pa_sys.h

基于Passthru的扩展

#ifndef _PA_SYS_H_
#define  _PA_SYS_H_


NTSTATUS
PA_Create(
		  IN PDEVICE_OBJECT  DeviceObject,
		  IN PIRP            pIrp
		  );

NTSTATUS
PA_Cleanup(
		   IN PDEVICE_OBJECT  DeviceObject,
		   IN PIRP            pIrp
		   );

NTSTATUS
PA_Close(
		 IN PDEVICE_OBJECT   DeviceObject,
		 IN PIRP             pIrp
		 );

NTSTATUS 
PA_DevIoControl(
				IN PDEVICE_OBJECT  Device_Object,
				IN PIRP            pIrp
			 );

void 
CopyPacket2Buffer(
				  IN PNDIS_PACKET pPacket,
				  IN OUT PUCHAR pBuff,
				  IN OUT PUINT pLength
				  );


VOID         ThreadPacketLogger();
NTSTATUS	 InitThreadPacketLogger();

VOID CurCapIPTime(PTIME_FIELDS pTime);

//
//User Add Struct
//

typedef struct _Packet_Data_ 
{
	LIST_ENTRY  ListEntry;

	PTIME_FIELDS  CurCapIPTime;

	PUCHAR IPBuffer;

}Packet_Data,*pPacket_Data;


typedef struct _Global_ 
{
	BOOLEAN StartCapFlag;

	PETHREAD pThreadObj;			
	BOOLEAN bThreadTerminate;		
	HANDLE hLogFile;				

	KSEMAPHORE semQueue;
	KSPIN_LOCK lockQueue;
	LIST_ENTRY QueueListHead;

}Global,*pGlobal;

extern pGlobal pGBSYS;

//IP Packet Format

typedef struct _IPPacket
{
	// Ethernet
	unsigned char  targ_hw_addr[6];	// 目的地址，6字节。
	unsigned char  src_hw_addr[6];	// 源地址，6字节。
	unsigned char  H_frame_type;
	unsigned char  L_frame_type;
	// IP
	unsigned char h_verlen;           //4位首部长度,4位IP版本号
	unsigned char tos;                //8位服务类型TOS
	unsigned short total_len;         //16位总长度（字节）
	unsigned short ident;             //16位标识
	unsigned short frag_and_flags;    //3位标志位和13位偏移
	unsigned char  ttl;               //8位生存时间 TTL
	unsigned char proto;              //8位协议 (1->ICMP, 2->IGMP, 6->TCP, 17->UDP)
	unsigned short checksum;          //16位IP首部校验和
	unsigned char sourceIP[4];            //32位源IP地址
	unsigned char destIP[4];              //32位目的IP地址
}IP_Packet, *PIPPacket;

//
//End User Struct
//


#endif