list.cpp

匿名通信代码

// list.cpp : implementation file
//

#include "stdafx.h"
#include "file_handle.h"
#include "list.h"
#include "filter.h"
#include "database_show.h"

#include <pcap.h>
#include <remote-ext.h>
#include <winsock.h>

#include "data.h"

#pragma comment(lib,"wsock32")

#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif

/////////////////////////////////////////////////////////////////////////////
// list dialog

list::list(CWnd* pParent /*=NULL*/)
: CDialog(list::IDD, pParent)
{
	//{{AFX_DATA_INIT(list)
	m_filter = _T("");
	//}}AFX_DATA_INIT
}


void list::DoDataExchange(CDataExchange* pDX)
{
	CDialog::DoDataExchange(pDX);
	//{{AFX_DATA_MAP(list)
	DDX_Control(pDX, IDC_LIST1, m_list);
	DDX_Text(pDX, IDC_EDIT1, m_filter);
	//}}AFX_DATA_MAP
}


BEGIN_MESSAGE_MAP(list, CDialog)
//{{AFX_MSG_MAP(list)
ON_BN_CLICKED(IDC_BUTTON2, OnButton2)
ON_BN_CLICKED(IDC_BUTTON1, OnApplyButton1)
//}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// list message handlers

BOOL list::OnInitDialog() 
{
	CDialog::OnInitDialog();
	
	// TODO: Add extra initialization here
	DWORD dwStyle = m_list.GetExtendedStyle();
    dwStyle |= LVS_EX_FULLROWSELECT;//选中某行使整行高亮（只适用与report风格的listctrl）
    dwStyle |= LVS_EX_GRIDLINES;//网格线（只适用与report风格的listctrl）
    //dwStyle |= LVS_EX_CHECKBOXES;//item前生成checkbox控件
    m_list.SetExtendedStyle(dwStyle); //设置扩展风格
	
	//m_list.SetBkColor(RGB(247,247,255));
    //m_list.SetBkColor( GetSysColor( COLOR_WINDOW ) ); 
	// m_list.SetTextColor(RGB(0,0,255));
    //m_list.SetTextBkColor(RGB(247,247,255));
	
	
	m_list.InsertColumn(0, "NO", LVCFMT_LEFT, 45 );//插入列
	m_list.InsertColumn(1, "SourceIP", LVCFMT_LEFT, 120 );
    m_list.InsertColumn(2, "DestiIP", LVCFMT_LEFT, 120 );
	m_list.InsertColumn(3, "SourcePort", LVCFMT_LEFT, 90);
	m_list.InsertColumn(4, "DestiPort", LVCFMT_LEFT, 80);
	m_list.InsertColumn(5, "Protocol", LVCFMT_LEFT, 70 );
    m_list.InsertColumn(6, "length", LVCFMT_LEFT, 60 );
	m_list.InsertColumn(7, "Time", LVCFMT_LEFT, 153);
	
	//////////////////////////////////////////////////////////////////////////////////////////
	
	CString strSQL;
	database_show dd;
	dd.DBConnect();

	int i = 0;
	int nRow = 0;
	int no = 1;
	
	//pcap_t* fp;
	struct pcap_pkthdr* header;
    const u_char* pkt_data;
	
	int res;
	struct tm* ltime;
	char timestr[30];
//	char timestr1[30];
	char protocol[10];
	arp_proto* arpp;
//	char errbuf[PCAP_ERRBUF_SIZE];
	char packet_filter[] = ""; //the conditions for filter
	struct bpf_program fcode;
	
	data_link_header* dh;
	ip_header* ih;		
	udp_header* uh;		
	tcp_header* th;		
	u_int ip_len;		
	u_short sport, dport;
	
	//if((fp = pcap_open_offline(FilePathName,errbuf)) == NULL)
	//{
	//	MessageBox("Please choose the right file!","Error",MB_ICONWARNING | MB_OK);
	//	return false;
	//}
	
	/* complie the filter */
	if (pcap_compile(fp, &fcode, packet_filter, 1, 0xffffffff) < 0)
	{
		fprintf(stderr, "\nUnable to compile the packet filter. Check the syntax.\n");
	}
	
	
	/* set the filter */
	if (pcap_setfilter(fp, &fcode) < 0)
	{  
		fprintf(stderr, "\nError setting the filter.\n");
	}
	
	
	/* Start the capture */
	
	while ((res = pcap_next_ex(fp, &header, &pkt_data)) >= 0)
	{
		sprintf(nostr,"%d",no++);
		m_list.InsertItem(nRow,nostr);
		if (res == 0)
		{
			/* Timeout elapsed */
			continue;
		}
		/* convert the timestamp to readable format */
		
		ltime = localtime(&header->ts.tv_sec);
		//strftime(timestr, sizeof(timestr), "%Y-%m-%d %H:%M:%S.", ltime);
		//sprintf(timestr1,"%.6d",header->ts.tv_usec);
		//strcat(timestr,timestr1);
		strftime(timestr, sizeof(timestr), "%Y-%m-%d %H:%M:%S", ltime);
		
		/*retrieve the position of the mac header*/
		dh = (data_link_header*)pkt_data;
		
		switch(ntohs(dh->type))
		{
			/*analysis of IP*/
		case 0x0800: 
			
			/* retrieve the position of the ip header */
			ih = (ip_header*)(pkt_data + 14);  /* length of ethernet header */
			ip_len = (ih->ver_ihl & 0xf) * 4;
			
			switch(ih->proto)
			{
				/* retrieve the position of the udp header */
				
				/*analysis of UDP */
			case 6:  
				th = (tcp_header*)((u_char*)ih + ip_len);
				
				/* convert from network byte order to host byte order */
				sport = ntohs(th->sport);
				dport = ntohs(th->dport);
				
				
				switch(dport)
					
				{
					
				case 21:  sprintf(protocol,"%s", "FTP");break;
					
				case 23:  sprintf(protocol,"%s", "TELNET");break;
					
				case 25:  sprintf(protocol,"%s", "SMTP");break;
					
				case 8080:  sprintf(protocol,"%s", "HTTP");break;
					
				default:  sprintf(protocol,"%s", "TCP");
					
				}	
				
				break;
				
				
				/* retrieve the position of the tcp header */
				/*analysis of TCP */
				case 17:
					
					uh = (udp_header*)((u_char*)ih + ip_len);
					
					
					/* convert from network byte order to host byte order */
					
					sport = ntohs(uh->sport);
					
					dport = ntohs(uh->dport);
					
					//printf("source port:%d,destination port:%d\n",sport,dport);
					
					switch(dport)
						
					{
						
					case 53:  sprintf(protocol, "%s", "DNS");break;
						
					case 69:  sprintf(protocol, "%s", "TFTP");break;
						
					case 161:  sprintf(protocol, "%s", "SNMP");break;
						
					case 162:  sprintf(protocol, "%s", "SNMP(trap)");break;
						
					default:  sprintf(protocol, "%s", "UDP");
						
					}
					
					break;  
					
			}
			
			
            sprintf(srcIP,"%d.%d.%d.%d",ih->saddr.byte1,ih->saddr.byte2,ih->saddr.byte3,ih->saddr.byte4);
			m_list.SetItemText(nRow,1,srcIP);
			
			sprintf(dstIP,"%d.%d.%d.%d",ih->daddr.byte1,ih->daddr.byte2,ih->daddr.byte3,ih->daddr.byte4);
			m_list.SetItemText(nRow,2,dstIP);
			
			sprintf(spstr,"%d",sport);
			m_list.SetItemText(nRow,3,spstr);
			
			sprintf(dpstr,"%d",dport);
			m_list.SetItemText(nRow,4,dpstr);
			
			m_list.SetItemText(nRow,5,protocol);
			
			sprintf(lenstr,"%d",header->len);
			m_list.SetItemText(nRow,6,lenstr);
			
			m_list.SetItemText(nRow,7,timestr);

			//database_show dd;
			//dd.DBConnect();
			//CString strSQL;
			strSQL.Format("insert into file_pck(f_src_ip,f_dst_ip,f_b_time) values('%s','%s','%s')",srcIP,dstIP,timestr);
			dd.m_db.ExecuteSQL(strSQL);
			
			break;
			
			/*analysis of ARP*/
			case 0x0806:
				
				arpp = (arp_proto*)(pkt_data + 14);
				
				switch(ntohs(arpp->opcode))
					
				{
					
				case 0x0001:sprintf(protocol,"%s","ARP request");break;
					
				case 0x0002:sprintf(protocol,"%s","ARP reply");break;
					
				case 0x0003:sprintf(protocol,"%s","RARP request");break;
					
				case 0x0004:sprintf(protocol,"%s","RARP reply");break;
					
				}
				
				sprintf(srcIP,"%d.%d.%d.%d",arpp->send_ip_addr.byte1,arpp->send_ip_addr.byte2,arpp->send_ip_addr.byte3,arpp->send_ip_addr.byte4);
				m_list.SetItemText(nRow,1,srcIP);
				
				sprintf(dstIP,"%d.%d.%d.%d",arpp->target_ip_addr.byte1,arpp->target_ip_addr.byte2,arpp->target_ip_addr.byte3,arpp->target_ip_addr.byte4);
				m_list.SetItemText(nRow,2,dstIP);
				
				m_list.SetItemText(nRow,3,"");
				
				m_list.SetItemText(nRow,4,"");
				
				m_list.SetItemText(nRow,5,protocol);
				
				sprintf(lenstr,"%d",header->len);
				m_list.SetItemText(nRow,6,lenstr);
				
				m_list.SetItemText(nRow,7,timestr);
				
				break;
				/*analysis of RARP*/
				case 0x8035: 
					arpp = (arp_proto*)(pkt_data + 14);
					
					switch(ntohs(arpp->opcode))
						
					{
						
					case 0x0001:sprintf(protocol,"%s","ARP request");break;
						
					case 0x0002:sprintf(protocol,"%s","ARP reply");break;
						
					case 0x0003:sprintf(protocol,"%s","RARP request");break;
						
					case 0x0004:sprintf(protocol,"%s","RARP reply");break;
						
					}
					
					
					sprintf(srcIP,"%d.%d.%d.%d",arpp->send_ip_addr.byte1,arpp->send_ip_addr.byte2,arpp->send_ip_addr.byte3,arpp->send_ip_addr.byte4);
					m_list.SetItemText(nRow,1,srcIP);
					
					sprintf(dstIP,"%d.%d.%d.%d",arpp->target_ip_addr.byte1,arpp->target_ip_addr.byte2,arpp->target_ip_addr.byte3,arpp->target_ip_addr.byte4);
					m_list.SetItemText(nRow,2,dstIP);
					
					m_list.SetItemText(nRow,3,"");
					
					m_list.SetItemText(nRow,4,"");
					
					m_list.SetItemText(nRow,5,protocol);
					
					sprintf(lenstr,"%d",header->len);
					m_list.SetItemText(nRow,6,lenstr);
					
					m_list.SetItemText(nRow,7,timestr);
					
					break;
					
					default:printf("failed");break;	
            }
			nRow++;
     }

	 dd.m_db.Close();
	 
	 
	 if (res == -1)
		 
	 {
		 printf("Error reading the packets: %s\n", pcap_geterr(fp));
		 return -1;
	 }
	 
	 //return 1;
	 
	 ////////////////////////////////////////////////////////////////////
	 
	 
	 return TRUE;  // return TRUE unless you set the focus to a control
	 // EXCEPTION: OCX Property Pages should return FALSE
}

void list::OnButton2() 
{
	// TODO: Add your control notification handler code here
	
	
    CString   lpszFilter;  ///file filter
	lpszFilter   =   "txt files (*.txt)|*.txt|"; 
	CFileDialog   dlg(true, 0, 0, OFN_HIDEREADONLY | OFN_EXPLORER | OFN_OVERWRITEPROMPT, 
		lpszFilter, 0); ///TRUE为OPEN对话框，FALSE为SAVE AS对话框
    
	if(dlg.DoModal()==IDOK)
	{
		m_filter = dlg.GetPathName();
		UpdateData(false);
	}
	
	
}

int list::OnApplyButton1() 
{
	// TODO: Add your control notification handler code here
	UpdateData(true);
	//read the filter file
	CStdioFile file;
	CString str;
	int k,j=0;
	
	if((file.Open(m_filter,CFile::modeRead |  CFile::typeText)) == NULL)
	{
		AfxMessageBox("Could not open the file !");
		return -1;
	}
	
	else
	{
		file.SeekToBegin();
		file.ReadString(str);
		
		while(str != "end")
		{
			if(str != "#")
			{
				file.ReadString(str);
				continue;
			}
			else
			{
				k=0;
				file.ReadString(str);
				while(str != "#")
				{
					pck[j][k++] = str;
					file.ReadString(str);
				}
				j++;
				file.ReadString(str);
			}
		}
		//MessageBox(pck[0][2]);
	}
	file.Close();
	
	m_list.DeleteAllItems();
	
	/////////////////////////////////////////////////////////////////////////////////////
	int i = 0;
	int nRow = 0;
	int no = 1;
	int p;
	
	pcap_t* fp;
	struct pcap_pkthdr* header;
    const u_char* pkt_data;
	
	int res;
	struct tm* ltime;
	char timestr[30];
	char timestr1[30];
	char timestr2[30];
	char protocol[10];
	char protocol1[10];