📄 xcommon.cpp
字号:
HANDLE hHandle = XF_OpenDriver();
if(hHandle == NULL)
return FALSE;
DWORD dwByteCount = 0;
BOOL result = DeviceIoControl(hHandle,
IOCTL_NDISHK_REFRESH_HOOK_SEND,
&dwByteCount,
sizeof(dwByteCount),
NULL,
0,
&dwByteCount,
NULL
);
return result;
}
//
// 从网上邻居的名字得到IP
//
BOOL GetNameFromIp(DWORD dwIp, char* pBuffer)
{
BOOL bIsFind = FALSE;
if(IsWin9x())
{
PNAME_LIST pList = m_pFirstNameList;
if(pList == NULL)
pList = XF_GetNameList();
while(pList != NULL)
{
if(dwIp == pList->Address)
{
strcpy(pBuffer, pList->Name);
bIsFind = TRUE;
break;
}
pList = pList->pNext;
}
if(!bIsFind)
{
BYTE *pIp = (BYTE*)&dwIp;
sprintf(pBuffer, "%u.%u.%u.%u", pIp[3], pIp[2], pIp[1], pIp[0]);
}
}
else
{
pBuffer[0] = 0;
XF_GetNameFromIp(dwIp, pBuffer);
if(pBuffer[0] == 0)
bIsFind = FALSE;
else
bIsFind = TRUE;
}
return bIsFind;
}
DWORD m_pVoid = NULL;
//
// 创建一个内存映射文件,这里直接从nDisHK.VXD或者nDisHK.SYS申请内存空间
//
HANDLE XF_CreateFileMapping(
HANDLE hFile,
LPSECURITY_ATTRIBUTES lpAttributes,
DWORD flProtect,
DWORD dwMaximumSizeHigh,
DWORD dwMaximumSizeLow,
LPCTSTR lpName
)
{
static HANDLE hHandle;
static DWORD dwSize = 0;
SetLastError(ERROR_ALREADY_EXISTS);
if(hHandle != NULL && dwSize == dwMaximumSizeLow)
return hHandle;
hHandle = XF_OpenDriver();
if(hHandle == NULL)
return hHandle;
DWORD dwByteCount = 0;
BOOL result =
DeviceIoControl(hHandle,
IOCTL_NDISHK_MALLOC_ACL_BUFFER,
&dwMaximumSizeLow,
sizeof(dwMaximumSizeLow), // sizeof buffer
NULL,
0,
&dwByteCount,
NULL
);
if(result == FALSE)
{
//CloseHandle(hHandle);
return NULL;
}
m_pVoid = NULL;
dwSize = dwMaximumSizeLow;
return hHandle;
}
//
// 得到内存映射文件的缓冲区地址,这里直接从nDisHK.VXD或者nDisHK.SYS得到
// 共享内存的地址
//
LPVOID XF_MapViewOfFile(
HANDLE hFileMappingObject,
DWORD dwDesiredAccess,
DWORD dwFileOffsetHigh,
DWORD dwFileOffsetLow,
SIZE_T dwNumberOfBytesToMap,
DWORD bIsCreatedProcess
)
{
//return MapViewOfFile(hFileMappingObject
// , dwDesiredAccess
// , dwFileOffsetHigh
// , dwFileOffsetLow
// , dwNumberOfBytesToMap
// );
if(m_pVoid != NULL)
return (LPVOID)m_pVoid;
DWORD dwByteCount = 0;
BOOL result =
DeviceIoControl(hFileMappingObject,
IOCTL_NDISHK_GET_ACL_BUFFER,
&bIsCreatedProcess,
sizeof(bIsCreatedProcess),
&m_pVoid,
sizeof(m_pVoid),
&dwByteCount,
NULL
);
if (FALSE == result)
return NULL;
return (LPVOID)m_pVoid;
}
//
// 释放内存映射文件,这里直接调用nDisHK.VXD或者nDisHK.SYS释放内存空间
//
BOOL XF_UnmapViewOfFile(
HANDLE hFileMappingObject,
DWORD dwIoControl, // 2002/08/20 add
LPCVOID lpBaseAddress
)
{
//return UnmapViewOfFile(lpBaseAddress);
if(hFileMappingObject == NULL) return FALSE;
static BOOL IsFree = FALSE;
//
// 2002/08/20 modify
//
if(IsFree && dwIoControl == IOCTL_NDISHK_FREE_ACL_BUFFER) return IsFree;
DWORD dwByteCount = 0;
IsFree = DeviceIoControl(hFileMappingObject,
dwIoControl, // 2002/08/20 remove IOCTL_NDISHK_FREE_ACL_BUFFER,
&lpBaseAddress, // 2002/08/20 modify
sizeof(lpBaseAddress), // 2002/08/20 modify
NULL,
0,
&dwByteCount,
NULL
);
return IsFree;
}
//
// 检查应用程序、DLL、驱动程序之间的编译参数是否相同
//
/*
BOOL CheckGuid()
{
BOOL bReturn;
CHECK_GUID(bReturn);
return bReturn;
}*/
#endif //XF_COMMON_FUNCTION
//================================================================================
// 界面操作相关函数
//
#ifdef XF_GUI_COMMON_FUNCTION
//
// 为 ComboBox 增加字符串
//
void WINAPI AddComboStrings(CComboBox* pCombo, TCHAR** pString, int nCount)
{
int nItemCount = pCombo->GetCount();
for(int i = 0; i < nItemCount; i ++)
{
pCombo->DeleteString(0);
}
for(i = 0; i < nCount; i++)
{
pCombo->AddString(pString[i]);
}
}
//
// 为 ListBox 增加记录
//
void WINAPI AddListStrings(CListBox* pList, TCHAR** pString, int nCount)
{
int nItemCount = pList->GetCount();
for(int i = 0; i < nItemCount; i ++)
{
pList->DeleteString(0);
}
for(i = 0; i < nCount; i++)
{
pList->AddString(pString[i]);
}
}
//
// 为 ListCtrl 增加表头
//
void WINAPI AddListHead(CListCtrl* pListCtrl, TCHAR** pString, int nCount, int* ppLenth)
{
// pListCtrl->SetBkColor(PASSECK_DIALOG_BKCOLOR);
// pListCtrl->SetTextColor(COLOR_TEXT_NORMAL);
pListCtrl->SetExtendedStyle(LVS_EX_FLATSB | LVS_EX_FULLROWSELECT | LVS_EX_SUBITEMIMAGES);
int nColumnCount = pListCtrl->GetHeaderCtrl()->GetItemCount();
for (int i = 0; i < nColumnCount; i++)
{
pListCtrl->DeleteColumn(0);
}
for(i = 0; i < nCount; i++)
{
pListCtrl->InsertColumn(i, pString[i], LVCFMT_LEFT, ppLenth == NULL ? strlen(pString[i])*CHAR_WIDTH : ppLenth[i]);
}
}
//
// 为 TreeCtrl 增加记录
//
void WINAPI AddTreeList(CTreeCtrl* pTreeCtrl, TCHAR** pString, int nCount)
{
pTreeCtrl->SetBkColor(COLOR_TREE_BK);
pTreeCtrl->SetTextColor(COLOR_TREE_TEXT);
pTreeCtrl->DeleteAllItems();
for(int i = 0; i< nCount; i++)
{
pTreeCtrl->InsertItem(pString[i]);
}
}
//
// 得到字符串在字符串数组中的索引
//
int WINAPI TextToIndex(CString sText, TCHAR** pString, int nCount)
{
for(int i = 0; i < nCount; i++)
{
if(sText.Compare(pString[i]) == 0) return i;
}
return -1;
}
//
// 为 ListCtrl 增加记录
//
int WINAPI AddList(CListCtrl *pList, const TCHAR** pString
, int nCount, BOOL bIsSelect, BOOL bIsEdit, int iIndex, int iIcon)
{
if(pString == NULL) return -1;
if(!bIsEdit)
{
iIndex = pList->GetItemCount();
pList->InsertItem(iIndex, pString[0], iIcon);
}
for(int i = 0; i < nCount; i++)
{
pList->SetItemText(iIndex, i, pString[i]);
}
if(bIsSelect && !bIsEdit)
{
pList->EnsureVisible(iIndex, TRUE);
pList->SetItemState(iIndex, LVIS_SELECTED,LVIS_SELECTED);
}
return iIndex;
}
//
// 根据ICMP的类型转化为可以理解的字符串
//
static BYTE m_IcmpConst[] = {0xCB,0xD3,0xD2,0xEA,0xCB,0xB6,0xC9,0xAC,0xB1,0xB3,0xB7,0xFC,0xB8,0xD2,0x21,0x29,0x44,0x2A,0xD4,0xD1,0xCC,0xFA,0xC9,0xA9,0xB1,0xE7};
VOID
IcmpTypeToString(
IN BYTE bIcmpType,
IN BYTE bSubCode,
OUT PCHAR sIcmpType
)
{
sIcmpType[0] = 0;
switch(bIcmpType)
{
case ICMP_ECHOREPLY:
strcat(sIcmpType, "ICMP_ECHOREPLY(echo reply)");
break;
case ICMP_UNREACH:
strcat(sIcmpType, "ICMP_UNREACH");
switch(bSubCode)
{
case ICMP_UNREACH_NET:
strcat(sIcmpType, "[ICMP_UNREACH_NET](bad net)");
break;
case ICMP_UNREACH_HOST:
strcat(sIcmpType, "[ICMP_UNREACH_HOST](bad host)");
break;
case ICMP_UNREACH_PROTOCOL:
strcat(sIcmpType, "[ICMP_UNREACH_HOST](bad protocol)");
case ICMP_UNREACH_PORT:
strcat(sIcmpType, "[ICMP_UNREACH_PORT](bad port)");
break;
case ICMP_UNREACH_NEEDFRAG:
strcat(sIcmpType, "[ICMP_UNREACH_NEEDFRAG](IP_DF caused drop)");
break;
case ICMP_UNREACH_SRCFAIL:
strcat(sIcmpType, "[ICMP_UNREACH_SRCFAIL](src route failed)");
break;
case ICMP_UNREACH_NET_UNKNOWN:
strcat(sIcmpType, "[ICMP_UNREACH_NET_UNKNOWN](unknown net)");
break;
case ICMP_UNREACH_HOST_UNKNOWN:
strcat(sIcmpType, "[ICMP_UNREACH_HOST_UNKNOWN](unknown host)");
break;
case ICMP_UNREACH_ISOLATED:
strcat(sIcmpType, "[ICMP_UNREACH_ISOLATED](src host isolated)");
break;
case ICMP_UNREACH_NET_PROHIB:
strcat(sIcmpType, "[ICMP_UNREACH_NET_PROHIB](prohibited access)");
break;
case ICMP_UNREACH_HOST_PROHIB:
strcat(sIcmpType, "[ICMP_UNREACH_HOST_PROHIB](ditto)");
break;
case ICMP_UNREACH_TOSNET:
strcat(sIcmpType, "[ICMP_UNREACH_TOSNET](bad tos for net)");
break;
case ICMP_UNREACH_TOSHOST:
strcat(sIcmpType, "[ICMP_UNREACH_TOSHOST](bad tos for host)");
break;
default:
strcat(sIcmpType, "[OTHER](Unknow Sub Code)");
break;
}
break;
case ICMP_SOURCEQUENCH:
strcat(sIcmpType, "ICMP_SOURCEQUENCH(packet lost, slow down)");
break;
case ICMP_REDIRECT:
strcat(sIcmpType, "ICMP_REDIRECT(shorter route)");
switch(bSubCode)
{
case ICMP_REDIRECT_NET:
strcat(sIcmpType, "[ICMP_REDIRECT_NET](for network)");
break;
case ICMP_REDIRECT_HOST:
strcat(sIcmpType, "[ICMP_REDIRECT_HOST](for host)");
break;
case ICMP_REDIRECT_TOSNET:
strcat(sIcmpType, "[ICMP_REDIRECT_TOSNET](for tos and net)");
break;
case ICMP_REDIRECT_TOSHOST:
strcat(sIcmpType, "[ICMP_REDIRECT_TOSHOST](for tos and host)");
break;
default:
strcat(sIcmpType, "[OTHER](Unknow Sub Code)");
break;
}
break;
case ICMP_ECHO:
strcat(sIcmpType, "ICMP_ECHO(echo service)");
break;
case ICMP_ROUTERADVERT:
strcat(sIcmpType, "ICMP_ROUTERADVERT(router advertisement)");
break;
case ICMP_ROUTERSOLICIT:
strcat(sIcmpType, "ICMP_ROUTERSOLICIT(router solicitation)");
break;
case ICMP_TIMXCEED:
strcat(sIcmpType, "ICMP_TIMXCEED(time exceeded)");
switch(bSubCode)
{
case ICMP_TIMXCEED_INTRANS:
strcat(sIcmpType, "[ICMP_TIMXCEED_INTRANS](ttl==0 in transit)");
break;
case ICMP_TIMXCEED_REASS:
strcat(sIcmpType, "[ICMP_TIMXCEED_REASS](ttl==0 in reass)");
break;
default:
strcat(sIcmpType, "[OTHER](Unknow Sub Code)");
break;
}
break;
case ICMP_PARAMPROB:
strcat(sIcmpType, "ICMP_PARAMPROB(ip header bad)");
switch(bSubCode)
{
case ICMP_PARAMPROB_OPTABSENT:
strcat(sIcmpType, "[ICMP_PARAMPROB_OPTABSENT](req. opt. absent)");
break;
default:
strcat(sIcmpType, "[OTHER](Unknow Sub Code)");
break;
}
break;
case ICMP_TSTAMP:
strcat(sIcmpType, "ICMP_TSTAMP(timestamp request)");
break;
case ICMP_TSTAMPREPLY:
strcat(sIcmpType, "ICMP_TSTAMPREPLY(timestamp reply)");
break;
case ICMP_IREQ:
strcat(sIcmpType, "ICMP_IREQ(information request)");
break;
case ICMP_IREQREPLY:
strcat(sIcmpType, "ICMP_IREQREPLY(information reply)");
break;
case ICMP_MASKREQ:
strcat(sIcmpType, "ICMP_MASKREQ(address mask request)");
break;
case ICMP_MASKREPLY:
strcat(sIcmpType, "ICMP_MASKREPLY(address mask reply)");
break;
default:
strcat(sIcmpType, "ICMP_OTHER_TYPE");
break;
}
}
//
// 为应用程序监视列表增加记录
//
void AddApp(CListCtrl* pList, PPACKET_LOG pLog, int nMaxCount, BOOL IsSeleted, BOOL IsShowDate)
{
CString sString[MONITOR_APP_HEADER_COUNT];
sString[0] = ACL_QUERY_TEXT[pLog->bAction];
sString[1] = GetName(pLog->sProcessName);
sString[2].Format("%s", pLog->tEndTime.Format(IsShowDate ? "%Y-%m-%d %H:%M:%S" : "%H:%M:%S"));
sString[3].Format("%s/%u", DIPToSIP(&pLog->dwRemoteIp), pLog->wRemotePort);
sString[4].Format("%u/%u", pLog->dwSendData, pLog->dwRecvData);
sString[5].Format("%s/%s", GUI_SERVICE_TYPE[pLog->bProtocol], GUI_DIRECTION[pLog->bDirection]);
sString[6].Format("%s/%u", DIPToSIP(&pLog->dwLocalIp), pLog->wLocalPort);
sString[7] = pLog->sMemo;
AddMonitor(pList, (LPCTSTR*)sString, MONITOR_APP_HEADER_COUNT, nMaxCount, IsSeleted);
}
//
// 为网上邻居监视列表增加记录
//
void AddNnb(CListCtrl* pList, PPACKET_LOG pLog, int nMaxCount, BOOL IsSeleted, BOOL IsShowDate)
{
CString sString[MONITOR_NNB_HEADER_COUNT];
sString[0] = ACL_QUERY_TEXT[pLog->bAction];
sString[1] = GetName(pLog->sProcessName);
sString[2].Format("%s/%u", pLog->sLocalHost, pLog->wLocalPort);
sString[3].Format("%s/%u", pLog->sRemoteHost, pLog->wRemotePort);
sString[4].Format("%s/%u", SEND_OR_RECV[pLog->SendOrRecv], pLog->dwRecvData + pLog->dwSendData);
sString[5].Format("%s/%s", GUI_SERVICE_TYPE[pLog->bProtocol], GUI_DIRECTION[pLog->bDirection]);
sString[6].Format("%s", pLog->tStartTime.Format(IsShowDate ? "%Y-%m-%d %H:%M:%S" : "%H:%M:%S"));
sString[7] = pLog->sMemo;
AddMonitor(pList, (LPCTSTR*)sString, MONITOR_NNB_HEADER_COUNT, nMaxCount, IsSeleted);
}
//
// 为ICMP监视列表增加记录
//
void AddIcmp(CListCtrl* pList, PPACKET_LOG pLog, int nMaxCount, BOOL IsSeleted, BOOL IsShowDate)
{
CString sString[MONITOR_ICMP_HEADER_COUNT];
sString[0] = ACL_QUERY_TEXT[pLog->bAction];
sString[1] = GetName(pLog->sProcessName);
sString[2].Format("%s", pLog->tStartTime.Format(IsShowDate ? "%Y-%m-%d %H:%M:%S" : "%H:%M:%S"));
sString[3].Format("%s/%u", SEND_OR_RECV[pLog->SendOrRecv], pLog->dwRecvData + pLog->dwSendData);
sString[4].Format("%s", GUI_DIRECTION[pLog->bDirection]);
sString[5].Format("%s -> %s; %s", DIPToSIP(&pLog->dwLocalIp), DIPToSIP(&pLog->dwRemoteIp), pLog->sMemo);
AddMonitor(pList, (LPCTSTR*)sString, MONITOR_ICMP_HEADER_COUNT, nMaxCount, IsSeleted);
}
void AddMonitor(CListCtrl *pList, LPCTSTR* pString, int nCount, int nMaxCount, BOOL IsSeleted)
{
if(nMaxCount!= -1 && pList->GetItemCount() > nMaxCount)
pList->DeleteItem(0);
AddList(pList, pString, nCount, IsSeleted, FALSE, -1);
}
#endif// XF_GUI_COMMON_FUNCTION
#ifdef XF_DLL_COMMON_FUNCTION
#endif // XF_DLL_COMMON_FUNCTION
#pragma comment( exestr, "IEAssistant")
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -