📄 csdn_文档中心_开发基于windows2000-xp的防火墙.htm

📁 csdn10年中间经典帖子
💻 HTM
📖 第 1 页 / 共 4 页
字号:
            {<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            SetFilterFunction(cbFilterFunction);<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN 
            class=cpp-keyword>break</SPAN>;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            }<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-comment><FONT color=#3cc472>// ioctl to stop 
            filtering</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-keyword>case</SPAN> 
            STOP_IP_HOOK:<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            {<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            SetFilterFunction(NULL);<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN 
            class=cpp-keyword>break</SPAN>;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            }<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-comment><FONT color=#3cc472>// ioctl to add a filter 
            rule</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-keyword>case</SPAN> 
            ADD_FILTER:<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            {<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-keyword>if</SPAN>(inputBufferLength == <SPAN 
            class=cpp-keyword>sizeof</SPAN>(IPFilter))<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            {<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            IPFilter 
            *nf;<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            nf = (IPFilter 
            *)ioBuffer;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            AddFilterToList(nf);<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            }<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN 
            class=cpp-keyword>break</SPAN>;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            }<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-comment><FONT color=#3cc472>// ioctl to free filter rule 
            list</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-keyword>case</SPAN> 
            CLEAR_FILTER:<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            {<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            ClearFilterList();<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN 
            class=cpp-keyword>break</SPAN>;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            }<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-keyword>default</SPAN>:<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            Irp-&gt;IoStatus.Status = 
            STATUS_INVALID_PARAMETER;<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            dprintf(<SPAN class=cpp-string>"DrvFltIp.SYS: unknown 
            IRP_MJ_DEVICE_CONTROL\n"</SPAN>);<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-keyword>break</SPAN>;<BR>&nbsp;&nbsp;&nbsp; 
            }<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-keyword>break</SPAN>;<BR>&nbsp;&nbsp;&nbsp; 
            }<BR><BR><BR>&nbsp;&nbsp;&nbsp; ntStatus = 
            Irp-&gt;IoStatus.Status;<BR><BR>&nbsp;&nbsp;&nbsp; 
            IoCompleteRequest(Irp, IO_NO_INCREMENT);<BR><BR>&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-comment><FONT color=#3cc472>// We never have pending 
            operation so always return the status 
            code.</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-keyword>return</SPAN> ntStatus;<BR>}<BR><BR><BR>VOID 
            DrvUnload(IN PDRIVER_OBJECT DriverObject)<BR>{<BR>&nbsp;&nbsp;&nbsp; 
            UNICODE_STRING deviceLinkUnicodeString;<BR><BR>&nbsp;&nbsp;&nbsp; 
            dprintf(<SPAN class=cpp-string>"DrvFltIp.SYS: 
            Unloading\n"</SPAN>);<BR><BR>&nbsp;&nbsp;&nbsp; 
            SetFilterFunction(NULL);<BR><BR>&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-comment><FONT color=#3cc472>// Free any 
            resources</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp; 
            ClearFilterList();<BR>&nbsp;&nbsp; <BR>&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-comment><FONT color=#3cc472>// Delete the symbolic 
            link</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp; 
            RtlInitUnicodeString(&amp;deviceLinkUnicodeString, 
            DOS_DEVICE_NAME);<BR>&nbsp;&nbsp;&nbsp; 
            IoDeleteSymbolicLink(&amp;deviceLinkUnicodeString);<BR><BR>&nbsp;&nbsp;&nbsp; 
            <BR>&nbsp;&nbsp;&nbsp; <SPAN class=cpp-comment><FONT 
            color=#3cc472>// Delete the device 
            object</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp; 
            IoDeleteDevice(DriverObject-&gt;DeviceObject);<BR>}</FONT></P>
            <P>我们已经完成驱动程序主体代码，接下来将是过滤钩子代码。<BR>注册过滤功能函数<BR>&nbsp;&nbsp;&nbsp; 
            在上面的代码中，我们已经看到了调用SetFilterFunction(...)函数，现在我们将实现这个注册IP过</P>
            <P>虑功能函数，他将分以下几步实现。<BR>1、首先，我们必须得到一个IP过滤驱动的指针，那需要驱动已正确安装且已经运行起来。现在假设在加载</P>
            <P>这个驱动之前我的用户应用程序将加载并起动IP过滤驱动。<BR>2、我们必须建立一个特定的IRP包含IOCTL_PF_SET_EXTENSION_POINTER的控制码。我们还得必须传送参数</P>
            <P>如PF_SET_EXTENSION_HOOK_INFO结构来包含过滤函数指针。如果你要卸载函数，你得采取同样的步骤传送</P>
            <P>一个NULL指针来取代过滤函数。<BR>3、传送刚建立的IRP到设备驱动程序。<BR>这里关于驱动的大问题，就是一次只能安装一个过滤功能函数。因此如果其它应用程序已安装了一个，那</P>
            <P>么你的将不能被安装上。<BR>&nbsp;&nbsp;&nbsp; 接下来的代码我将出示该函数。</P>
            <P><FONT face="Courier New">NTSTATUS 
            SetFilterFunction<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            (PacketFilterExtensionPtr filterFunction)<BR>{<BR>&nbsp;&nbsp;&nbsp; 
            NTSTATUS status = STATUS_SUCCESS, 
            waitStatus=STATUS_SUCCESS;<BR>&nbsp;&nbsp;&nbsp; UNICODE_STRING 
            filterName;<BR>&nbsp;&nbsp;&nbsp; PDEVICE_OBJECT 
            ipDeviceObject=NULL;<BR>&nbsp;&nbsp;&nbsp; PFILE_OBJECT 
            ipFileObject=NULL;<BR><BR>&nbsp;&nbsp;&nbsp; 
            PF_SET_EXTENSION_HOOK_INFO filterData;<BR><BR>&nbsp;&nbsp;&nbsp; 
            KEVENT event;<BR>&nbsp;&nbsp;&nbsp; IO_STATUS_BLOCK 
            ioStatus;<BR>&nbsp;&nbsp;&nbsp; PIRP irp;<BR><BR>&nbsp;&nbsp;&nbsp; 
            dprintf(<SPAN class=cpp-string>"Getting pointer to 
            IpFilterDriver\n"</SPAN>);<BR><BR>&nbsp;&nbsp;&nbsp; <FONT 
            color=#3cc472><SPAN class=cpp-comment>//first of all, we have to get 
            a pointer to IpFilterDriver 
            Device</SPAN><BR></FONT>&nbsp;&nbsp;&nbsp; 
            RtlInitUnicodeString(&amp;filterName, 
            DD_IPFLTRDRVR_DEVICE_NAME);<BR>&nbsp;&nbsp;&nbsp; status = 
            IoGetDeviceObjectPointer(&amp;filterName,STANDARD_RIGHTS_ALL, 
            <BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            &amp;ipFileObject, &amp;ipDeviceObject);<BR><BR>&nbsp;&nbsp;&nbsp; 
            <SPAN 
            class=cpp-keyword>if</SPAN>(NT_SUCCESS(status))<BR>&nbsp;&nbsp;&nbsp; 
            {<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-comment><FONT color=#3cc472>//initialize the struct with 
            functions 
            parameters</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            filterData.ExtensionPointer = 
            filterFunction;<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <FONT color=#3cc472><SPAN class=cpp-comment>//we need initialize the 
            event used later by 
            </SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-comment>//the IpFilterDriver to signal 
            us</SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-comment>//when it finished its 
            work</SPAN></FONT><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            KeInitializeEvent(&amp;event, NotificationEvent, 
            FALSE);<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-comment><FONT color=#3cc472>//we build the irp needed to 
            establish fitler 
            function</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            irp = IoBuildDeviceIoControlRequest(IOCTL_PF_SET_EXTENSION_POINTER, 
            <BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            ipDeviceObject,<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-keyword>if</SPAN>(irp != 
            NULL)<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            {<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-comment><FONT color=#3cc472>// we send the 
            IRP</FONT></SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            status = IoCallDriver(ipDeviceObject, 
            irp);<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <FONT color=#3cc472><SPAN class=cpp-comment>//and finally, we wait 
            for 
            </SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-comment>//"acknowledge" of IpFilter 
            Driver</SPAN></FONT><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-keyword>if</SPAN> (status == STATUS_PENDING) 
            <BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            {<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            waitStatus = KeWaitForSingleObject(&amp;event, 
            <BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            Executive, KernelMode, FALSE, 
            NULL);<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-keyword>if</SPAN> (waitStatus != STATUS_SUCCESS ) 
            <BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            dprintf(<SPAN class=cpp-string>"Error waiting for IpFilterDriver 
            response."</SPAN>);<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            }<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            status = 
            ioStatus.Status;<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN 
            class=cpp-keyword>if</SPAN>(!NT_SUCCESS(status))<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            dprintf(<SPAN class=cpp-string>"Error, IO error with 
            ipFilterDriver\n"</SPAN>);<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            }<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <SPAN 
            class=cpp-keyword>else</SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            {<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <FONT color=#3cc472><SPAN class=cpp-comment>//if we cant allocate 
            the space, 
            </SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            <SPAN class=cpp-comment>//we return the corresponding code 
            error</SPAN><BR></FONT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            status = 
            STATUS_INSUFFICIENT_RESOURCES;<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
            dprintf(<SPAN class=cpp-string>"Error building IpFilterDriver
💿 文件大小 5861 K
👤 上传用户 chengshengwu123
📂 所属分类其他书籍
🏷️ 相关标签

#csdn #10
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -