📄 patrickhook.h
字号:
/////////////////////////////////////////////////////////////////////////////
//// INCLUDE FILES
#ifndef __MYHOOK_H
#define __MYHOOK_H
#include "..\Include_Windis\NdisHApi.h"
#include "..\Include_Windis\Windis.h"
#define TX_PACKAGE_SIGN (DWORD )0x444E4553 /* SEND */
#define PACKET_BUFFER_SIZE MAX_ETHER_SIZE
typedef struct _HookAdapter HookAdapter, *PHookAdapter; // Forward
typedef struct _SendPackage
{
DWORD nSignature; // Character Signature "SEND"
W32N_LIST_ENTRY qLink;
DWORD nBytesReturned;
DWORD nFrameSize;
PHookAdapter pAdapter;
/* MAGIC!!!
-----------
* The offset of the OVERLAPPED field in the SendPackage structure
* MUST be different from the offset of the OVERLAPPED field in
* the ReceivePackage structure. This is because of a sanity check
* made using the CONTAINING_RECORD macro in the IOCP sample.
*/
OVERLAPPED OverLapped;
UCHAR PacketBufferSpace[ PACKET_BUFFER_SIZE ];
DWORD Padding; // Allow for possible misalignment of Buffer
}SendPackage, *PSendPackage;
/* About The ReceivePackage Structure
-------------------------------------
* The comments made above concerning the SendPackage also apply to
* the ReceivePackage structure defined below.
*/
#define RX_PACKAGE_SIGN (DWORD )0x56434552 /* RECV */
typedef struct _ReceivePackage
{
DWORD nSignature; // Character Signature "RECV"
DWORD nBytesReturned;
PHookAdapter pAdapter;
/* MAGIC!!!
-----------
* The offset of the OVERLAPPED field in the ReceivePackage structure
* MUST be different from the offset of the OVERLAPPED field in
* the SendPackage structure. This is because of a sanity check
* made using the CONTAINING_RECORD macro in the IOCP sample.
*/
OVERLAPPED OverLapped;
/* Note
-------
* WinDis 32 V5.00.10.31 introduced a mechanism which provides
* a simple way to accomodate media which has packet data lengths
* larger then the 1500 bytes used by Ethernet.
*
* To suport this, the PacketBuffer field in the W32N_PACKET structure
* was changed from having a fixed length of:
*
* (2*ETHER_ADDR_LENGTH) + ETHER_TYPE_LENGTH + MAX_ETHER_SIZE + 2
*
* to having a placeholder length of one (1) byte. This mechanism
* requires that additional memory for the actual buffer must be
* provided contiguous to and immediately following the placeholder
* PacketBuffer field.
*
* // ATTENTION!!! Above not currently correct!!!
* // Hardcoded to 4550 Bytes...
*
* Although there are other ways to fulfill this requirement, this
* test application simply provides the PacketBufferSpace character
* array immediately following the UserPacketData field.
*
* The Padding field accounts for the possibility that a compiler may
* do something funny.
*/
W32N_PACKET UserPacketData;
char PacketBufferSpace[ PACKET_BUFFER_SIZE ];
DWORD Padding; // Allow for possible misalignment of Buffer
PVOID pPatrickPtr; // To save CRx's ptr
}ReceivePackage, *PReceivePackage;
typedef struct _HookAdapter
{
HANDLE m_hDevice;
DWORD m_nMedium;
char m_szAdapterName[ _MAX_PATH ];
BOOL m_bCurrentAddressValid;
BYTE m_CurrentAddress[ ETHER_ADDR_LENGTH ];
char m_szAdapterDriverDescription[ 80 ];
OVERLAPPED m_OverLapped;
HANDLE m_hDummyReceiveEvent;
DWORD m_nReceivedPacketCount;
DWORD m_nLastSequenceNo;
DWORD m_nSequenceErrorCount;
DWORD m_nSequenceErrorPlus;
DWORD m_nSequenceErrorMinus;
DWORD m_nSendPacketCount;
DWORD64 m_BytesSent;
DWORD m_nPendingSendAPCCount;
ULONG m_nProtocolFramesRcvGood;
ULONG m_nRcvMissed_KernelResource; // Frames Missed, Kernel Resource
ULONG m_nRcvMissed_UserResource; // Frames Missed, User Resource
ULONG m_nProtocolFramesXmitGood;
ULONG m_nXmitMissed_KernelResource; // Frames Missed, Kernel Resource
char m_szProtocolDriverDescription[ 80 ];
HANDLE m_hReadPort;
PReceivePackage m_pRxPackageBase;
DWORD m_nPackageCount; // Number Of Successfully Created Packages
// For WaitForMultipleObjects Reception Example
HANDLE m_PackageHandles[ MAXIMUM_WAIT_OBJECTS ];
}HookAdapter, *PHookAdapter;
#endif // __MYHOOK
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -