util.c

用Delphi实现的防火墙,可实现象天网一样的功能.

/////////////////////////////////////////////////////////////////////////////
//// INCLUDE FILES

#define MODULE_NAME "UTIL"
#include "precomp.h"
//#include "UTIL.h"
#include "DDKLBLInc.h"
#include "cons_def.h"
#include "fw_rule.h"
#include "PCAENET.H"
#include "fw_interface.h"
#include "driver.h"
#include <math.h>

extern struct Fw_Rules g_Rules;
extern struct Statistics  g_stat;
extern struct ip 		*g_pIPHeader;
extern struct tcphdr	*g_pTCPHeader;
extern struct udphdr	*g_pUDPHeader;
extern struct icmp		*g_pICMPHeader;
/*
extern struct All_Alarms	g_AllAlarm[MAX_CALL_NUM];
extern struct All_Logs		g_AllLog[MAX_CALL_NUM];

extern PFILE_OBJECT 		g_alarmfop;
extern PDEVICE_EXTENSION 	g_alarmpdx;
extern PFILE_OBJECT 		g_logfop;
extern PDEVICE_EXTENSION 	g_logpdx;
*/
USHORT  	alarm_num=0,log_num=0,acall_num=0,lcall_num=0;
//
// Force undef of VTOOLSD For Windows 98 DDK Build
// -----------------------------------------------
// See comments in PCAIPLCE.H.
//
#ifdef NO_VTOOLSD
#undef VTOOLSD
#endif

#ifndef VTOOLSD // For Windows 98 DDK Build
//#include <vmm.h>
//#pragma VxD_LOCKED_DATA_SEG
//#pragma VxD_LOCKED_CODE_SEG

//#define isprint(c) (((c) >= 0x20) && ((c) < 0x80))
#endif

// Copyright And Configuration Management ----------------------------------
//
//                      Utility Functions - Util.c
//      IP Link Characteristics Emulator Pseudo-Imtermediate (PIM) Driver
//
// Copyright (c) 1999-2001 Printing Communications Associates, Inc. (PCAUSA)
//
//                             Thomas F. Divine
//                           4201 Brunswick Court
//                        Smyrna, Georgia 30080 USA
//                              (770) 432-4580
//                            tdivine@pcausa.com
//
// End ---------------------------------------------------------------------

void*  UTIL_AllocateMemory(unsigned int size)
{
	PVOID ptr=NULL;
	ptr=ExAllocatePool(NonPagedPool , size);
	
	return ptr;
}

void  UTIL_FreeMemory(void* p)
{
	if (p)
		ExFreePool(p);
}

/////////////////////////////////////////////////////////////////////////////
//// UTIL_ReadOnPacket
//
// Purpose
// Logical read on the packet data in a NDIS_PACKET.
//
// Parameters
//
// Return Value
//
// Remarks
// The purpose of this function is to provide a convienient mechanism to
// read packet data from an NDIS_PACKET that may have multiple chained
// NDIS_BUFFERs.
//


VOID
UTIL_ReadOnPacket(
   PNDIS_PACKET Packet,
   PUCHAR lpBuffer,
   ULONG nNumberOfBytesToRead,
   ULONG nOffset,                // Byte Offset, Starting With MAC Header
   PULONG lpNumberOfBytesRead
   )
{
   PNDIS_BUFFER    CurrentBuffer;
   UINT            nBufferCount, TotalPacketLength;
   PUCHAR          VirtualAddress;
   UINT            CurrentLength, CurrentOffset;
   UINT            AmountToMove;

   *lpNumberOfBytesRead = 0;
   if (!nNumberOfBytesToRead)
      return;

   //
   // Query Packet
   //
   NdisQueryPacket(
      (PNDIS_PACKET )Packet,
      (PUINT )NULL,           // Physical Buffer Count
      (PUINT )&nBufferCount,  // Buffer Count
      &CurrentBuffer,         // First Buffer
      &TotalPacketLength      // TotalPacketLength
      );

   //
   // Query The First Buffer
   //
   NdisQueryBuffer(
      CurrentBuffer,
      &VirtualAddress,
      &CurrentLength
      );

   CurrentOffset = 0;

   while( nOffset || nNumberOfBytesToRead )
   {
      while( !CurrentLength )
      {
         NdisGetNextBuffer(
            CurrentBuffer,
            &CurrentBuffer
            );

         // If we've reached the end of the packet.  We return with what
         // we've done so far (which must be shorter than requested).
         if (!CurrentBuffer)
            return;

         NdisQueryBuffer(
            CurrentBuffer,
            &VirtualAddress,
            &CurrentLength
            );

         CurrentOffset = 0;
      }

      if( nOffset )
      {
         // Compute how much data to move from this fragment
         if( CurrentLength > nOffset )
            CurrentOffset = nOffset;
         else
            CurrentOffset = CurrentLength;

         nOffset -= CurrentOffset;
         CurrentLength -= CurrentOffset;
      }

      if( nOffset )
      {
         CurrentLength = 0;
         continue;
      }

      if( !CurrentLength )
      {
         continue;
      }

      // Compute how much data to move from this fragment
      if (CurrentLength > nNumberOfBytesToRead)
         AmountToMove = nNumberOfBytesToRead;
      else
         AmountToMove = CurrentLength;

      // Copy the data.
      NdisMoveMemory(
         lpBuffer,
         &VirtualAddress[ CurrentOffset ],
         AmountToMove
         );

      // Update destination pointer
      lpBuffer += AmountToMove;

      // Update counters
      *lpNumberOfBytesRead +=AmountToMove;
      nNumberOfBytesToRead -=AmountToMove;
      CurrentLength = 0;
   }
}

/////////////////////////////////////////////////////////////////////////////
//// UTIL_htonl
//
// Purpose
// Converts a ULONG from host to network byte order.
//
// Parameters
//
// Return Value
//
// Remarks
// ATTENTION!!! Must revise for non-Intel (Alpha) hosts.
//
// Why isn't this function named simply "htonl"? Possible confilct with
// system implementations available on some hosts, but possibly declared
// differently...
//

ULONG UTIL_htonl( ULONG hostlong )
{
	PUCHAR pBuffer;
	ULONG	nResult;
	UCHAR	c, *pResult;

	pBuffer = (PUCHAR )&hostlong;

	if( !pBuffer )
	{
		return( 0L );
	}

	pResult = (UCHAR * )&nResult;

	c = ((UCHAR * )pBuffer)[ 0 ];
	((UCHAR * )pResult)[ 0 ] = ((UCHAR * )pBuffer)[ 3 ];
	((UCHAR * )pResult)[ 3 ] = c;

	c = ((UCHAR * )pBuffer)[ 1 ];
	((UCHAR * )pResult)[ 1 ] = ((UCHAR * )pBuffer)[ 2 ];
	((UCHAR * )pResult)[ 2 ] = c;

	return( nResult );
}


/////////////////////////////////////////////////////////////////////////////
//// UTIL_htons
//
// Purpose
// Converts a USHORT from host to network byte order.
//
// Parameters
//
// Return Value
//
// Remarks
// ATTENTION!!! Must revise for non-Intel (Alpha) hosts.
//
// Why isn't this function named simply "htons"? Possible confilct with
// system implementations available on some hosts, but possibly declared
// differently...
//

USHORT UTIL_htons( USHORT hostshort )
{
	PUCHAR	pBuffer;
	USHORT	nResult;

	nResult = 0;
	pBuffer = (PUCHAR )&hostshort;

	nResult = ( (pBuffer[ 0 ] << 8) & 0xFF00 )
		| ( pBuffer[ 1 ] & 0x00FF );

	return( nResult );
}

/////////////////////////////////////////////////////////////////////////////
//// UTIL_ntohl
//
// Purpose
// Converts a ULONG from network to host byte order.
//
// Parameters
//
// Return Value
//
// Remarks
//
// Why isn't this function named simply "ntohl"? Possible confilct with
// system implementations available on some hosts, but possibly declared
// differently...
//

ULONG UTIL_ntohl( ULONG netlong )
{
	return( UTIL_htonl( netlong ) );
}

/////////////////////////////////////////////////////////////////////////////
//// UTIL_ntohs
//
// Purpose
// Converts a USHORT from network to host byte order.
//
// Parameters
//
// Return Value
//
// Remarks
//
// Why isn't this function named simply "ntohs"? Possible confilct with
// system implementations available on some hosts, but possibly declared
// differently...
//

USHORT UTIL_ntohs( USHORT netshort )
{
	return( UTIL_htons( netshort ) );
}


/////////////////////////////////////////////////////////////////////////////
//// in_cksum
//
// Purpose
// Standard Internet Protocol checksum routine.
//
// Parameters
//
// Return Value
//
// Remarks
// ICMP, IGMP, UDP and TCP all use the same checksum algorithm
//

USHORT in_cksum( PUCHAR pStartingByte, int nByteCount )
{
   register ULONG sum = 0;
   register PUSHORT addr = (PUSHORT )pStartingByte;

   //
   // Add 16-bit Words
   //
   while (nByteCount > 1)
   {
      //
      // This Is The Inner Loop
      //
      sum += *(addr++);
      nByteCount -= 2;
   }

   //
   // Add leftover byte, if any
   //
   if (nByteCount > 0)
#if BIG_ENDIAN
      sum += (*(PUCHAR )addr) << 8;
#else
      sum += *(PUCHAR )addr;
#endif

   //
   // Fold 32-bit sum to 16-bit
   //
   while (sum >> 16)
      sum = (sum & 0xffff) + (sum >> 16);

   //
   // Return one's compliment of final sum.
   //
   return (USHORT) ~sum;
}


/////////////////////////////////////////////////////////////////
//  
//函数UTIL_CountPacket
//
//参数
//方向、动作
//
//返回值
//无
//
//
//备注
//统计在in、out方向上允许或禁止的包。in（0）、out（1）、allow（0）
//deny（1）

/*
void UTIL_CountPacket (USHORT ptype,char direct,char action,int packsize)
{
	//
	//if 方向为in {
	//	if 动作为允许  统计结构累计
	//	if 动作为禁止  统计结构累计
	//}
	//if 方向为out {
	//	if 动作为允许  统计结构累计
	//	if 动作为禁止  统计结构累计
	//}
	//
	if (direct==DT_IN)
	{
		if (action==ALLOW)
		{
			switch (ptype)
			{
			case PT_TCP:
				g_stat.ip.tcp.allow_in_bytes+=packsize;
				g_stat.ip.tcp.allow_in_pkts++;
				break;
			case PT_UDP:
				g_stat.ip.udp.allow_in_bytes+=packsize;
				g_stat.ip.udp.allow_in_pkts++;
				break;
			case PT_ICMP:
				g_stat.ip.icmp.allow_in_bytes+=packsize;
				g_stat.ip.icmp.allow_in_pkts++;
				break;
			case PT_RESTIP:
				g_stat.ip.restip.allow_in_bytes+=packsize;
				g_stat.ip.restip.allow_in_pkts++;
				break;
			default:
				g_stat.notip.other_stat.allow_in_bytes+=packsize;
				g_stat.notip.other_stat.allow_in_pkts++;
			}
		}
		if (action==DENY)
		{
			switch (ptype)
			{
			case PT_TCP:
				g_stat.ip.tcp.deny_in_bytes+=packsize;
				g_stat.ip.tcp.deny_in_pkts++;
				break;
			case PT_UDP:
				g_stat.ip.udp.deny_in_bytes+=packsize;
				g_stat.ip.udp.deny_in_pkts++;
				break;
			case PT_ICMP:
				g_stat.ip.icmp.deny_in_bytes+=packsize;
				g_stat.ip.icmp.deny_in_pkts++;
				break;
			case PT_RESTIP:
				g_stat.ip.restip.deny_in_bytes+=packsize;
				g_stat.ip.restip.deny_in_pkts++;
				break;
			default:
				g_stat.notip.other_stat.deny_in_bytes+=packsize;
				g_stat.notip.other_stat.deny_in_pkts++;
			}
		}
	}
	if (direct==DT_OUT)
	{
		if (action==ALLOW)
		{
			switch (ptype)
			{
			case PT_TCP:
				g_stat.ip.tcp.allow_out_bytes+=packsize;
				g_stat.ip.tcp.allow_out_pkts++;
				break;
			case PT_UDP:
				g_stat.ip.udp.allow_out_bytes+=packsize;
				g_stat.ip.udp.allow_out_pkts++;
				break;
			case PT_ICMP:
				g_stat.ip.icmp.allow_out_bytes+=packsize;
				g_stat.ip.icmp.allow_out_pkts++;
				break;