adinfo.c

Windows XP下的抓包程序实现

	if(IsAFile)
		TmpAdInfo->Flags = INFO_FLAG_DAG_FILE;
	else
		TmpAdInfo->Flags = INFO_FLAG_DAG_CARD;

	if(g_p_dagc_open)
		dagfd = g_p_dagc_open(name, 0, ebuf);
	else
		dagfd = NULL;

	if(!dagfd)
	{
		GlobalFreePtr(TmpAdInfo);
		TRACE_EXIT("PacketAddAdapterDag");
		return FALSE;
	}

	TmpAdInfo->LinkLayer.LinkType = g_p_dagc_getlinktype(dagfd);

	switch(g_p_dagc_getlinktype(dagfd)) 
	{
	case TYPE_HDLC_POS:
		TmpAdInfo->LinkLayer.LinkType = (UINT)NdisMediumCHDLC; // Note: custom linktype, NDIS doesn't provide an equivalent
		break;
	case -TYPE_HDLC_POS:
		TmpAdInfo->LinkLayer.LinkType = (UINT)NdisMediumPPPSerial; // Note: custom linktype, NDIS doesn't provide an equivalent
		break;
	case TYPE_ETH:
		TmpAdInfo->LinkLayer.LinkType = (UINT)NdisMedium802_3;
		break;
	case TYPE_ATM: 
		TmpAdInfo->LinkLayer.LinkType = (UINT)NdisMediumAtm;
		break;
	default:
		TmpAdInfo->LinkLayer.LinkType = (UINT)NdisMediumNull; // Note: custom linktype, NDIS doesn't provide an equivalent
		break;
	}			

	TmpAdInfo->LinkLayer.LinkSpeed = (g_p_dagc_getlinkspeed(dagfd) == -1)?
		100000000:  // Unknown speed, default to 100Mbit
	g_p_dagc_getlinkspeed(dagfd) * 1000000; 

	g_p_dagc_close(dagfd);

	WaitForSingleObject(g_AdaptersInfoMutex, INFINITE);

	// Update the AdaptersInfo list
	TmpAdInfo->Next = g_AdaptersInfoList;
	g_AdaptersInfoList = TmpAdInfo;

	ReleaseMutex(g_AdaptersInfoMutex);

	TRACE_EXIT("PacketAddAdapterDag");
	return TRUE;
}

/*!
  \brief Updates the list of the adapters using the DAGC API.
  \return If the function succeeds, the return value is nonzero.

  This function populates the list of adapter descriptions, looking for DAG cards on the system. 
*/
BOOLEAN PacketGetAdaptersDag()
{
	CHAR ebuf[DAGC_ERRBUF_SIZE];
	dagc_if_t *devs = NULL, *tmpdevs;
	UINT i;
	
	if(g_p_dagc_finddevs(&devs, ebuf))
		// No dag cards found on this system
		return FALSE;
	else
	{
		for(tmpdevs = devs, i=0; tmpdevs != NULL; tmpdevs = tmpdevs->next)
		{
			PacketAddAdapterDag(tmpdevs->name, tmpdevs->description, FALSE);
		}
	}
	
	g_p_dagc_freedevs(devs);
	
	return TRUE;
}
#endif // HAVE_DAG_API

/*!
\brief Find the information about an adapter scanning the global ADAPTER_INFO list.
  \param AdapterName Name of the adapter whose information has to be retrieved.
  \return If the function succeeds, the return value is non-null.
*/
PADAPTER_INFO PacketFindAdInfo(PCHAR AdapterName)
{
	//this function should NOT acquire the g_AdaptersInfoMutex, since it does return an ADAPTER_INFO structure
	PADAPTER_INFO TAdInfo;

	TRACE_ENTER("PacketFindAdInfo");
	
	if (g_AdaptersInfoList == NULL)
	{
		TRACE_PRINT("Repopulating the adapters info list...");
		PacketPopulateAdaptersInfoList();
	}

	TAdInfo = g_AdaptersInfoList;
	
	while(TAdInfo != NULL)
	{
		if(strcmp(TAdInfo->Name, AdapterName) == 0) 
		{
			TRACE_PRINT1("Found AdInfo for adapter %s", AdapterName);
			break;
		}

		TAdInfo = TAdInfo->Next;
	}

	if (TAdInfo == NULL)
	{
		TRACE_PRINT1("NOT found AdInfo for adapter %s", AdapterName);
	}

	TRACE_EXIT("PacketFindAdInfo");
	return TAdInfo;
}



/*!
  \brief Updates information about an adapter in the global ADAPTER_INFO list.
  \param AdapterName Name of the adapter whose information has to be retrieved.
  \return If the function succeeds, the return value is TRUE. A false value means that the adapter is no
  more valid or that it is disconnected.
*/
BOOLEAN PacketUpdateAdInfo(PCHAR AdapterName)
{
	//this function should acquire the g_AdaptersInfoMutex, since it's NOT called with an ADAPTER_INFO as parameter
	PADAPTER_INFO TAdInfo, PrevAdInfo;

#ifdef HAVE_WANPACKET_API
	CHAR	FakeNdisWanAdapterName[MAX_WINPCAP_KEY_CHARS] = FAKE_NDISWAN_ADAPTER_NAME;
#endif

//  
//	Old registry based WinPcap names
//
//	UINT	RegQueryLen;
//	CHAR	FakeNdisWanAdapterName[MAX_WINPCAP_KEY_CHARS];
//
//	// retrieve the name for the fake ndis wan adapter
//	RegQueryLen = sizeof(FakeNdisWanAdapterName)/sizeof(FakeNdisWanAdapterName[0]);
//	if (QueryWinPcapRegistryStringA(NPF_FAKE_NDISWAN_ADAPTER_NAME_REG_KEY, FakeNdisWanAdapterName, &RegQueryLen, FAKE_NDISWAN_ADAPTER_NAME) == FALSE && RegQueryLen == 0)
//		return FALSE;
	
	TRACE_ENTER("PacketUpdateAdInfo");

	TRACE_PRINT1("Updating adapter info for adapter %s", AdapterName);
	
	WaitForSingleObject(g_AdaptersInfoMutex, INFINITE);
	
	PrevAdInfo = TAdInfo = g_AdaptersInfoList;

	//
	// If an entry for this adapter is present in the list, we destroy it
	//
	while(TAdInfo != NULL)
	{
		if(strcmp(TAdInfo->Name, AdapterName) == 0)
		{
#ifdef HAVE_WANPACKET_API
			if (strcmp(AdapterName, FakeNdisWanAdapterName) == 0)
			{
				ReleaseMutex(g_AdaptersInfoMutex);
				TRACE_EXIT("PacketUpdateAdInfo");
				return TRUE;
			}
#endif
			if(TAdInfo == g_AdaptersInfoList)
			{
				g_AdaptersInfoList = TAdInfo->Next;
			}
			else
			{
				PrevAdInfo->Next = TAdInfo->Next;
			}

			if (TAdInfo->NetworkAddresses != NULL)
				GlobalFreePtr(TAdInfo->NetworkAddresses);
			GlobalFreePtr(TAdInfo);

			break;
		}

		PrevAdInfo = TAdInfo;

		TAdInfo = TAdInfo->Next;
	}

	ReleaseMutex(g_AdaptersInfoMutex);

	//
	// Now obtain the information about this adapter
	//
	if(PacketAddAdapterNPF(AdapterName, 0) == TRUE)
	{
		TRACE_EXIT("PacketUpdateAdInfo");
		return TRUE;
	}

#ifdef HAVE_IPHELPER_API
	PacketGetAdaptersIPH();
#endif //HAVE_IPHELPER_API

#ifdef HAVE_NPFIM_API
	if (g_hNpfImDll != NULL)
	{
		PacketGetAdaptersNpfIm();
	}
	else
	{
		TRACE_PRINT("NpfIm extension not available");
	}
#endif //HAVE_NPFIM_API	

#ifdef HAVE_AIRPCAP_API
	if (g_PAirpcapGetDeviceList != NULL)
	{
		PacketGetAdaptersAirpcap();
	}
	else
	{
		TRACE_PRINT("AirPcap extension not available");
	}
#endif

#ifdef HAVE_WANPACKET_API
	PacketAddFakeNdisWanAdapter();
#endif //HAVE_WANPACKET_API

#ifdef HAVE_DAG_API
	if(g_p_dagc_open != NULL)	
	{
		PacketGetAdaptersDag();
	}
	else
	{
		TRACE_PRINT("Dag extension not available");
	}
#endif // HAVE_DAG_API

	TRACE_EXIT("PacketUpdateAdInfo");
	return TRUE;
}

/*!
  \brief Populates the list of the adapters.

  This function populates the list of adapter descriptions, invoking first PacketGetAdapters() and then
  PacketGetAdaptersIPH(). 
*/
void PacketPopulateAdaptersInfoList()
{
	//this function should acquire the g_AdaptersInfoMutex, since it's NOT called with an ADAPTER_INFO as parameter
	PADAPTER_INFO TAdInfo;
	PVOID Mem1, Mem2;

	TRACE_ENTER("PacketPopulateAdaptersInfoList");

	WaitForSingleObject(g_AdaptersInfoMutex, INFINITE);

	if(g_AdaptersInfoList)
	{
		// Free the old list
		TAdInfo = g_AdaptersInfoList;
		while(TAdInfo != NULL)
		{
			Mem1 = TAdInfo->NetworkAddresses;
			Mem2 = TAdInfo;
			
			TAdInfo = TAdInfo->Next;
			
			if (Mem1 != NULL)
				GlobalFreePtr(Mem1);
			GlobalFreePtr(Mem2);
		}
		
		g_AdaptersInfoList = NULL;
	}

	//
	// Fill the new list
	//
	if(!PacketGetAdaptersNPF())
	{
		// No info about adapters in the registry. (NDIS adapters, i.e. exported by NPF)
		TRACE_PRINT("PacketPopulateAdaptersInfoList: registry scan for adapters failed!");
	}

#ifdef HAVE_IPHELPER_API
	if(!PacketGetAdaptersIPH())
	{
		// IP Helper API not present. We are under WinNT 4 or TCP/IP is not installed
		TRACE_PRINT("PacketPopulateAdaptersInfoList: failed to get adapters from the IP Helper API!");
	}
#endif //HAVE_IPHELPER_API

#ifdef HAVE_WANPACKET_API
	if (!PacketAddFakeNdisWanAdapter())
	{
		TRACE_PRINT("PacketPopulateAdaptersInfoList: adding fake NdisWan adapter failed.");
	}
#endif // HAVE_WANPACKET_API

#ifdef HAVE_AIRPCAP_API
	if(g_PAirpcapGetDeviceList)	// Ensure that the airpcap dll is present
	{
		if(!PacketGetAdaptersAirpcap())
		{
			TRACE_PRINT("PacketPopulateAdaptersInfoList: lookup of airpcap adapters failed!");
		}
	}
#endif // HAVE_AIRPCAP_API

#ifdef HAVE_NPFIM_API
	if (g_hNpfImDll != NULL)
	{
		if (!PacketGetAdaptersNpfIm()) // Ensure that the npfim dll is present
		{
			TRACE_PRINT("PacketPopulateAdaptersInfoList: lookup of NpfIm adapters failed!");
		}
	}
#endif //HAVE_NPFIM_API

#ifdef HAVE_DAG_API
	if(g_p_dagc_open != NULL)	
	{
		if(!PacketGetAdaptersDag())
		{
			// No info about adapters in the registry. 
			TRACE_PRINT("PacketPopulateAdaptersInfoList: lookup of dag cards failed!");
		}
	}
#endif // HAVE_DAG_API

	ReleaseMutex(g_AdaptersInfoMutex);
	TRACE_EXIT("PacketPopulateAdaptersInfoList");
}

#ifdef HAVE_WANPACKET_API

static BOOLEAN PacketAddFakeNdisWanAdapter()
{
	//this function should acquire the g_AdaptersInfoMutex, since it's NOT called with an ADAPTER_INFO as parameter
	PADAPTER_INFO TmpAdInfo, SAdInfo;
//  
//	Old registry based WinPcap names
//
//	CHAR DialupName[MAX_WINPCAP_KEY_CHARS];
//	CHAR DialupDesc[MAX_WINPCAP_KEY_CHARS];
//	UINT RegQueryLen;
	CHAR DialupName[MAX_WINPCAP_KEY_CHARS] = FAKE_NDISWAN_ADAPTER_NAME;
	CHAR DialupDesc[MAX_WINPCAP_KEY_CHARS] = FAKE_NDISWAN_ADAPTER_DESCRIPTION;

	TRACE_ENTER("PacketAddFakeNdisWanAdapter");

//  
//	Old registry based WinPcap names
//
//	//
//	// Get name and description of the wan adapter from the registry
//	//
//	RegQueryLen = sizeof(DialupName)/sizeof(DialupName[0]);
//	if (QueryWinPcapRegistryStringA(NPF_FAKE_NDISWAN_ADAPTER_NAME_REG_KEY, DialupName, &RegQueryLen, FAKE_NDISWAN_ADAPTER_NAME) == FALSE && RegQueryLen == 0)
//		return FALSE;
//	
//	RegQueryLen = sizeof(DialupDesc)/sizeof(DialupDesc[0]);
//	if (QueryWinPcapRegistryStringA(NPF_FAKE_NDISWAN_ADAPTER_DESC_REG_KEY, DialupDesc, &RegQueryLen, FAKE_NDISWAN_ADAPTER_DESCRIPTION) == FALSE && RegQueryLen == 0)
//		return FALSE;

	// Scan the adapters list to see if this one is already present
	if (!WanPacketTestAdapter())
	{
 		TRACE_PRINT("Cannot add the wan adapter, since it cannot be opened.");
  		//the adapter cannot be opened, we do not list it, but we return t
 		TRACE_EXIT("PacketAddFakeNdisWanAdapter");
  		return FALSE;
	}

	WaitForSingleObject(g_AdaptersInfoMutex, INFINITE);
	
	for(SAdInfo = g_AdaptersInfoList; SAdInfo != NULL; SAdInfo = SAdInfo->Next)
	{
		if(strcmp(DialupName, SAdInfo->Name) == 0)
		{
			TRACE_PRINT("PacketAddFakeNdisWanAdapter: Adapter already present in the list");
			ReleaseMutex(g_AdaptersInfoMutex);
			TRACE_EXIT("PacketAddFakeNdisWanAdapter");
			return TRUE;
		}
	}

	TmpAdInfo = GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT, sizeof(ADAPTER_INFO));
	if (TmpAdInfo == NULL) 
	{
		TRACE_PRINT("PacketAddFakeNdisWanAdapter: GlobalAlloc Failed allocating memory for the AdInfo structure");
		ReleaseMutex(g_AdaptersInfoMutex);
		TRACE_EXIT("PacketAddFakeNdisWanAdapter");
		return FALSE;
	}

	strncpy(TmpAdInfo->Name, DialupName, sizeof(TmpAdInfo->Name) - 1);
	strncpy(TmpAdInfo->Description, DialupDesc, sizeof(TmpAdInfo->Description) - 1);
	TmpAdInfo->LinkLayer.LinkType = NdisMedium802_3;
	TmpAdInfo->LinkLayer.LinkSpeed = 10 * 1000 * 1000; //we emulate a fake 10MBit Ethernet
	TmpAdInfo->Flags = INFO_FLAG_NDISWAN_ADAPTER;
	memset(TmpAdInfo->MacAddress,'0',6);
	TmpAdInfo->MacAddressLen = 6;
	TmpAdInfo->NetworkAddresses = NULL;
	TmpAdInfo->NNetworkAddresses = 0;

	TmpAdInfo->Next = g_AdaptersInfoList;
	g_AdaptersInfoList = TmpAdInfo;
	ReleaseMutex(g_AdaptersInfoMutex);

	TRACE_EXIT("PacketAddFakeNdisWanAdapter");
	return TRUE;
}

#endif //HAVE_WANPACKET_API