker thread tried to write in the listbox "Monitoring stopped". Such
situation caused the deadlock , and I needed to change such behavior with
disabling/enabling the Start/Stop button in the periods of posting
WM_CLOSE to worker thread and it's finish.
<P>The class-members and class-functions, I added , is self described and
the the only one class-member CDWordArray m_IPArr needs little
explanation. This is array of DWORDs , where every element is IP address
of adapter in the multihome configuration. To receive all these IP
addresses I used IPHLPAPI library from Platform SDK .
<P>One last note connected to the AfxSock.h in mfc\include directory.
There exist a line #include <winsock.h>. But I need winsock2.h for
my application. To decide this problem I copied AfxSock.h to ipmon
directory , change #include <winsock.h> to #include
<winsock2.h> and in the StdAfx.h in ipmon directory changed the line
#include <afxsock.h> to the line : #include "afxsock.h" to use my
afxsock.h.
<P>MSTCPIP.h,iphlpapi.h and lib exists on Platform SDK. You have to
install it. Happy sniffing !
<H3>Downloads</H3><A
href="http://www.codeguru.com/network/ipmon.zip">Download source code - 40
Kb</A><BR><A href="http://www.codeguru.com/network/ipmonexe.zip">Download
application - 8 Kb</A>
<H3>History</H3>Date Posted: March 06, 2001<BR>Last Updated: March 13,
2001 <!-- Only use the following if the article is updated --><!-- Date Last Updated: [today's date in the format month day, year] --><!--comments-->
<H3>Comments:</H3>
<UL><!--startlist-->
<LI><A href="http://www.codeguru.com/mfc/comments/28213.shtml">please
send me *.lib and *.h,thx. </A>- Hellis (2001/10/26)
<LI><A href="http://www.codeguru.com/mfc/comments/28185.shtml">it's
working but it loses packets</A> - Fernando Almagro (2001/10/25)
<LI><A href="http://www.codeguru.com/mfc/comments/28176.shtml">what lib
file will be needed in this programe?</A> - Lilo (2001/10/25)
<LI><A
href="http://www.codeguru.com/mfc/comments/28027.shtml">SIO_RCVALL in
Win2k Pro sp2</A> - Barry (2001/10/22)
<LI><A href="http://www.codeguru.com/mfc/comments/27381.shtml">How to
extract UDP data ?</A> - Bella (2001/10/08)
<LI><A href="http://www.codeguru.com/mfc/comments/27098.shtml">Thank
you! But I have another question...</A> - pursuer (2001/09/29)
<LI><A href="http://www.codeguru.com/mfc/comments/27092.shtml">The
programm can NOT run!</A> - pursuer (2001/09/28)
<LI><A href="http://www.codeguru.com/mfc/comments/26769.shtml">How to
read TCP data</A> - Arkady Frankel (2001/09/20)
<LI><A href="http://www.codeguru.com/mfc/comments/26524.shtml">Do anyone
know how to capture RTT value?</A> - yung (2001/09/13)
<LI><A href="http://www.codeguru.com/mfc/comments/26380.shtml">How do
you read the TCP data????</A> - Sanford Loobins (2001/09/10)
<LI><A href="http://www.codeguru.com/mfc/comments/25985.shtml">Please
tell me,What is SIO_RCVALL???</A> - Jacky (2001/08/29)
<LI><A href="http://www.codeguru.com/mfc/comments/25764.shtml">I need
the *.h and *.lib files</A> - kevin_dong (2001/08/23)
<LI><A href="http://www.codeguru.com/mfc/comments/25539.shtml">What
about process ids?</A> - s<@@>k (2001/08/16)
<LI><A
href="http://www.codeguru.com/mfc/comments/25313.shtml">SIO_RCVALL with
event trigger</A> - Chris Bosdriesz (2001/08/09)
<LI><A href="http://www.codeguru.com/mfc/comments/25138.shtml">please
send me............please..</A> - bong-mo (2001/08/05)
<LI><A href="http://www.codeguru.com/mfc/comments/25103.shtml">Source
and Destination IP</A> - Jan (2001/08/03)
<LI><A href="http://www.codeguru.com/mfc/comments/25060.shtml">now how
do i drop the packets</A> - rohit (2001/08/02)
<LI><A href="http://www.codeguru.com/mfc/comments/24780.shtml">What do
SIO_RCVALL WSAIoctl in/out buffers mean?</A> - Aleksey Pershin
(2001/07/25)
<LI><A href="http://www.codeguru.com/mfc/comments/24756.shtml">where can
I get the sdk?</A> - lanfan (2001/07/25)
<LI><A href="http://www.codeguru.com/mfc/comments/24429.shtml">Does w2k
perform IP fragments collecting ?</A> - Maxim Locktukhin (2001/07/13)
<LI><A href="http://www.codeguru.com/mfc/comments/24412.shtml">This is a
good app,But who can help me,I need:"Winsock 2 SDK *.h & *.lib".</A>
- Tony (2001/07/12)
<LI><A href="http://www.codeguru.com/mfc/comments/24253.shtml">Help! I
cannot recieve all packets!</A> - Alex (2001/07/09)
<LI><A href="http://www.codeguru.com/mfc/comments/24021.shtml">i can't
find mstcpip.h in Platform SDK</A> - andor (2001/07/01)
<LI><A href="http://www.codeguru.com/mfc/comments/23988.shtml">Who can
help me? I want Fltdefs.h !</A> - FuCai (2001/06/29)
<LI><A href="http://www.codeguru.com/mfc/comments/23942.shtml">help me!!
i need this files.. -->(mstcpip.h ..etc) please send me</A> - lee
(2001/06/28)
<LI><A href="http://www.codeguru.com/mfc/comments/23319.shtml">anybody
could send "mstcpip.h" and "iphlpapi.h" to me?</A> - stevenwcn
(2001/06/01)
<LI><A href="http://www.codeguru.com/mfc/comments/22654.shtml">Comment
please</A> - J.York (2001/05/09)
<LI><A href="http://www.codeguru.com/mfc/comments/22267.shtml">how to
hold up...</A> - digitbrain (2001/04/25)
<LI><A href="http://www.codeguru.com/mfc/comments/22099.shtml">an error
occur in win2000 ^_^</A> - digitbrain (2001/04/20)
<LI><A href="http://www.codeguru.com/mfc/comments/22093.shtml">PPP
connection</A> - david saque (2001/04/20)
<LI><A href="http://www.codeguru.com/mfc/comments/21897.shtml">Eth
frame</A> - M.Fox (2001/04/15)
<LI><A href="http://www.codeguru.com/mfc/comments/21889.shtml">Can't
capture sent packets (read the other posts, but...)</A> - Ken
(2001/04/15)
<LI><A href="http://www.codeguru.com/mfc/comments/21888.shtml">Ethernet
frame </A>- M.Fox (2001/04/15)
<LI><A href="http://www.codeguru.com/mfc/comments/21849.shtml">MAC</A> -
J.Goldblum (2001/04/12)
<LI><A href="http://www.codeguru.com/mfc/comments/21830.shtml">outgoing
TCP packets</A> - saque david (2001/04/12)
<LI><A href="http://www.codeguru.com/mfc/comments/21728.shtml">MAC</A> -
J.Goldblum (2001/04/10)
<LI><A href="http://www.codeguru.com/mfc/comments/21659.shtml">Pbm with
packets sent</A> - David Saque (2001/04/09)
<LI><A
href="http://www.codeguru.com/mfc/comments/21620.shtml">PeekMessage
don't receive message when windows is destroy</A> - Dongmin Moon
(2001/04/08)
<LI><A href="http://www.codeguru.com/mfc/comments/21313.shtml">Ipmon
work only in windows 2000 as you can see in title , nor 9x not NT</A> -
Arkady Frankel (2001/03/29)
<LI><A href="http://www.codeguru.com/mfc/comments/21295.shtml">Again
about win 9x </A>- Pete Petrov (2001/03/28)
<LI><A href="http://www.codeguru.com/mfc/comments/21041.shtml">can this
be used to inject packets?</A> - tc (2001/03/20)
<LI><A href="http://www.codeguru.com/mfc/comments/21001.shtml">How to do
this in Win9x ?</A> - Martin (2001/03/19)
<LI><A href="http://www.codeguru.com/mfc/comments/20906.shtml">How to
extract TCP data.</A> - jjordan (2001/03/15)
<LI><B>Web Master - New and improved version posted (2001/03/13)</B>
<LI><A
href="http://www.codeguru.com/mfc/comments/20856.shtml">SOCK_RAW</A> -
David SAQUE (2001/03/14)
<LI><A href="http://www.codeguru.com/mfc/comments/20800.shtml">help</A>
- stone (2001/03/13) </LI></UL>
<P><STRONG><A
href="http://www.codeguru.com/cgi-bin/addpage/addpage.cgi?cfg=addcomment&action=Comment">Add
Comment</A></STRONG>
<P></P></TD><!--BLJAds - Added right side tower ad -->
<TD vAlign=top><A
href="http://www.codeguru.com/RealMedia/ads/click_lx.cgi/ew/ewsoftware/www.codeguru.com/network/ipmon.html/15042/125x800/House_NSF_2e/nsf-125x800.gif/63613636373363343362643933383230"
target=_top><IMG alt="" border=0
src="Network Programming - Table of Contents.files/nsf-125x800.gif"></A><IMG
border=0 height=1
src="F:\zhuwei\ipMon\Network Programming - Table of Contents.files\63613636373363343362643933383230(2).gif"
width=1> </TD></TR></TBODY></TABLE><BR><BR>
<CENTER><!--OAS AD="468x60-2"--></CENTER><!-- begin footer information --><!--bljads (removed) <p> </p> --><BR>
<CENTER><!-- BljAds--><A
href="http://www.codeguru.com/RealMedia/ads/click_lx.cgi/ew/ewsoftware/www.codeguru.com/network/ipmon.html/20320/468x60-2/House_802.11_Planet_5a/80211468.gif/63613636373363343362643933383230"
target=_top><IMG alt="" border=0 height=60
src="Network Programming - Table of Contents.files/80211468.gif"
width=468></A><IMG border=0 height=1
src="F:\zhuwei\ipMon\Network Programming - Table of Contents.files\63613636373363343362643933383230(3).gif"
width=1> <BR><FONT size=-1>EarthWeb is a service of INT Media Group,
Incorporated.<BR>Copyright 2001 INT Media Group, Incorporated. All Rights
Reserved.<BR><A href="http://www.internet.com/help/feedback.html">Feedback</A>,
<A href="http://www.itmarketer.com/">Advertising Info</A>, <A
href="http://www.internet.com/corporate/legal.html">Legal Notices</A>, <A
href="http://www.internet.com/corporate/reprints.html#Licensing">Licensing</A>,
<A href="http://www.internet.com/corporate/reprints.html#Reprints">Reprints</A>,
& <A
href="http://www.internet.com/corporate/reprints.html#Permissions">Permissions</A>,
<A
href="http://www.internet.com/corporate/privacy/privacypolicy.html">Privacy
Policy</A>. <BR><A href="http://www.internet.com/"><IMG
alt=http://www.internet.com/ border=0 height=18
src="Network Programming - Table of Contents.files/internetcom.gif"
width=161></A></FONT> </CENTER></BODY></HTML>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -