📄 capturepacketdlg.cpp
字号:
//CHECK OR UNCHECK menu items..
menu->CheckMenuItem(31,fprotocol->IsEnable?MF_CHECKED:MF_UNCHECKED);
}
void CCapturePacketDlg::OnFilterPort()
{
BOOL ret;
//Check for valid combination....
if(protofilter.CompareNoCase("ICMP")==0 || protofilter.CompareNoCase("IGMP")==0)
{
MessageBox("No port filter is associated with current protocol filter \r\n Remove the Protocol Filter to Apply Port Filter");
return;
}
if(fport->DoModal()==IDOK)
{
portfilter=fport->portfilter;
if(ipfilter.IsEmpty())
filter=protofilter+portfilter; //add together all the 3 filters...
else
filter=ipfilter+" and "+protofilter+portfilter;
sniff->PauseCapture();
ret=sniff->ApplyFilter((char *)(LPCTSTR)filter);
sniff->ResumeCapture();
if(ret==TRUE)
MessageBox("Filter applied successfully");
// Disable the custom filter if it is enabled..
if(fcustom->IsEnable)
{
fcustom->IsEnable=FALSE;
menu->CheckMenuItem(34,MF_UNCHECKED);
}
}
//CHECK OR UNCHECK menu items..
menu->CheckMenuItem(32,fport->IsEnable?MF_CHECKED:MF_UNCHECKED);
}
void CCapturePacketDlg::OnFilterIPAddress()
{
BOOL ret;
CString temp;
if(fipaddress->DoModal()==IDOK)
{
ipfilter=fipaddress->ipfilter;
temp=protofilter+portfilter;
if(temp.IsEmpty())
filter=ipfilter;
else
{
if(ipfilter.IsEmpty())
filter=temp;
else
filter=ipfilter+" and "+temp;
}
sniff->PauseCapture();
ret=sniff->ApplyFilter((char *)(LPCTSTR)filter);
sniff->ResumeCapture();
if(ret==TRUE)
MessageBox("Filter applied successfully");
// Disable the custom filter if it is enabled..
if(fcustom->IsEnable)
{
fcustom->IsEnable=FALSE;
menu->CheckMenuItem(34,MF_UNCHECKED);
}
}
// CHECK OR UNCHECK menu items..
menu->CheckMenuItem(33,fipaddress->IsEnable?MF_CHECKED:MF_UNCHECKED);
}
void CCapturePacketDlg::OnFilterCustom()
{
BOOL ret;
if(fcustom->DoModal()==IDOK)
{
filter=fcustom->custfilter;
// disable all other filters....
ipfilter="";
protofilter="";
portfilter="";
fipaddress->IsEnable=FALSE;
fport->IsEnable=FALSE;
fprotocol->IsEnable=FALSE;
sniff->PauseCapture();
ret=sniff->ApplyFilter((char *)(LPCTSTR)filter);
sniff->ResumeCapture();
if(ret==TRUE)
MessageBox("Filter applied successfully");
// Update the menu status....
menu->CheckMenuItem(31,MF_UNCHECKED);
menu->CheckMenuItem(32,MF_UNCHECKED);
menu->CheckMenuItem(33,MF_UNCHECKED);
menu->CheckMenuItem(34,MF_CHECKED);
}
}
void CCapturePacketDlg::OnHide()
{
if(IsVisible)
{
MessageBox(" Use Alt+F5 key to make it visible." );
this->ShowWindow(FALSE);
IsVisible=FALSE;
}
}
void CCapturePacketDlg::OnAbout()
{
CDialog about(IDD_DIALOG1);
about.DoModal();
}
void CCapturePacketDlg::DisplayFrame(int index)
{
long offset=0l;
BOOL retvalue;
//selected frame with starting index = 0
frameno=index;
/**
* Note : If the capture process is in progress then we cannot
* open the file packet.txt . Hence pause the capture
* and close the file.Then open the file , get the data
* and reopen the file in write mode , go to end and
* resume the capture process.
*/
if(sniff->isStarted)
{
sniff->PauseCapture();
sfile->Close();
}
framesize=packetlength[frameno];
// Calculate the offset
for(int i=0;i<frameno;i++)
offset+=packetlength[i];
// Open the packet file in read mode...
retvalue=sfile->Open("packet.txt",CFile::modeRead | CFile::typeBinary );
if(retvalue==FALSE)
{
MessageBox("Error occured while opening the file");
sfile->Close();
// If capture process is in progress...
// then open the file again and continue..,
if(sniff->isStarted)
{
sfile->Open("packet.txt",CFile::modeWrite | CFile::shareDenyWrite |CFile::typeBinary);
sfile->SeekToEnd();
sniff->ResumeCapture();
}
return;
}
sfile->Seek(offset,CFile::begin);
sfile->Read(frame,framesize);
sfile->Close();
// If capturing is goinig on...then open the file and
// resume capture process
if(sniff->isStarted)
{
// Now open the file in write mode and continue capture proces....
sfile->Open("packet.txt",CFile::modeWrite | CFile::shareDenyWrite |CFile::typeBinary);
sfile->SeekToEnd();
sniff->ResumeCapture();
}
//Now display data....
DisplayData(frame,framesize);
DisplayTree();
}
void CCapturePacketDlg::DisplayData(u_char *frame,int framesize)
{
//Now display data....
int length=framesize,linecount=0,limit,slen=0;
char line[400],hex[100];
u_char *pdata;
//Delete previous content
datalist->ResetContent();
while(length>0)
{
pdata=frame+linecount*16;
limit=length<16?length:16;
//print index
sprintf(line," 0x%.4x ",linecount*16);
//print hex content (hex bytes)
for(int i=0;i<limit;i++)
{
sprintf(hex,"%.2x ",pdata[i]);
strcat(line,hex);
}
if(limit<16)
{
sprintf(hex,"%*s",(16-limit)*3," ");
strcat(line,hex);
}
slen=strlen(line);
for (int j=0; j<limit; j++)
line[slen+j]=isprint(pdata[j])?pdata[j]:'.';
line[slen+j]=0;
datalist->AddString(line);
linecount++;
length=length-16;
}
}
void CCapturePacketDlg::DisplayTree()
{
eth_header *eh;
ip_header *iph;
tcp_header *tcph;
udp_header *udph;
icmp_header *icmph;
igmp_header *igmph;
char str[300];
int ip_hlen;
layertree->DeleteAllItems();
//Frame No
if(frameno!=-1)
sprintf(str,"Frame %d",frameno+1);
else
sprintf(str,"Saved Frame");
layer1=layertree->InsertItem(str,TVI_ROOT,TVI_LAST);
//Frame Length
sprintf(str,"Frame Length = %d",framesize);
layertree->InsertItem(str,layer1,TVI_LAST);
layer2=layertree->InsertItem("Ethernet",TVI_ROOT,TVI_LAST);
//Get Ethernet Header....
eh=(eth_header*)frame;
DisplayEthernetHeader(eh,NULL);
//Get ARP header
if(ntohs(eh->type)==0x0806)
{
layer3=layertree->InsertItem("ARP Layer",TVI_ROOT,TVI_LAST);
DisplayARPHeader((arp_header*) (frame+ETHER_LENGTH) ,NULL);
return;
}
//Reject frames other than IP/ARP frames....
if(ntohs(eh->type)!=0x0800)
return;
//Get Internet Header
layer3=layertree->InsertItem("IP Layer",TVI_ROOT,TVI_LAST);
iph=(ip_header*)(frame+ETHER_LENGTH);
DisplayIPHeader(iph,NULL);
//Get the length of IP Header
ip_hlen=(iph->ver_ihl & 0xf)<<2;
switch(iph->proto)
{
case 1: //ICMP
layer4=layertree->InsertItem("ICMP Layer",TVI_ROOT,TVI_LAST);
icmph=(icmp_header*)(frame+ETHER_LENGTH+ip_hlen);
DisplayICMPHeader(icmph,NULL);
dataoff=ETHER_LENGTH+ip_hlen+ICMP_LENGTH;
datasize=framesize-dataoff;
break;
case 2: //IGMP
layer4=layertree->InsertItem("IGMP Layer",TVI_ROOT,TVI_LAST);
igmph=(igmp_header*)(frame+ETHER_LENGTH+ip_hlen);
DisplayIGMPHeader(igmph,NULL);
dataoff=ETHER_LENGTH+ip_hlen+IGMP_LENGTH;
datasize=framesize-dataoff;
break;
case 6: //TCP
layer4=layertree->InsertItem("TCP Layer",TVI_ROOT,TVI_LAST);
tcph=(tcp_header*)(frame+ETHER_LENGTH+ip_hlen);
DisplayTCPHeader(tcph,NULL);
dataoff=ETHER_LENGTH+ip_hlen+TCP_LENGTH;
datasize=framesize-dataoff;
break;
case 17: //UDP
layer4=layertree->InsertItem("UDP Layer",TVI_ROOT,TVI_LAST);
udph=(udp_header*)(frame+ETHER_LENGTH+ip_hlen);
DisplayUDPHeader(udph,NULL);
dataoff=ETHER_LENGTH+ip_hlen+UDP_LENGTH;
datasize=framesize-dataoff;
break;
default:
layer4=layertree->InsertItem("Unknown Protocol",TVI_ROOT,TVI_LAST);
dataoff=ETHER_LENGTH+ip_hlen;
datasize=framesize-dataoff;
}
if(datasize==0)
return;
//Display Data
layer5=layertree->InsertItem("Data Layer",TVI_ROOT,TVI_LAST);
sprintf(str,"Data length = %d ",datasize);
layertree->InsertItem(str,layer5,TVI_LAST);
}
void CCapturePacketDlg::DisplayEthernetHeader(eth_header *eh,CStdioFile *tfile)
{
int i;
char str[3][100],mac[100];
char file[500];
//Destination MAC address
sprintf(str[0],"Dest Mac = ");
for(i=0;i<6;i++)
{
sprintf(mac,"%.2x ",eh->dmac[i]);
strcat(str[0],mac);
}
//Source MAC Address
sprintf(str[1],"Source Mac = ");
for(i=0;i<6;i++)
{
sprintf(mac,"%.2x ",eh->smac[i]);
strcat(str[1],mac);
}
//Ethernet Frame type
if(ntohs(eh->type)==0x0800) //IP
sprintf(str[2],"Type = DOD/IP");
else if(ntohs(eh->type)==0x0806)
sprintf(str[2],"Type = ARP");
else
sprintf(str[2],"Type = Unknown");
//Add to tree control
if(tfile==NULL)
{
for(int i=0;i<3;i++)
layertree->InsertItem(str[i],layer2,TVI_LAST);
}
else //write to file
{
sprintf(file,"%s\r\n%s\r\n%s",str[0],str[1],str[2]);
tfile->WriteString(file);
}
}
void CCapturePacketDlg::DisplayARPHeader(arp_header *arph,CStdioFile *tfile)
{
char str[4][100],file[300];
//Information
sprintf(str[0],"Length = 28");
switch(ntohs(arph->opcode))
{
case 0x0001:
sprintf(str[1],"ARP Request frame");
break;
case 0x0002:
sprintf(str[1],"ARP Reply frame");
break;
case 0x0003:
sprintf(str[1],"RARP Request frame");
break;
case 0x0004:
sprintf(str[1],"RARP Reply frame");
break;
default:
sprintf(str[1],"Unknown ARP");
}
//Get src and destination ip address
sprintf(str[2],"Src IP = %d.%d.%d.%d",
arph->saddr.byte1,
arph->saddr.byte2,
arph->saddr.byte3,
arph->saddr.byte4);
sprintf(str[3],"Dest IP= %d.%d.%d.%d",
arph->daddr.byte1,
arph->daddr.byte2,
arph->daddr.byte3,
arph->daddr.byte4);
if(tfile==NULL)
{
for(int i=0;i<4;i++)
layertree->InsertItem(str[i],layer3,TVI_LAST);
}
else
{
sprintf(file,"%s\r\n%s\r\n%s\r\n%s",str[0],str[1],str[2],str[3]);
tfile->WriteString(file);
}
}
void CCapturePacketDlg::DisplayIPHeader(ip_header *iph,CStdioFile *tfile)
{
char str[7][100],file[600];
//Length
sprintf(str[0],"Length = %d",(iph->ver_ihl & 0xf)<<2);
//type of service
sprintf(str[1],"Service = %x",iph->tos);
//Identification
sprintf(str[2],"ID = %d",iph->identification);
//TTL
sprintf(str[3],"TTL = %d",iph->ttl);
//Checksum
sprintf(str[4],"Checksum = %d",iph->crc);
//Source IP Address
sprintf(str[5],"Src = %d.%d.%d.%d",iph->saddr.byte1,iph->saddr.byte2,iph->saddr.byte3,iph->saddr.byte4);
//Destination IP Address
sprintf(str[6],"Dest = %d.%d.%d.%d",iph->daddr.byte1,iph->daddr.byte2,iph->daddr.byte3,iph->daddr.byte4);
if(tfile==NULL)
{
for(int i=0;i<7;i++)
layertree->InsertItem(str[i],layer3,TVI_LAST);
}
else
{
sprintf(file,"%s\r\n%s\r\n%s\r\n%s\r\n%s\r\n%s\r\n%s",str[0],str[1],str[2],str[3],str[4],str[5],str[6]);
tfile->WriteString(file);
}
}
void CCapturePacketDlg::DisplayTCPHeader(tcp_header *tcph,CStdioFile *tfile)
{
char str[7][100],file[500];
char tcpflag[8][10]={"FIN ","SYN ","RST ","PUSH ","ACK ","URG ","ECE ","CWR "};
//Source port
sprintf(str[0],"Source Port = %d",ntohs(tcph->sport));
//destination port
sprintf(str[1],"Dest Port = %d",ntohs(tcph->dport));
//Sequence No
sprintf(str[2],"Seq No = %ul ",ntohl(tcph->seqno));
//ACK No
sprintf(str[3],"ACK No = %ul ",ntohl(tcph->ackno));
//Window
sprintf(str[4],"Win Size = %d ",ntohs(tcph->win));
//Checksum
sprintf(str[5],"Checksum = %d ",tcph->checksum);
//Each TCP mesg may contain more than one flag set...
sprintf(str[6],"Type = ");
for(int i=0;i<8;i++)
{
if(tcph->flag & 1<<i)
strcat(str[6],tcpflag[i]);
}
if(tfile==NULL)
{
for(int i=0;i<7;i++)
layertree->InsertItem(str[i],layer4,TVI_LAST);
}
else
{
sprintf(file,"%s\r\n%s\r\n%s\r\n%s\r\n%s\r\n%s\r\n%s",str[0],str[1],str[2],str[3],str[4],str[5],str[6]);
tfile->WriteString(file);
}
}
void CCapturePacketDlg::DisplayUDPHeader(udp_header *udph,CStdioFile *tfile)
{
char str[4][100],file[400];
//Length
sprintf(str[0],"Length = %d",UDP_LENGTH);
//Source port
sprintf(str[1],"Source Port = %d",ntohs(udph->sport));
//destination port
sprintf(str[2],"Dest Port = %d",ntohs(udph->dport));
//checksum
sprintf(str[3],"Checksum = %d",udph->crc);
if(tfile==NULL)
{
for(int i=0;i<4;i++)
layertree->InsertItem(str[i],layer4,TVI_LAST);
}
else
{
sprintf(file,"%s\r\n%s\r\n%s\r\n%s",str[0],str[1],str[2],str[3]);
tfile->WriteString(file);
}
}
void CCapturePacketDlg::DisplayICMPHeader(icmp_header *icmph,CStdioFile *tfile)
{
char str[5][100],file[500];
int mesglen=16;
icmp_mesg mesg[]={ { 0, "Echo Reply"},
{ 3, "Destination Unreachable"},
{ 4, "Source Quench"},
{ 5, "Redirect Message"},
{ 6, "Alternate Host Address"},
{ 8, "Echo Request"},
{ 9, "Router Advertisement"},
{ 10, "Router Selection"},
{ 11, "Time Exceeded"},
{ 12, "Parameter Problem"},
{ 13, "Timestamp Request"},
{ 14, "Timestamp Reply"},
{ 15, "Information Request"},
{ 16, "Information Reply"},
{ 17, "Address Mask Request"},
{ 18, "Address Mask Reply"},
};
for(int i=0;i<mesglen;i++)
{
if(icmph->type==mesg[i].type)
{
sprintf(str[0],"%s",mesg[i].mesg); //type
break;
}
}
if(i==mesglen) //not found
sprintf(str[0],"ICMP Unknown Message");
sprintf(str[1],"Type = %d",icmph->type); //type
sprintf(str[2],"Code = %d",icmph->code); //code
sprintf(str[3],"ID = %d",icmph->id); //id
sprintf(str[4],"Seq No = %d",icmph->seqno); ///seqno
if(tfile==NULL)
{
for(int i=0;i<5;i++)
layertree->InsertItem(str[i],layer4,TVI_LAST);
}
else
{
sprintf(file,"%s\r\n%s\r\n%s\r\n%s\r\n%s",str[0],str[1],str[2],str[3],str[5]);
tfile->WriteString(file);
}
}
void CCapturePacketDlg::DisplayIGMPHeader(igmp_header *igmph,CStdioFile *tfile)
{
igmp_mesg groupmesg[13]={
{ 0x11 ," Group Membership Query."},
{0x12 ,"IGMPv1 Membership Report." },
{0x13 ,"DVMRP. "},
{0x14 ,"PIMv1. "},
{0x15 ,"Cisco Trace Messages. "},
{0x16 ,"IGMPv2 Membership Report. "},
{0x17 ,"IGMPv2 Leave Group." },
{0x1E ,"Multicast Traceroute Response. "},
{0x1F ,"Multicast Traceroute. "},
{0x22 ,"IGMPv3 Membership Report. "},
{0x24 ,"Multicast Router Advertisement. "},
{0x25 ,"Multicast Router Solicitation. "},
{0x26 ,"Multicast Router Termination. "}
};
int igmp_mesglen=13;
char str[5][100],file[400];
for(int i=0;i<igmp_mesglen;i++)
{
if(groupmesg[i].type==igmph->type)
{
sprintf(str[0],"%s",groupmesg[0].mesg);
break;
}
}
//if it is not standard mesg...
if(i==igmp_mesglen)
sprintf(str[0],"IGMP General Message");
sprintf(str[1],"Type = %d",igmph->type); //Type
sprintf(str[2],"Response Time = %d",igmph->restime); //Code
sprintf(str[3],"Checksum = %d",igmph->checksum);//id
//Multicast Group Address
sprintf(str[4],"Group Addr = %d.%d.%d.%d",igmph->groupaddr.byte1,igmph->groupaddr.byte2,igmph->groupaddr.byte3,igmph->groupaddr.byte4);
if(tfile==NULL)
{
for(int i=0;i<5;i++)
layertree->InsertItem(str[i],layer4,TVI_LAST);
}
else
{
sprintf(file,"%s\r\n%s\r\n%s\r\n%s\r\n%s",str[0],str[1],str[2],str[3],str[4]);
tfile->WriteString(file);
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -