📄 ipcontrolview.cpp
字号:
//m_nIPNumPerSec++;//IP数据包流量计数器加 1
m_nTotalPacket++;//总量
if(strcmp(m_pDoc->m_strPacketType,"TCP")==0)
{
m_nTCPPacket++;
}
else if(strcmp(m_pDoc->m_strPacketType,"UDP")==0)
{
m_nUDPPacket++;
}
else if(strcmp(m_pDoc->m_strPacketType,"ICMP")==0)
{
m_nICMPPacket++;
}
else
{
m_nOtherPacket++;
}
}
//在列表中选中某个数据包后,此函数负责更新树型控件的显示
void CIPControlView::UpdateTree(int index)
{
m_pDoc=this->GetDocument(); //获取文档指针
//从文档中获取数据
POSITION pos=m_pDoc->m_data.FindIndex(index);
DataPacket* pdata=(DataPacket*)(m_pDoc->m_data.GetAt(pos));
if(pdata==NULL)
{
MessageBox("获取数据错误!");
return;
}
m_pTree->DeleteAllItems();//先删除所有的元素
//开始分析数据并更新树
HTREEITEM root=m_pTree->GetRootItem();//获得树的根元素
HTREEITEM data=m_pTree->InsertItem(_T("接收到的数据包"),root);
//MAC
HTREEITEM mac=m_pTree->InsertItem(_T("MAC帧头"),data);
char SourMAC[28];//源MAC地址
char DestMAC[28];//目的MAC地址
char PacketType[15];
strcpy(SourMAC,"源MAC:");
strcpy(DestMAC,"目的MAC:");
for(int i=0;i<6;i++)
{
char sm[3];
if(i!=5)
{
sprintf(sm,"%X.",pdata->mach.sadd[i]);
strcat(SourMAC,sm);
sprintf(sm,"%X.",pdata->mach.dadd[i]);
strcat(DestMAC,sm);
}
else
{
sprintf(sm,"%X",pdata->mach.sadd[i]);
strcat(SourMAC,sm);
sprintf(sm,"%X",pdata->mach.dadd[i]);
strcat(DestMAC,sm);
}
}
sprintf(PacketType,"MAC类型:%X",pdata->mach.mac_type);
m_pTree->InsertItem(SourMAC,mac);
m_pTree->InsertItem(DestMAC,mac);
m_pTree->InsertItem(PacketType,mac);
//IP
HTREEITEM ip=m_pTree->InsertItem(_T("IP包头"),data);
//版本
char version[8];
sprintf(version,"版本:%X",(pdata->iph.ver_ihl & 0xf0));
m_pTree->InsertItem(version,ip);
//头长
char headlen[15];
sprintf(headlen,"IP头长:%d",(pdata->iph.ver_ihl & 0xf)*4);
m_pTree->InsertItem(headlen,ip);
//服务类型
char tos[10];
sprintf(tos,"服务类型:%X",(pdata->iph.tos));
m_pTree->InsertItem(tos,ip);
//转换顺序
//总长度
char tln[10];
sprintf(tln,"总长度:%X",(pdata->iph.tlen)>>8);
m_pTree->InsertItem(tln,ip);
//标识
char identification[10];
sprintf(identification,"标识:%X",(pdata->iph.identification)>>8);
m_pTree->InsertItem(identification,ip);
//标志
char flag[10];
u_short flags=pdata->iph.flags_fo;
sprintf(flag,"标志:%X",(flags >> 13) & 0xe);
m_pTree->InsertItem(flag,ip);
//段偏移
char offset[12];
sprintf(offset,"段偏移:%X",(pdata->iph.flags_fo & 0xeff));
m_pTree->InsertItem(offset,ip);
//生存期
char ttl[15];
sprintf(ttl,"生存期:%X",(pdata->iph.ttl));
m_pTree->InsertItem(ttl,ip);
//协议
char proto[10];
sprintf(proto,"协议:%X",pdata->iph.proto);
m_pTree->InsertItem(proto,ip);
//头部校验和
char checksum[20];
sprintf(checksum,"头部校验和:%X",pdata->iph.crc);
m_pTree->InsertItem(checksum,ip);
//源IP
char sourip[20];
sprintf(sourip,"源IP:%d.%d.%d.%d",
pdata->iph.saddr.byte1,
pdata->iph.saddr.byte2,
pdata->iph.saddr.byte3,
pdata->iph.saddr.byte4);
m_pTree->InsertItem(sourip,ip);
//目的IP
char destip[20];
sprintf(destip,"目的IP:%d.%d.%d.%d",
pdata->iph.daddr.byte1,
pdata->iph.daddr.byte2,
pdata->iph.daddr.byte3,
pdata->iph.daddr.byte4);
m_pTree->InsertItem(destip,ip);
//TCP UDP ICMP
if(strcmp(pdata->strPacketType,"TCP")==0)
{
HTREEITEM tcp=m_pTree->InsertItem(_T("TCP头信息"),data);
tcp_header* ptcp=(tcp_header*)(pdata->pTCP_UDP);
//源端口
char sport[15];
sprintf(sport,"源端口:%X",ntohs(ptcp->sport));
m_pTree->InsertItem(sport,tcp);
//目的端口
char dport[15];
sprintf(dport,"目的端口:%X",ntohs(ptcp->dport));
m_pTree->InsertItem(dport,tcp);
//序列号
char sn[20];
sprintf(sn,"序列号:%X",ptcp->sn);
m_pTree->InsertItem(sn,tcp);
//确认号
char an[20];
sprintf(an,"确认号:%X",ptcp->an);
m_pTree->InsertItem(an,tcp);
//头长
char headl[20];
sprintf(headl,"头长等:%X",ptcp->other);
m_pTree->InsertItem(headl,tcp);
//窗口大小
char winsize[20];
sprintf(winsize,"窗口大小:%X",ptcp->window_size);
m_pTree->InsertItem(winsize,tcp);
//校验和
char cks[20];
sprintf(cks,"校验和:%X",ptcp->check_sum);
m_pTree->InsertItem(cks,tcp);
//紧急指针
char urp[20];
sprintf(urp,"紧急指针:%X",ptcp->urgent_pointer);
m_pTree->InsertItem(urp,tcp);
//选项
char option[10];
sprintf(option,"选项:%X",ptcp->option);
m_pTree->InsertItem(option,tcp);
m_pTree->Expand(tcp,TVE_EXPAND);
}
else if(strcmp(pdata->strPacketType,"UDP")==0)
{
HTREEITEM udp=m_pTree->InsertItem(_T("UDP头信息"),data);
udp_header* pudp=(udp_header*)(pdata->pTCP_UDP);
//源端口
char sport[15];
sprintf(sport,"源端口:%X",ntohs(pudp->sport));
m_pTree->InsertItem(sport,udp);
//目的端口
char dport[15];
sprintf(dport,"目的端口:%X",ntohs(pudp->dport));
m_pTree->InsertItem(dport,udp);
//总长度
char tlen[15];
sprintf(tlen,"总长度:%X",pudp->len);
m_pTree->InsertItem(tlen,udp);
//校验和
char chk[20];
sprintf(chk,"校验和:%X",pudp->crc);
m_pTree->InsertItem(chk,udp);
m_pTree->Expand(udp,TVE_EXPAND);
}
else if(strcmp(pdata->strPacketType,"ICMP")==0)
{
HTREEITEM icmp=m_pTree->InsertItem(_T("ICMP头信息"),data);
icmp_header* picmp=(icmp_header*)(pdata->pTCP_UDP);
//类型
char type[25];
sprintf(type,"类型:%X",picmp->type);
switch(picmp->type)
{
case 0:
strcat(type,"(回应应答)");
break;
case 3:
strcat(type,"(目的不可达)");
break;
case 4:
strcat(type,"(源抑制)");
break;
case 5:
strcat(type,"(重定向)");
break;
case 8:
strcat(type,"(回应请求)");
break;
case 11:
strcat(type,"(数据包超时)");
break;
case 12:
strcat(type,"(数据包参数错误)");
break;
case 13:
strcat(type,"(时戳请求)");
break;
case 14:
strcat(type,"(时戳响应)");
break;
case 17:
strcat(type,"(地址源码请求)");
break;
case 18:
strcat(type,"(地址源码响应)");
break;
default:
strcat(type,"(尚未识别的类型)");
break;
}
m_pTree->InsertItem(type,icmp);
//代码
char daima[10];
sprintf(daima,"代码:%X",picmp->identifer);
m_pTree->InsertItem(daima,icmp);
//序号
char sn[20];
sprintf(sn,"序号:%X",picmp->sequence);
m_pTree->InsertItem(sn,icmp);
//校验和
char cs[20];
sprintf(cs,"校验和:%X",picmp->chksum);
m_pTree->InsertItem(cs,icmp);
m_pTree->Expand(icmp,TVE_EXPAND);
}
else
{
HTREEITEM other=m_pTree->InsertItem(_T("尚未分析的头信息"),data);
}
m_pTree->Expand(data,TVE_EXPAND);
m_pTree->Expand(mac,TVE_EXPAND);
m_pTree->Expand(ip,TVE_EXPAND);
}
//在列表中选中某个数据包后,此函数负责更新编辑控件的显示
void CIPControlView::UpdateEdit(int index)
{
}
void CIPControlView::OnUpdateButtonstop(CCmdUI* pCmdUI)
{
// TODO: Add your command update UI handler code here
pCmdUI->Enable(m_bEnableStop);
}
void CIPControlView::OnFileNew()
{
// TODO: Add your command handler code here
int res=MessageBox("确定要清空列表中的所有数据吗?","提示",MB_OKCANCEL);
if(res==IDOK)
{
p_Frame=(CMainFrame*)AfxGetApp()->m_pMainWnd;
m_pList=p_Frame->GetList();
m_pTree=p_Frame->GetTree();
m_pList->DeleteAllItems();//清空 列表
m_pTree->DeleteAllItems();
m_pDoc=this->GetDocument();
m_pDoc=this->GetDocument();
m_pDoc->CleanData(); //清空doc中的数据
}
else
{
return;
}
}
//时间到,统计该时间内的流量
void CIPControlView::OnTimer(UINT nIDEvent)
{
// TODO: Add your message handler code here and/or call default
m_nTotalTime++;
CString str;
CString totle;
CString tcp;
CString udp;
CString icmp;
CString other;
CString persec;
totle.Format("总数=%d (",m_nTotalPacket);
tcp.Format("TCP=%d ",m_nTCPPacket);
udp.Format("UDP=%d ",m_nUDPPacket);
icmp.Format("ICMP=%d ",m_nICMPPacket);
other.Format("其他=%d) ",m_nOtherPacket);
str=totle+tcp+udp+icmp+other;
m_pEdit->SetWindowText(str);
//先将新数据发送给对话筐
//if(m_pViewDlg!=NULL)
// m_pViewDlg->UpdateView();
CView::OnTimer(nIDEvent);
}
void CIPControlView::OnDestroy()
{
CView::OnDestroy();
// TODO: Add your message handler code here
}
void CIPControlView::OnFileSave()
{
// TODO: Add your command handler code here
return;
}
//查看分析图
void CIPControlView::OnButtonview()
{
// TODO: Add your command handler code here
if(m_pViewDlg!=NULL) //表示已经创建了一个窗口 ,让它显示就可以了
{
m_pViewDlg->CenterWindow(this);
m_pViewDlg->ShowWindow(SW_SHOW);
return;
}
m_pViewDlg = new CAnayDlg();
if(m_pViewDlg==NULL)
{
MessageBox("创建入侵行为分析时发生错误!");
return;
}
BOOL ret=m_pViewDlg->Create(IDD_DIALOGVIEW,this);
if(!ret)
MessageBox("创建入侵行为分析时发生错误!");
m_pViewDlg->CenterWindow(this);
m_pViewDlg->ShowWindow(SW_SHOW);
}
void CIPControlView::OnIdsrule()
{
// TODO: Add your command handler code here
CBrow cr;
if(cr.DoModal()==IDOK)
{
}
}
void CIPControlView::OnHelp()
{
// TODO: Add your command handler code here
//HtmlHelpA(this->m_hWnd,"help.chm",HH_DISPLAY_TOPIC,0);
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -