📄 probemail.h
字号:
// ProbeMail.h: interface for the ProbeMail class.
//
//////////////////////////////////////////////////////////////////////
#if !defined(AFX_PROBEMAIL_H__DFE918F5_7698_4A18_917C_A3D9A318B4C9__INCLUDED_)
#define AFX_PROBEMAIL_H__DFE918F5_7698_4A18_917C_A3D9A318B4C9__INCLUDED_
#if _MSC_VER > 1000
#pragma once
#endif // _MSC_VER > 1000
#include "global.h"
extern Mail * Header_out;
extern Mail * Header_in;
extern CRITICAL_SECTION gCriticalSectionForPrtBuff;
extern CRITICAL_SECTION gCriticalSectionMailList;
extern struct probebuff * PtrBuffWrite;
//#pragma comment(lib, "wsock32.lib")
typedef struct ip_address
{
u_char byte1;
u_char byte2;
u_char byte3;
u_char byte4;
} ip_address;
typedef struct ip_header
{
u_char ver_ihl;
u_char tos;
u_short tlen;
u_short identification;
u_short flags_fo;
u_char ttl;
u_char proto;
u_short crc;
ip_address saddr;
ip_address daddr;
u_int op_pad;
} ip_header;
typedef struct tcp_header
{
u_short sport;
u_short dport;
u_int seqnum;
u_int acknum;
u_short hlen_codes;
u_short window;
u_short crc;
u_short pointer;
u_int options;
} tcp_header;
class ProbeMail
{
public:
ProbeMail();
CheckMail();
StartProbe(int devselect);
initallize();
char devdesc[5][200];
int devnum;
~ProbeMail();
//*******************************************************************************
//函 数 名:Get_Infos
//功 能:当有新邮件邮件到达,则调用本函数提取其余信息,指向IP头起始地址的指针,
//输入参数:源端口,目的端口,指向数据部分起始地址的指针,指向邮件链表节点的指针,
// 进或出邮件标识
//输出参数:无
//编写日期:2004.07.19
//修改日期:2004.07.20
//作 者:杨光
//其他说明:
//********************************************************************************
static void Get_Infos(ip_header *ih, u_short sport, u_short dport, char *data, Mail *lookup, int tag){
Mail *temp = new Mail;
temp->finish = 0;
temp->from_flag = 0;
temp->to_flag = 0;
temp->subject_flag = 0;
temp->attachment_flag = 0;
if(tag == 1)//out
{
temp->port = sport;
}
else//in
{
temp->port = dport;
}
temp->next = NULL;
lookup->next = temp;
lookup = lookup->next;
if(temp->from_flag != 1)
{
char *pos = NULL;
pos = strstr(data, "From:");
if(pos == NULL)
{
pos = strstr(data, "FROM:");
if(pos == NULL)
{
pos = strstr(data, "from:");
}
}
if(pos != NULL)
{
temp->from_flag = 1;
pos = pos + 5;
while(*pos == ' ' || *pos == '\"' || *pos == '=' || *pos == '\n')
pos++;
temp->from[0] = '\"';
int i = 1;
while(*pos != ' ' && *pos != '\"' && *pos != '\n')
{
temp->from[i] = *pos;
pos++;
i++;
}
temp->from[i] = '\"';
i++;
temp->from[i] = '\0';
// printf("%s\n", temp->from);
}
}
if(temp->to_flag != 1)
{
char *pos = NULL;//---------------------得到TO字段
pos = strstr(data, "To:");
if(pos == NULL)
{
pos = strstr(data, "TO:");
if(pos == NULL)
{
pos = strstr(data, "to:");
}
}
if(pos != NULL)
{
temp->to_flag = 1;
pos = pos + 3;
while(*pos == ' ' || *pos == '\"' || *pos == '=' || *pos == '\n')
pos++;
temp->to[0] = '\"';
int i = 1;
while(*pos != ' ' && *pos != '\"' && *pos != '\n')
{
temp->to[i] = *pos;
pos++;
i++;
}
temp->to[i] = '\"';
i++;
temp->to[i] = '\0';
// printf("%s\n", temp->to);
}
}
if(temp->subject_flag != 1)
{
char *pos = NULL;//---------------------得到SUBJECT字段
