ioctlcmd.h

Also since the domain name--against which the retrieved domain name is to be matched--is currently h

#define FILE_DEVICE_EDDrv	0x00008300


#define EDDrvVERSION    400


#define EDDrv_setdrives   (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x00, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define EDDrv_zerostats   (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x01, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define EDDrv_getstats    (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x02, METHOD_NEITHER, FILE_ANY_ACCESS )
#define EDDrv_unloadquery (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x03, METHOD_NEITHER, FILE_ANY_ACCESS )
#define EDDrv_stopfilter  (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x04, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define EDDrv_startfilter (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x05, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define EDDrv_setfilter   (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x06, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define EDDrv_timetype    (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x07, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define EDDrv_version     (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x08, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define EDDrv_hookspecial (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x09, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define EDDrv_unhookspecial (ULONG) CTL_CODE( FILE_DEVICE_EDDrv, 0x10, METHOD_BUFFERED, FILE_ANY_ACCESS ) 
#define EDDrv_uservalid (ULONG)CTL_CODE(FILE_DEVICE_EDDrv, 0x11, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define EDDrv_userinvalid (ULONG)CTL_CODE(FILE_DEVICE_EDDrv, 0x12, METHOD_BUFFERED, FILE_ANY_ACCESS)


#pragma pack(1)
typedef struct {
	ULONG	          seq;
    LARGE_INTEGER     time;
	char	          text[0];
} ENTRY, *PENTRY;
#pragma pack()

#define MAXFILTERLEN 256


typedef struct {
    char     processfilter[MAXFILTERLEN];
	char     excludeprocess[MAXFILTERLEN];
    char     pathfilter[MAXFILTERLEN];
    char     excludefilter[MAXFILTERLEN];
    BOOLEAN  logreads;
    BOOLEAN  logwrites;
} FILTER, *PFILTER;


typedef enum {
    STANDARD,
    NPFS,
    MSFS
} FILE_SYSTEM_TYPE, *PFILE_SYSTEM_TYPE;



#ifndef PAGE_SIZE
#if defined(_ALPHA_)
#define PAGE_SIZE 0x2000  
#else
#define PAGE_SIZE 0x1000  
#endif
#endif


#define MAX_STORE       ((ULONG)(64*0x1000-(2*sizeof(ULONG)+1)))