filt.h

这是一本学习 window编程的很好的参考教材

	ACL_DISTRUST_TIME_WEEK,
	ACL_TRUST_TIME_WEEK,
	ACL_CUSTOM_TIME_WEEK
};

static DWORD ACL_TIME_START[] = {
	ACL_ALL_TIME_START,
	ACL_WORK_TIME_START,
	ACL_NONWORK_TIME_START,		
	ACL_WEEK_END_TIME_START,
	ACL_DISTRUST_TIME_START,
	ACL_TRUST_TIME_START,
	ACL_CUSTOM_TIME_START
};

static DWORD ACL_TIME_END[] = {
	ACL_ALL_TIME_END,
	ACL_WORK_TIME_END,
	ACL_NONWORK_TIME_END,		
	ACL_WEEK_END_TIME_END,
	ACL_DISTRUST_TIME_END,
	ACL_TRUST_TIME_END,
	ACL_CUSTOM_TIME_END
};

//static BYTE ACL_GUID[] = {0x53,0x4C,0x47,0x3D,0x3B,0x33,0x36,0x33,0x38,0x2F,0x4F,0x57,0x3D,0xBD,0xAE,0xD2,0x01,0xBE,0xDE,0x2B,0x34,0x36,0x3C,0x34,0x33,0x38,0x3B,0x3C,0x39,0x3B,0x39,0x2F,0x23,0xB4,0xB4,0xC1,0xAC,0xCD,0xD3,0xB6,0xB2,0xD4,0xF7,0xCA,0xFB,0xB3,0xB5,0xD2,0xEB,0xB4,0xB4,0xC3,0xF2,0x34,0x33,0xBD,0xC8,0x2C,0x2B,0x7C,0x6C,0x71,0x6A,0x7C,0x6C,0x71,0x6A,0x6D,0x6C,0x64,0x43,0x69,0x68,0x76,0x66,0x72,0x70,0x64,0x6C,0x6F,0x31,0x71,0x68,0x77,0x3E,0x6D,0x64,0x66,0x6E,0x6D,0x6C,0x64,0x6B,0x7C,0x43,0x76,0x6C,0x71,0x64,0x31,0x66,0x72,0x70,0x31,0x66,0x71,0x2C,};

//#define CHECK_GUID(bReturn) \
//{\
//	int n1, n2, i, j;\
//	bReturn = TRUE;\
//	n1 = sizeof(ACL_GUID);\
//	n2 = sizeof(CONTROL_CODE_GUID);\
//	if(n1 != n2 || !n1)\
//		bReturn = FALSE;\
//	for(i = 0, j = n1-1; i < n1, j >= 0; i++, j--)\
//	{\
//		if(ACL_GUID[i] == CONTROL_CODE_GUID[j] + 1)\
//			continue;\
//		bReturn = FALSE;\
//		break;\
//	}\


#define ACL_TIME_COUNT	sizeof(ACL_WEEK)/sizeof(BYTE)

#define ACL_TEMP_FILE_NAME			_T("xacl.tmp")
#define ACL_FILE_NAME				_T("xacl.cfg")

#define	ACL_HEADER_SIGNATURE		_T("PKF/PASSECK\0")
#define ACL_HEADER_MAJOR			1
#define ACL_HEADER_MINOR			0
#define ACL_HEADER_SERIAL			0
#define ACL_HEADER_VERSION			2
#define ACL_HEADER_LOG_SIZE			5
#define ACL_HEADER_UPDATE_INTERVAL	0
#define ACL_HEADER_USER_NAME		_T("\0")
#define ACL_HEADER_ACODE			_T("\0")
#define ACL_HEADER_WEB_URL			_T("http://www.xfilt.com/\0")
#define ACL_HEADER_COMMAND_URL		_T("http://www.xfilt.com/command_%s_%u_%u_%u.txt\0")
#define ACL_HEADER_REGISTER_URL		_T("http://www.xfilt.com/PKF_register_user.asp\0")
#define ACL_HEADER_EMAIL			_T("xstudio@xfilt.com\0")
#define ACL_HEADER_TIME_COUNT		ACL_TIME_COUNT
#define ACL_HEADER_INTRANET_IP_COUNT	1
#define ACL_TIME_TOTAL_LENTH		ACL_HEADER_TIME_COUNT * ACL_TIME_LENTH

#define ACL_WRITE_LOG				1
#define ACL_AUTO_START				1
#define ACL_AUDIO_ALERT				1
#define ACL_SPLASH_ALERT			1
#define ACL_SHOW_WELCOME			1
#define ACL_CHECK_TORJAN			1
#define ACL_CHECK_FILE				1

#define ACL_PASS_ALL				0x00		

#define ACL_DENY_ALL				0x01

#define ACL_QUERY					0x02

#define ACL_DENY_IN					0x03

#define ACL_DENY_OUT				0x04


#define ACL_QUERY_PASS				0x00
#define ACL_QUERY_DENY				0x01
#define ACL_QUERY_QUERY				0x02

#define ACL_SECURITY_HIGH			0x00
#define ACL_SECURITY_NORMAL			0x01
#define ACL_SECURITY_LOWER			0x02

#define ACL_WEB_SET					ACL_PASS_ALL	// not use web filter
#define ACL_NNB_SET					ACL_DENY_IN		// deny the inline
#define ACL_ICMP_SET				ACL_DENY_IN		// deny the inline
#define ACL_APP_SET					ACL_QUERY
#define ACL_WORK_MODE				ACL_QUERY
#define ACL_SECURITY				ACL_SECURITY_NORMAL	 

#define ACL_TYPE_TIME				0
#define ACL_TYPE_ALL_IP				1
#define ACL_TYPE_INTRANET_IP		2
#define ACL_TYPE_DISTRUST_IP		3
#define ACL_TYPE_TRUST_IP			4
#define ACL_TYPE_CUSTOM_IP			5
#define ACL_TYPE_ACL				6
#define ACL_TYPE_APP				ACL_TYPE_ACL
#define ACL_TYPE_WEB				7
#define ACL_TYPE_NNB				8
#define ACL_TYPE_ICMP				9
#define ACL_TYPE_DRIVER_APP			10


#define XF_PASS						0
#define XF_DENY						1
#define XF_QUERY					2
#define XF_FILTER					3
#define XF_UNKNOWN					4

#define XF_PASS_ALL					ACL_PASS_ALL
#define XF_QUERY_ALL				ACL_QUERY
#define XF_DENY_ALL					ACL_DENY_ALL


#define ACL_TIME_TYPE_ALL			0
#define ACL_TIME_TYPE_WORK_TIME		1
#define ACL_TIME_TYPE_NONWORK_TIME	2
#define ACL_TIME_TYPE_WEEKEND		3
#define ACL_TIME_TYPE_DISTRUST_TIME	4
#define ACL_TIME_TYPE_TRUST_TIME	5
#define ACL_TIME_TYPE_CUSTOM_TIME	6

#define ACL_NET_TYPE_ALL			0
#define ACL_NET_TYPE_INTRANET		1
#define ACL_NET_TYPE_DISTRUST		2
#define ACL_NET_TYPE_TRUST			3
#define ACL_NET_TYPE_CUSTOM			4





#define IO_CONTROL_SET_WORK_MODE				0
#define IO_CONTROL_SET_ACL_IS_REFRESH			1
#define IO_CONTROL_REFENCE_UPDATE_VERSION		2
#define IO_CONTROL_SET_ACL_MEMORY_FILE_HANDLE	3
#define IO_CONTROL_GET_SESSION_FILE_HANDLE		4
#define IO_CONTROL_GET_SESSION_COUNT			5
#define IO_CONTROL_SET_PKF_PROCESS_ID		6

typedef struct _PKF_IO_CONTROL
{
	BYTE	Byte;
	DWORD	DWord;
	DWORD	DWord2;
	BYTE*	Pointer;
} PKF_IO_CONTROL, *PPKF_IO_CONTROL;

#ifndef KERNEL_MODE
typedef int  (WINAPI * XF_IO_CONTROL)(int iControlType, PKF_IO_CONTROL* ioControl);
#endif //KERNEL_MODE


#define XERR_SESSION_ALREDAY_EXISTS			-401
#define XERR_SESSION_BUFFER_NOT_EXISTS		-402
#define XERR_PROTOCOL_NO_DATA				-501

#define SESSION_STATUS_FREE			0
#define SESSION_STATUS_CHANGE		1
#define SESSION_STATUS_OVER			10
#define SESSION_STATUS_QUERYING_APP	101
#define SESSION_STATUS_QUERYING_WEB	102
#define SESSION_STATUS_QUERY_APP	151
#define SESSION_STATUS_QUERY_WEB	152

#define SESSION_STATUS_QUERY_DRIVER			200
#define SESSION_STATUS_QUERY_DRIVER_APP		ACL_TYPE_DRIVER_APP + SESSION_STATUS_QUERY_DRIVER
#define SESSION_STATUS_QUERY_DRIVER_NNB		ACL_TYPE_NNB + SESSION_STATUS_QUERY_DRIVER
#define SESSION_STATUS_QUERY_DRIVER_ICMP	ACL_TYPE_ICMP + SESSION_STATUS_QUERY_DRIVER


#define SESSION_STATUS_QUERY_MARGIN 50

typedef struct _SESSION
{
	DWORD		dwIndex;
	DWORD		dwPid;
	SOCKET		s;

	DWORD		dwAclId;

	BYTE		bIsQuery;
	BYTE		bAclType;
	BYTE		bTimeType;
	BYTE		bNetType;

	BYTE		bStatus;
	BYTE		bDirection;
	BYTE		bProtocol;
	BYTE		bAction;

	DWORD		dwLocalIp;
	DWORD		dwRemoteIp;
	WORD		wLocalPort;
	WORD		wRemotePort;
	CTIME		tStartTime;
	CTIME		tEndTime;
	DWORD		dwSendData;
	DWORD		dwRecvData;
	TCHAR		sPathName[MAX_PATH];
	TCHAR		sMemo[MAX_PATH];
} SESSION, *PSESSION;
#define SESSION_LENTH		sizeof(SESSION)

#define SESSION_MEMORY_FILE_NAME		_T("PKF_SESSION_MEMORY_FILE")
#define SESSION_MAX_COUNT				MAX_PACKET_ONLINE
#define SESSION_MEMORY_FILE_MAX_SIZE	SESSION_LENTH * SESSION_MAX_COUNT

#define PACKET_TYPE_NORMAL		0
#define PACKET_TYPE_OVER		1

#define STATUS_RECV				0
#define STATUS_SEND				1
#define STATUS_RDSD				2

typedef struct _PACKET_LOG
{
	BYTE		AclType;
	BYTE		bDirection;
	BYTE		bProtocol;
	BYTE		bAction;

	union
	{
		struct
		{
			BYTE	TcpCode		: 6;
			BYTE	Reserved1	: 2;
		};
		struct
		{
			BYTE	TcpFin		: 1;
			BYTE	TcpSyn		: 1;
			BYTE	TcpRst		: 1;
			BYTE	TcpPsh		: 1;
			BYTE	TcpAck		: 1;
			BYTE	TcpUrg		: 1;

			BYTE	SendOrRecv	: 2;
		};
	};
	BYTE		IcmpType;
	BYTE		IcmpSubType;
	BYTE		PacketType;

	DWORD		dwLocalIp;
	DWORD		dwRemoteIp;
	WORD		wLocalPort;
	WORD		wRemotePort;
	CTIME		tStartTime;
	CTIME		tEndTime;
	DWORD		dwSendData;
	DWORD		dwRecvData;
	TCHAR		sProcessName[MAX_PATH];
	TCHAR		sMemo[MAX_PATH];
	TCHAR		sLocalHost[64];
	TCHAR		sRemoteHost[64];

} PACKET_LOG, *PPACKET_LOG;



#endif // #ifndef __FILT_H__