pos = strstr(data, "Subject:");
if(pos == NULL)
{
pos = strstr(data, "SUBJECT:");
if(pos == NULL)
{
pos = strstr(data, "subject:");
}
}
if(pos != NULL)
{
temp->subject_flag = 1;
pos = pos + 8;
while(*pos == ' ' || *pos == '\"' || *pos == '=' || *pos == '\n')
pos++;
temp->subject[0] = '\"';
int i = 1;
while(*pos != ' ' && *pos != '\"' && *pos != '\n')
{
temp->subject[i] = *pos;
pos++;
i++;
}
temp->subject[i] = '\"';
i++;
temp->subject[i] = '\0';
// printf("%s\n", temp->subject);
}
}
if(temp->attachment_flag != 1)
{
char *pos = NULL;//---------------------得到ATTACHMENT字段
pos = strstr(data, "attachment");
if(pos != NULL)
{
data = pos;
pos = strstr(data, "filename");
if(pos != NULL)
{
temp->attachment_flag = 1;
pos = pos + 8;
while(*pos == ' ' || *pos == '\"' || *pos == '=' || *pos == '\n')
pos++;
temp->attachment[0] = '\"';
int i = 1;
while(*pos != ' ' && *pos != '\"' && *pos != '\n')
{
temp->attachment[i] = *pos;
pos++;
i++;
}
temp->attachment[i] = '\"';
i++;
temp->attachment[i] = '\0';
// printf("%s\n", temp->attachment);
}
}
}
if(temp->from_flag == 1 && temp->to_flag == 1 && temp->subject_flag == 1 || temp->attachment_flag == 1)
{
temp->finish = 1;
}
}
//*******************************************************************************
//函 数 名:Get_Info
//功 能:当前邮件已在链表中但只包含部分信息,则调用本函数提取其余信息
//输入参数:指向IP头起始地址的指针,源端口,目的端口,指向数据部分起始地址的指针,
// 指向邮件链表节点的指针,进或出邮件标识
//输出参数:无
//编写日期:2004.07.19
//修改日期:2004.07.20
//作 者:杨光
//其他说明:
//********************************************************************************
static void Get_Info(ip_header *ih, u_short sport, u_short dport, char *data, Mail *lookup, int tag){
if(lookup->next->from_flag != 1)//---------------------得到FROM字段
{
char *pos = NULL;
pos = strstr(data, "From:");
if(pos == NULL)
{
pos = strstr(data, "FROM:");
if(pos == NULL)
{
pos = strstr(data, "from:");
}
}
if(pos != NULL)
{
lookup->next->from_flag = 1;
pos = pos + 5;
while(*pos == ' ' || *pos == '\"' || *pos == '=' || *pos == '\n')//纯信息
pos++;
lookup->next->from[0] = '\"';
int i = 1;
while(*pos != ' ' && *pos != '\"' && *pos != '\n')
{
lookup->next->from[i] = *pos;
pos++;
i++;
}
lookup->next->from[i]='\"';
i++;
lookup->next->from[i] = '\0';
// printf("FROM: %s\n", lookup->next->from);
}
}
if(lookup->next->to_flag != 1)//---------------------得到TO字段
{
char *pos = NULL;
pos = strstr(data, "To:");
if(pos == NULL)
{
pos = strstr(data, "TO:");
if(pos == NULL)
{
pos = strstr(data, "to:");
}
}
if(pos != NULL)
{
lookup->next->to_flag = 1;
pos = pos + 3;
while(*pos == ' ' || *pos == '\"' || *pos == '=' || *pos == '\n')
pos++;
lookup->next->to[0] = '\"';
int i = 1;
while(*pos != ' ' && *pos != '\"' && *pos != '\n')
{
lookup->next->to[i] = *pos;
pos++;
i++;
}
lookup->next->to[i] = '\"';
i++;
lookup->next->to[i] = '\0';
// printf("TO: %s\n", lookup->next->to);
}
}
if(lookup->next->subject_flag != 1)//---------------------得到SUBJECT字段
{
char *pos = NULL;
pos = strstr(data, "Subject:");
if(pos == NULL)
{
pos = strstr(data, "SUBJECT:");
if(pos == NULL)
{
pos = strstr(data, "subject:");
}
}
if(pos != NULL)
{
lookup->next->subject_flag = 1;
pos = pos + 8;
while(*pos == ' ' || *pos == '\"' || *pos == '=' || *pos == '\n')
pos++;
lookup->next->subject[0] = '\"';
int i =1;
while(*pos != ' ' && *pos != '\"' && *pos != '\n')
{
lookup->next->subject[i] = *pos;
pos++;
i++;
}
lookup->next->subject[i] = '\"';
i++;
lookup->next->subject[i] = '\0';
// printf("SUBJECT: %s\n", lookup->next->subject);
}
}
if(lookup->next->attachment_flag != 1)//---------------------得到attachment字段
{
char *pos = NULL;
pos = strstr(data, "attachment");
if(pos != NULL)
{
data = pos;
pos = strstr(data, "filename");
if(pos != NULL)
{
lookup->next->attachment_flag = 1;
pos = pos + 8;
while(*pos == ' ' || *pos == '\"' || *pos == '=' || *pos == '\n')
pos++;
lookup->next->attachment[0] = '\"';
int i =1;
while(*pos != ' ' && *pos != '\"' && *pos != '\n')
{
lookup->next->attachment[i] = *pos;
pos++;
i++;
}
lookup->next->attachment[i] = '\"';
i++;
lookup->next->attachment[i] = '\0';
// printf("ATTACHMENT: %s\n", lookup->next->attachment);
}
}
}
if(lookup->next->from_flag == 1 && lookup->next->to_flag == 1 && lookup->next->subject_flag == 1 || lookup->next->attachment_flag == 1)
{
lookup->next->finish = 1;
}
}
//*******************************************************************************
//函 数 名:packet_handler
//功 能:回调函数,具体执行数据包处理工作
//输入参数:用户定义的包含捕获会话状态的参数,捕获数据包信息头,指向数据包中的数据
//输出参数:无
//编写日期:2004.07.18
//修改日期:2004.07.20
//作 者:杨光
//其他说明:
//********************************************************************************
static void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data){
ip_header *ih;
tcp_header *th;
u_int ip_len;
u_short sport, dport;
//取IP头位置
ih = (ip_header *)(pkt_data + 14);
//取TCP头位置
ip_len = (ih->ver_ihl & 0xf) * 4;
th = (tcp_header *)((u_char *)ih + ip_len);
//从网络字节顺序转到主机字节顺序
sport = ntohs(th->sport);
dport = ntohs(th->dport);
if(dport == 25)//在此逻辑中为客户向服务器传信息: mail_out
{
EnterCriticalSection(&gCriticalSectionMailList);
Mail *lookup = Header_out;
while(lookup->next != NULL)
{
if(lookup->next->port == sport)
break;
lookup = lookup->next;
}
char *data = (char *)th + sizeof(tcp_header);//得到数据的起始地址
if(lookup->next != NULL)//已有纪录
{
Get_Info(ih, sport, dport, data, lookup, 1);
}
else//无记录,新的邮件
{
Get_Infos(ih, sport, dport, data, lookup, 1);
}
LeaveCriticalSection(&gCriticalSectionMailList);
}
if(sport == 110)
{
EnterCriticalSection(&gCriticalSectionMailList);
Mail *lookup = Header_in;
while(lookup->next != NULL)
{
if(lookup->next->port == dport)
break;
lookup = lookup->next;
}
char *data = (char *)th + sizeof(tcp_header);//得到数据的起始地址
if(lookup->next != NULL)//已有纪录
{
Get_Info(ih, sport, dport, data, lookup, 2);
}
else//无记录,新的邮件
{
Get_Infos(ih, sport, dport, data, lookup, 2);
}
LeaveCriticalSection(&gCriticalSectionMailList);
}
}
private:
// CRITICAL_SECTION CriticalSectionMailList;
// CRITICAL_SECTION MailOutCriticalSection
pcap_if_t *alldevs;
};
#endif // !defined(AFX_PROBEMAIL_H__DFE918F5_7698_4A18_917C_A3D9A318B4C9__INCLUDED_)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -