define.h

一个比较简单的使用SOCKET的基于WINDOWS的网络监听程序！

#ifndef _MONITOR_H_
#define _MONITOR_H_

#define        MAX_LINK_NAME_LENGTH	64			//< Maximum length of the devices symbolic links

/*!
  \brief Describes a network adapter.

  This structure is the most important for the functioning of packet.dll, but the great part of its fields
  should be ignored by the user, since the library offers functions that avoid to cope with low-level parameters
*/
typedef struct _ADAPTER  { 
	HANDLE hFile;				///< \internal Handle to an open instance of the NPF driver.
	CHAR  SymbolicLink[MAX_LINK_NAME_LENGTH]; ///< \internal A string containing the name of the network adapter currently opened.
	int NumWrites;				///< \internal Number of times a packets written on this adapter will be repeated 
								///< on the wire.
	HANDLE ReadEvent;			///< A notification event associated with the read calls on the adapter.
								///< It can be passed to standard Win32 functions (like WaitForSingleObject
								///< or WaitForMultipleObjects) to wait until the driver's buffer contains some 
								///< data. It is particularly useful in GUI applications that need to wait 
								///< concurrently on several events. In Windows NT/2000 the PacketSetMinToCopy()
								///< function can be used to define the minimum amount of data in the kernel buffer
								///< that will cause the event to be signalled. 
	
	UINT ReadTimeOut;			///< \internal The amount of time after which a read on the driver will be released and 
								///< ReadEvent will be signaled, also if no packets were captured
}  ADAPTER, *LPADAPTER;

//定义ip报头
typedef struct _iphdr
{
	byte ver_len;		//版本4位,头长度4位,报头长度以32位为一个单位
	byte type;			//类型8位
	byte length[2];		//总长度,16位,指出报文的以字节为单位的总长度
						//报文长度不能超过65536个字接，否则认为报文遭到破坏
	byte id[2];			//报文标示,用于多于一个报文16位
	byte flag_offset[2];//标志,3位	数据块偏移13位
	byte time;			//生存时间,8位
	byte protocol;		//协议,8位
	byte crc_val[2];	//头校验和，16位
	byte src_addr[4];	//源地址,32位
	byte tar_addr[4];	//目标地址,32位
	byte options[4];	//选项和填充,32位
}IP_HEADER;

typedef struct _tcphdr
{
	byte source_port[2];	//发送端端口号,16位
	byte dest_port[2];		//接收端端口号,16位
	byte sequence_no[4];	//32位，标示消息端的数据位于全体数据块的某一字节的数字
	byte ack_no[4];			//32位，确认号,标示接收端对于发送端接收到数据块数值
	byte offset_reser_con[2];//数据偏移4位，预留6位，控制位6为
	byte window[2];			//窗口16位
	byte checksum[2];		//校验码,16位
	byte urgen_pointer[2];	//16位，紧急数据指针
	byte options[3];		//选祥和填充,32位
}TCP_HEADER;

#define PROTOCOL_ICMP			1	//传输控制协议
#define PROTOCOL_GTG			3	//Gateway-to-Gateway           
#define PROTOCOL_CGMM			4	//CMCC Gateway Monitoring Message
#define PROTOCOL_ST				5	//ST
#define PROTOCOL_TCP			6	//传输控制协议           
#define PROTOCOL_UCL			7	//UCL
#define PROTOCOL_SECURE			9	//secure
#define PROTOCOL_BRM			10	//BBN RCC Monitoring
#define PROTOCOL_NVP			11	//NVp
#define PROTOCOL_PUP			12	//PUP
#define PROTOCOL_PLURIBUS		13  //Pluribus       
#define PROTOCOL_TELENET		14	//Telenet         
#define PROTOCOL_XNET			15	//XNET
#define PROTOCOL_CHAOS			16	//Chaos
#define PROTOCOL_UDP			17	//UDP
#define PROTOCOL_MULTIPLEXING	18	//Multiplexing          
#define PROTOCOL_DCN			19	//DCN          
#define PROTOCOL_TAC_MONITORING	20	//TAC Monitoring
#define PROTOCOL_ALN			63	//any local network
#define PROTOCOL_SATNET			64	//SATNET and Backroom EXPAK
#define PROTOCOL_MITSS			65	//MIT Subnet Support
#define PROTOCOL_SATNET_MONIT	69	//SATNET Monitoring
#define PROTOCOL_IPCU			71	//Internet Packet Core Utility 
#define PROTOCOL_BK_SATNET_MONI 76	//Backroom SATNET Monitoring 
#define PROTOCOL_WIDEBAND_MONI	78	//WIDEBAND Monitoring 
#define PROTOCOL_WIDEBAND_EXPAK	79	//WIDEBAND EXPAK

#endif