📄 packet32.c
字号:
CHAR Ebuf[AIRPCAP_ERRBUF_SIZE];
LPADAPTER lpAdapter;
//
// Make sure that the airpcap API has been linked
//
if(!g_PAirpcapOpen)
{
return NULL;
}
lpAdapter = (LPADAPTER) GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,
sizeof(ADAPTER));
if (lpAdapter == NULL)
{
return NULL;
}
//
// Indicate that this is a aircap card
//
lpAdapter->Flags = INFO_FLAG_AIRPCAP_CARD;
//
// Open the adapter
//
lpAdapter->AirpcapAd = g_PAirpcapOpen(AdapterName, Ebuf);
if(lpAdapter->AirpcapAd == NULL)
{
GlobalFreePtr(lpAdapter);
return NULL;
}
StringCchCopyA(lpAdapter->Name, ADAPTER_NAME_LENGTH, AdapterName);
return lpAdapter;
}
#endif // HAVE_AIRPCAP_API
#ifdef HAVE_NPFIM_API
static LPADAPTER PacketOpenAdapterNpfIm(PCHAR AdapterName)
{
LPADAPTER lpAdapter;
lpAdapter = (LPADAPTER) GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,
sizeof(ADAPTER));
if (lpAdapter == NULL)
{
return NULL;
}
//
// Indicate that this is a aircap card
//
lpAdapter->Flags = INFO_FLAG_NPFIM_DEVICE;
//
// Open the adapter
//
if (g_NpfImHandlers.NpfImOpenDevice(AdapterName, (NPF_IM_DEV_HANDLE*)&lpAdapter->NpfImHandle) == FALSE)
{
GlobalFreePtr(lpAdapter);
return NULL;
}
StringCchCopyA(lpAdapter->Name, ADAPTER_NAME_LENGTH, AdapterName);
return lpAdapter;
}
#endif // HAVE_NpfIm_API
/*!
\brief Opens an adapter using the DAG capture API.
\param AdapterName A string containing the name of the device to open.
\return If the function succeeds, the return value is the pointer to a properly initialized ADAPTER object,
otherwise the return value is NULL.
\note internal function used by PacketOpenAdapter()
*/
#ifdef HAVE_DAG_API
static LPADAPTER PacketOpenAdapterDAG(PCHAR AdapterName, BOOLEAN IsAFile)
{
CHAR DagEbuf[DAGC_ERRBUF_SIZE];
LPADAPTER lpAdapter;
LONG status;
HKEY dagkey;
DWORD lptype;
DWORD fpc;
DWORD lpcbdata = sizeof(fpc);
WCHAR keyname[512];
PWCHAR tsn;
TRACE_ENTER("PacketOpenAdapterDAG");
lpAdapter = (LPADAPTER) GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,
sizeof(ADAPTER));
if (lpAdapter == NULL)
{
TRACE_PRINT("GlobalAlloc failed allocating memory for the ADAPTER structure");
TRACE_EXIT("PacketOpenAdapterDAG");
return NULL;
}
if(IsAFile)
{
// We must add an entry to the adapter description list, otherwise many function will not
// be able to work
if(!PacketAddAdapterDag(AdapterName, "DAG file", IsAFile))
{
TRACE_PRINT("Failed adding the Dag file to the list of adapters");
TRACE_EXIT("PacketOpenAdapterDAG");
GlobalFreePtr(lpAdapter);
return NULL;
}
// Flag that this is a DAG file
lpAdapter->Flags = INFO_FLAG_DAG_FILE;
}
else
{
// Flag that this is a DAG card
lpAdapter->Flags = INFO_FLAG_DAG_CARD;
}
//
// See if the user is asking for fast capture with this device
//
lpAdapter->DagFastProcess = FALSE;
tsn = (strstr(strlwr((char*)AdapterName), "dag") != NULL)?
SChar2WChar(strstr(strlwr((char*)AdapterName), "dag")):
L"";
StringCchPrintfW(keyname, sizeof(keyname)/sizeof(keyname[0]), L"%s\\CardParams\\%ws",
L"SYSTEM\\CurrentControlSet\\Services\\DAG",
tsn);
GlobalFreePtr(tsn);
do
{
status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, keyname, 0 , KEY_READ, &dagkey);
if(status != ERROR_SUCCESS)
break;
status = RegQueryValueEx(dagkey,
L"FastCap",
NULL,
&lptype,
(LPBYTE)&fpc,
&lpcbdata);
if(status == ERROR_SUCCESS)
lpAdapter->DagFastProcess = fpc;
RegCloseKey(dagkey);
}
while(FALSE);
TRACE_PRINT("Trying to open the DAG device...");
//
// Open the card
//
lpAdapter->pDagCard = g_p_dagc_open(AdapterName,
0,
DagEbuf);
if(lpAdapter->pDagCard == NULL)
{
TRACE_PRINT("Failed opening the DAG device");
TRACE_EXIT("PacketOpenAdapterDAG");
GlobalFreePtr(lpAdapter);
return NULL;
}
lpAdapter->DagFcsLen = g_p_dagc_getfcslen(lpAdapter->pDagCard);
StringCchCopyA(lpAdapter->Name, ADAPTER_NAME_LENGTH, AdapterName);
// XXX we could create the read event here
TRACE_PRINT("Successfully opened the DAG device");
TRACE_EXIT("PacketOpenAdapterDAG");
return lpAdapter;
}
#endif // HAVE_DAG_API
//---------------------------------------------------------------------------
// PUBLIC API
//---------------------------------------------------------------------------
/** @ingroup packetapi
* @{
*/
/** @defgroup packet32 Packet.dll exported functions and variables
* @{
*/
/*!
\brief Return a string with the dll version.
\return A char pointer to the version of the library.
*/
PCHAR PacketGetVersion()
{
TRACE_ENTER("PacketGetVersion");
TRACE_EXIT("PacketGetVersion");
return PacketLibraryVersion;
}
/*!
\brief Return a string with the version of the NPF.sys device driver.
\return A char pointer to the version of the driver.
*/
PCHAR PacketGetDriverVersion()
{
TRACE_ENTER("PacketGetDriverVersion");
TRACE_EXIT("PacketGetDriverVersion");
return PacketDriverVersion;
}
/*!
\brief Stops and unloads the WinPcap device driver.
\return If the function succeeds, the return value is nonzero, otherwise it is zero.
This function can be used to unload the driver from memory when the application no more needs it.
Note that the driver is physically stopped and unloaded only when all the files on its devices
are closed, i.e. when all the applications that use WinPcap close all their adapters.
*/
BOOL PacketStopDriver()
{
SC_HANDLE scmHandle;
SC_HANDLE schService;
BOOL ret;
SERVICE_STATUS serviceStatus;
CHAR NpfDriverName[MAX_WINPCAP_KEY_CHARS] = NPF_DRIVER_NAME;
//
// Old registry based WinPcap names
//
// CHAR NpfDriverName[MAX_WINPCAP_KEY_CHARS];
// UINT RegQueryLen;
TRACE_ENTER("PacketStopDriver");
ret = FALSE;
//
// Old registry based WinPcap names
//
// // Create the NPF device name from the original device name
// RegQueryLen = sizeof(NpfDriverName)/sizeof(NpfDriverName[0]);
//
// if (QueryWinPcapRegistryStringA(NPF_DRIVER_NAME_REG_KEY, NpfDriverName, &RegQueryLen, NPF_DRIVER_NAME) == FALSE && RegQueryLen == 0)
// return FALSE;
scmHandle = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
if(scmHandle != NULL){
TRACE_PRINT("Opened the SCM");
schService = OpenServiceA (scmHandle,
NpfDriverName,
SERVICE_ALL_ACCESS
);
if (schService != NULL)
{
TRACE_PRINT("Opened the NPF service in the SCM");
ret = ControlService (schService,
SERVICE_CONTROL_STOP,
&serviceStatus
);
if (!ret)
{
TRACE_PRINT("Failed to stop the NPF service");
}
else
{
TRACE_PRINT("NPF service stopped");
}
CloseServiceHandle (schService);
CloseServiceHandle(scmHandle);
}
}
TRACE_EXIT("PacketStopDriver");
return ret;
}
/*!
\brief Opens an adapter.
\param AdapterName A string containing the name of the device to open.
Use the PacketGetAdapterNames() function to retrieve the list of available devices.
\return If the function succeeds, the return value is the pointer to a properly initialized ADAPTER object,
otherwise the return value is NULL.
*/
LPADAPTER PacketOpenAdapter(PCHAR AdapterNameWA)
{
LPADAPTER lpAdapter = NULL;
PCHAR AdapterNameA = NULL;
BOOL bFreeAdapterNameA;
#ifndef _WINNT4
PADAPTER_INFO TAdInfo;
#endif //_WINNT4
DWORD dwLastError = ERROR_SUCCESS;
TRACE_ENTER("PacketOpenAdapter");
TRACE_PRINT_OS_INFO();
TRACE_PRINT2("Packet DLL version %s, Driver version %s", PacketLibraryVersion, PacketDriverVersion);
//
// Check the presence on some libraries we rely on, and load them if we found them
//
PacketLoadLibrariesDynamically();
//
// Ugly heuristic to detect if the adapter is ASCII
//
if(AdapterNameWA[1]!=0)
{
//
// ASCII
//
bFreeAdapterNameA = FALSE;
AdapterNameA = AdapterNameWA;
}
else
{
//
// Unicode
//
size_t bufferSize = wcslen((PWCHAR)AdapterNameWA) + 1;
AdapterNameA = GlobalAllocPtr(GPTR, bufferSize);
if (AdapterNameA == NULL)
{
SetLastError(ERROR_NOT_ENOUGH_MEMORY);
return NULL;
}
StringCchPrintfA(AdapterNameA, bufferSize, "%ws", (PWCHAR)AdapterNameWA);
bFreeAdapterNameA = TRUE;
}
#ifndef _WINNT4
WaitForSingleObject(g_AdaptersInfoMutex, INFINITE);
#endif // not WINNT4
do
{
#ifndef _WINNT4
//
// Windows NT4 does not have support for the various nifty
// adapters supported from 2000 on (airpcap, ndiswan, npfim...)
// so we just skip all the magic of the global adapter list,
// and try to open the adapter with PacketOpenAdapterNPF at
// the end of this big function!
//
//
// If we are here it's because we need to update the list
//
TRACE_PRINT("Looking for the adapter in our list 1st time...");
// Find the PADAPTER_INFO structure associated with this adapter
TAdInfo = PacketFindAdInfo(AdapterNameA);
if(TAdInfo == NULL)
{
TRACE_PRINT("Adapter not found in our list. Try to refresh the list.");
PacketUpdateAdInfo(AdapterNameA);
TAdInfo = PacketFindAdInfo(AdapterNameA);
TRACE_PRINT("Looking for the adapter in our list 2nd time...");
}
if(TAdInfo == NULL)
{
#ifdef HAVE_DAG_API
TRACE_PRINT("Adapter not found in our list. Try to open it as a DAG/ERF file...");
//can be an ERF file?
lpAdapter = PacketOpenAdapterDAG(AdapterNameA, TRUE);
#endif // HAVE_DAG_API
if (lpAdapter == NULL)
{
TRACE_PRINT("Failed to open it as a DAG/ERF file, failing with ERROR_BAD_UNIT");
dwLastError = ERROR_BAD_UNIT; //this is the best we can do....
}
else
{
TRACE_PRINT("Opened the adapter as a DAG/ERF file.");
}
break;
}
TRACE_PRINT("Adapter found in our list. Check adapter type and see if it's actually supported.");
#ifdef HAVE_WANPACKET_API
if(TAdInfo->Flags == INFO_FLAG_NDISWAN_ADAPTER)
{
lpAdapter = PacketOpenAdapterWanPacket(AdapterNameA);
if (lpAdapter == NULL)
{
dwLastError = GetLastError();
}
break;
}
#endif //HAVE_WANPACKET_API
#ifdef HAVE_AIRPCAP_API
if(TAdInfo->Flags == INFO_FLAG_AIRPCAP_CARD)
{
//
// This is an airpcap card. Open it using the airpcap api
//
lpAdapter = PacketOpenAdapterAirpcap(AdapterNameA);
if(lpAdapter == NULL)
{
dwLastError = ERROR_BAD_UNIT;
break;
}
//
// Airpcap provides a read event
//
if(!g_PAirpcapGetReadEvent(lpAdapter->AirpcapAd, &lpAdapter->ReadEvent))
{
PacketCloseAdapter(lpAdapter);
dwLastError = ERROR_BAD_UNIT;
}
else
{
dwLastError = ERROR_SUCCESS;
}
break;
}
#endif // HAVE_AIRPCAP_API
#ifdef HAVE_NPFIM_API
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -