📄 psmfirew.~dpr
字号:
//fn: array[0..MAX_PATH-1] of char;
msg:string;
Permit,i: Byte;
strPermit: String;
inRecent: BOOL;
IPPort:String;
CurrentTick: Cardinal;
HMapMutex: THandle;
tmpTotal: DWORD;
strDomain: ShortString;
Begin
Result:=True;
try
if (PMapData=nil) and not MapOpened then Openmap;
if (PMapData=nil) or (PMapData^.boNewRule[MyProcessID]=2) then exit;//FW is stopped
if (PMapData<>nil) and (PMapData^.boNewRule[MyProcessID]=1) then begin
PMapData^.boNewRule[MyProcessID]:=0;
LoadRules;
end;
inRecent:=False;
IPPort:=ip+':'+IntToStr(Port);
For i:=0 to MAX_HIS do
Begin
if IPPort = Allow[i] then
Begin
Result:=True;
inRecent:=True;
Break;
End
else if IPPort=Deny[i] then
Begin
Result:=False;
inRecent:=True;
Break;
End;
End;
if not inRecent then
Begin
//SendIpcMessage('PSMFirewall', Pchar(' New IP/Port'),Length(' New IP/Port'),nil,0,IGNORE, TRUE);
SendIpcMessage('PSMFirewall', Pchar(' New IP/Port'#0),Length(' New IP/Port'#0),nil,0);
Permit:=CheckPermission(ip,port);
Case Level of
0:Begin
if Permit=0 then Result:=False;
End;
{
1:Begin
if Permit=1 then Result:=True
else if Permit=0 then result:=False
else if (port<>34223) then Result:=True
else Result:=False;
End;
}
1:Begin
if Permit=1 then Result:=True
else if Permit=0 then result:=False
else if (ip='127.0.0.1')
or (ip='0.0.0.0')//service.exe
or (ip='0.0.7.0')//service.exe
or (port<140)//Major port such as FTP, Telnet, HTTP, etc.
or (port=443)//ssl(for yessign certificate)
or (port=444)//snpp, Simple Network Paging Protocol
or (port=520)//RIP (Routing Information Protocol)
or (port=545)//QuickTime
or (port=554)//Real Time Streaming Protocol
or (port=563)//NNTP over SSL
or (port=631)//IPP (Internet Printing Protocol)
or (port=1352)//Lotus Notes
or (port=1433)//Microsoft SQL Server
or (port=1434)//Microsoft SQL Monitor
or (port=1521)//Oracle SQL
or (port=1755)//Windows Media .asf
or (port=1863)//MSM Messenger
or (port=2048)//Printer
or (port=3306)//mySQL
or (port=3389)//RDP Protocol (Terminal Server)
or (port=4000)//icq, command-n-conquer
or (port=4098)//SignKorea Cer.
or (port=4333)//mSQL
or (port=4608)//icq
or (port=5050)//Yahoo Messenger
or (port=5120)//Woori Bank Cer. Manager - Client SM
or (port=5190)//icq
or (port=5631)//PCAnywhere data
or (port=5632)//PCAnywhere
or (port=7007)//MSBD, Windows Media encoder
or (port=7070)//RealServer/QuickTime
or (port=8080)//HTTP
or (port=8181)//HTTP
or (port=8383)//IMail WWW
or (port=35072)////Woori Bank Cer. Manager - Client SM (When disconnecting)
or (port=63860)//Yahoo Pops
or (pos('\inetinfo.exe',DllPath)>0)//Web Server
or (pos('\services.exe',DllPath)>0)//services
or (pos('\rpcss.exe',DllPath)>0)//RPC
or (pos('\spoolsv.exe',DllPath)>0)//NetPrinter
or (pos('\isaferupdate.exe',DllPath)>0)//iSaferUpdate.exe
then Result:=True
else Result:=False;
End;
2:Begin
if Permit<>1 then Result:=False;
End;
end;
if Result then
Begin
Allow[iAllow]:=IPPort;//ip + ':' + IntToStr(Port);
iAllow:=(iAllow + 1) mod (MAX_HIS+1);
end
else
Begin
Deny[iDeny]:=IPPort;//ip + ':' + IntToStr(Port);
iDeny:=(iDeny + 1) mod (MAX_HIS+1);
End;
End;
if Result then strPermit:='ALLOW'
else Begin strPermit:= 'DENY'; End;//SysUtils.Beep;
CurrentTick:=GetTickCount();
if ((IPPort <> oldIPPort) or ((CurrentTick-oldTime)>1000)) and ((CurrentTick-stopT)>2000) and (ip<>'0.0.0.0') and (ip<>'127.0.0.1') and (Port<>0) then// 1000 ms// or (Direction='IN') or (Direction='OUT')
Begin
dT:=dT+(CurrentTick-oldTime);
inc(dM);
if (dT>10) and ((dM/dT)>(5/1000)) then stopT:=CurrentTick;
if (dT>1000)or(stopT=CurrentTick) then begin dT:=0; dM:=0; end;
oldTime:=CurrentTick;
oldIPPort:=IPPort;
tmpTotal:=0;
HMapMutex := CreateMutex(nil, false, pchar('PSMFirewallDLLShareMemMutex'));
if HMapMutex <> 0 then begin
if WaitForSingleObject(HMapMutex,REQUEST_TIMEOUT) = WAIT_OBJECT_0 then begin
if (PMapData<>nil) then begin
PMapData^.dwTotalBytes:=PMapData^.dwTotalBytes + (bSen + bRec - bTotal);
tmpTotal:=PMapData^.dwTotalBytes;
bTotal:=bSen + bRec;
end;
end;
ReleaseMutex(HMapMutex);
CloseHandle(HMapMutex);
end;
GetLocalTime(t);
strDomain:=ip;
for i:=0 to MAX_DOMAIN_HIS do if ip=DomainIP[i] then begin
strDomain:=DomainName[i];
break;
end;
msg:=AnsiReplaceStr(Format('%2d:%2d:%2d:%3d', [t.wHour, t.wMinute, t.wSecond, t.wMilliseconds]),' ','0') + #9 + Direction + #9 + strPermit + #9 + ip + #9 + IntToStr(port) + #9 + DllPath + #9 + IntToStr(bRec) + #9 + IntToStr(bSen) + #9 + IntToStr(tmpTotal) + #9 + IntToStr(s) + #9 + strDomain + #9 + IntToStr(LocalPort);
//SendIpcMessage('PSMFirewall', Pchar(msg),strlen(Pchar(msg)),nil,0,IGNORE, TRUE);
SendIpcMessage('PSMFirewall', Pchar(msg + #0),Length(msg + #0),nil,0);
End;
{
GetSystemDirectory(fn,MAX_PATH);
strcat(fn,'\LogFiles\PSMFireW');
if not DirectoryExists(fn) then MkDir(fn);
StrCat(fn,Pchar('\' + AnsiReplaceStr(Format('%4d%2d%2d%s', [t.wYear, t.wMonth, t.wDay, '.log']),' ','0')));
AssignFile(f,fn);
if FileExists(fn) then
Append(f)
else
Rewrite(f);
writeln(f,AnsiReplaceStr(Format('%2d:%2d:%2d', [t.wHour, t.wMinute, t.wSecond]),' ','0') + #9 + name + #9 + Permission + #9 + ip + #9 + ':' + IntToStr(port) + #9 + DllPath);
Flush(f);
CloseFile(f);
}
Except
//SendIpcMessage('PSMFirewall', Pchar(' Error at WriteLog(): ' + IntToStr(GetLastError())),Length(' Error at WriteLog(): ' + IntToStr(GetLastError())),nil,0,IGNORE, TRUE);
SendIpcMessage('PSMFirewall', Pchar(' Error at WriteLog(): ' + IntToStr(GetLastError()) + #0),Length(' Error at WriteLog(): ' + IntToStr(GetLastError()) + #0),nil,0);
SysUtils.Beep;
End;
End;
Function acceptCallback(s: TSocket; addr: PSockAddr; addrlen: PInteger): TSocket; stdcall;
Var
myresult: TSocket;
ip: string;
port: integer;
localport: integer;
Begin
try
if addr<>nil then begin
ip:=inet_ntoa(addr^.sin_addr);
port:=ntohs(addr^.sin_port);
end
else
GetIPAndPort(s,ip,port,localport);
if WriteLog(s, 'IN',ip,port, localport) then
Begin
if @acceptNext<>nil then
myresult:=acceptNext(s, addr, addrlen)
else
myresult:=accept(s, addr, addrlen);
result:=myresult;
end
else
begin
WSASetLastError(WSAENETDOWN);
result:= INVALID_SOCKET;
end;
if @acceptNext<>nil then RenewHook(@acceptNext);
except
SendIpcMessage('PSMFirewall', Pchar(' Error at accept()'#0),length(' Error at accept()'#0) ,nil,0);
SysUtils.Beep;
WSASetLastError(WSAENETDOWN);
result:= INVALID_SOCKET;
end;
End;
Function connectCallback(s: TSocket; var name: TSockAddr; namelen: Integer): Integer; stdcall;
Var
myresult: Integer;
ip: string;
port: integer;
localport: Integer;
Begin
try
GetIPAndPort(s,ip,port,localport);
ip:=inet_ntoa(name.sin_addr);
port:=ntohs(name.sin_port);
if WriteLog(s,'OUT',ip,port,localport) then
Begin
if @connectNext<>nil then
myresult:=connectNext(s, name, namelen)
else
myresult:=connect(s, name, namelen);
result:=myresult;
end
else
begin
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
if @connectNext<>nil then RenewHook(@connectNext);
except
SendIpcMessage('PSMFirewall', Pchar(' Error at connect()'#0),length(' Error at connect()'#0) ,nil,0);
SysUtils.Beep;
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
End;
Function recvCallback(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
Var
myresult: Integer;
ip: string;
port: integer;
localport: Integer;
//HMapMutex: THandle;
Begin
try
GetIPAndPort(s,ip,port,localport);
bRec := bRec + DWORD(len);
{
if LockMap then if (PMapData <> nil) then
Begin
PMapData^:=PMapData^ + DWORD(len);
UnlockMap;
End;
}
{
HMapMutex := CreateMutex(nil, false, pchar('PSMFirewallShareMemMutex'));
if HMapMutex <> 0 then begin
if WaitForSingleObject(HMapMutex,REQUEST_TIMEOUT) <> WAIT_FAILED then begin
PMapData^:=PMapData^ + DWORD(len);
end;
ReleaseMutex(HMapMutex);
CloseHandle(HMapMutex);
end;
}
if WriteLog(s, 'IN',ip,port,localport)then//REC
begin
if @recvNext<>nil then myresult:=recvNext(s,Buf,len, flags)
else myresult:=recv(s,Buf,len, flags);
result:=myresult;
end
else
begin
//s:=INVALID_SOCKET; (must change Var s)
closesocket(s);
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
if @recvNext <> nil then RenewHook(@recvNext);
except
SendIpcMessage('PSMFirewall', Pchar(' Error at recv()'#0),length(' Error at recv()'#0) ,nil,0);
SysUtils.Beep;
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
End;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -