archive
/
windows-nt-4.0
mirror of https://github.com/lianthony/NT4.0
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Windows NT 4.0 source code leak
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
184 MiB
 
 
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-nt-4.0/private/net/sockets/testutil/secfltr/secfltr.c

344 lines
8.9 KiB
Raw Permalink Blame History

/*++
THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR
A PARTICULAR PURPOSE.
Copyright (c) 1996 Microsoft Corporation. All Rights Reserved.
Module Name:
secfltr.c
Abstract:
Sample program for managing the TCP/IP Security Filter database.
--*/
#include <windows.h>
#include <winsock.h>
#include <stdio.h>
#include <stdlib.h>
#include <ipexport.h>
#include <tcpinfo.h>
#include <dhcpcapi.h>
//
// Local Types
//
typedef enum {
QueryFilterStatus,
SetFilterStatus,
AddFilter,
DeleteFilter,
EnumFilters
} FILTER_OPCODE;
//
// Local Utility Routines
//
void
Usage(
void
)
{
printf("\n");
printf("Usage: secfltr <operation> <parameters>\n");
printf("\n");
printf(" operations:\n");
printf(" get <> - get filtering status\n");
printf(" set <status> - set filtering status\n");
printf(" add <addr> <prot> <value> - add a filter entry\n");
printf(" del <addr> <prot> <value> - delete a filter entry\n");
printf(" enum <addr> <prot> <value> - enumerate filter entries\n");
printf("\n");
printf(" status = boolean filtering status\n");
printf(" address = interface IP address to filter\n");
printf(" protocol = protocol number (tcp=6, udp=17, raw=255)\n");
printf(" value = port or raw protocol number\n");
printf("\n");
}
//
// Main Function
//
int _CRTAPI1
main(int argc, char **argv)
{
DWORD status;
DWORD opcode;
DWORD value;
DWORD protocol;
DWORD address;
DWORD filterStatus;
if (argc < 2) {
Usage();
goto error_exit;
}
//
// Crack the operation
//
if (strcmp(argv[1], "enum") == 0) {
opcode = EnumFilters;
}
else if (strcmp(argv[1], "add") == 0) {
opcode = AddFilter;
}
else if (strcmp(argv[1], "del") == 0) {
opcode = DeleteFilter;
}
else if (strcmp(argv[1], "set") == 0) {
opcode = SetFilterStatus;
}
else if (strcmp(argv[1], "get") == 0) {
opcode = QueryFilterStatus;
}
else {
printf("invalid command %s\n", argv[1]);
Usage();
goto error_exit;
}
//
// Get the rest of the input parameters based on the requested operation.
//
switch(opcode) {
case EnumFilters:
case AddFilter:
case DeleteFilter:
{
if (argc < 5) {
Usage();
goto error_exit;
}
address = inet_addr(argv[2]);
if (address == INADDR_NONE) {
printf("invalid interface address %s\n", argv[2]);
goto error_exit;
}
address = ntohl(address);
protocol = atoi(argv[3]);
if ((protocol < 1) || (protocol > 255)) {
if (strcmp(argv[3], "0") != 0) {
printf("invalid protocol number %s\n", argv[3]);
goto error_exit;
}
}
value = atoi(argv[4]);
if (value == 0) {
if (strcmp(argv[4], "0") != 0) {
printf("invalid filter value %s\n", argv[4]);
goto error_exit;
}
}
break;
}
case SetFilterStatus:
{
if (argc < 3) {
Usage();
goto error_exit;
}
filterStatus = atoi(argv[2]);
if (filterStatus == 0) {
if (strcmp(argv[2], "0") != 0) {
printf("invalid status %s\n", argv[2]);
goto error_exit;
}
}
break;
}
default:
break;
}
//
// Do the operation
//
switch(opcode) {
case SetFilterStatus:
{
BOOL filteringEnabled = filterStatus ? TRUE : FALSE;
status = TcpipSetSecurityFilteringStatus(filteringEnabled);
if (status != ERROR_SUCCESS) {
printf("operation failed, error %u\n", status);
}
break;
}
case QueryFilterStatus:
{
BOOL filteringEnabled;
status = TcpipQuerySecurityFilteringStatus(&filteringEnabled);
if (status == ERROR_SUCCESS) {
if (filteringEnabled) {
printf("security filtering is enabled\n");
}
else {
printf("security filtering is disabled\n");
}
}
else {
printf("operation failed, error %u\n", status);
}
break;
}
case AddFilter:
{
status = TcpipAddSecurityFilter(address, protocol, value);
if (status != ERROR_SUCCESS) {
printf("operation failed, error %u\n", status);
}
break;
}
case DeleteFilter:
{
status = TcpipDeleteSecurityFilter(address, protocol, value);
if (status != ERROR_SUCCESS) {
printf("operation failed, error %u\n", status);
}
break;
}
case EnumFilters:
{
BOOLEAN done;
TCPSecurityFilterEnum *enumResponse;
TCPSecurityFilterEntry *entry;
DWORD responseSize = sizeof(
TCPSecurityFilterEnum
);
do {
done = TRUE;
if (responseSize != 0) {
enumResponse = LocalAlloc(LMEM_FIXED, responseSize);
if (enumResponse == NULL) {
printf("No memory available.\n");
goto error_exit;
}
}
status = TcpipEnumSecurityFilters(
address,
protocol,
value,
enumResponse,
responseSize
);
if (status != ERROR_SUCCESS) {
printf("operation failed, error %lx\n", status);
}
else {
if ( enumResponse->tfe_entries_available !=
enumResponse->tfe_entries_returned
)
{
responseSize =
sizeof(TCPSecurityFilterEnum) +
( enumResponse->tfe_entries_available *
sizeof(TCPSecurityFilterEntry)
);
done = FALSE;
LocalFree(enumResponse);
enumResponse = NULL;
}
else {
if (enumResponse->tfe_entries_returned == 0) {
printf(
"No entries matching {%s, %s, %s} are accepted.\n",
argv[2], argv[3], argv[4]
);
}
else {
struct in_addr inaddr;
printf(
"The following values matching {%s, %s, %s} are accepted:\n\n",
argv[2], argv[3], argv[4]
);
printf(" Interface Protocol Value\n");
printf(" --------------- -------- -----\n");
entry = (TCPSecurityFilterEntry *)
(enumResponse + 1);
while (enumResponse->tfe_entries_returned-- > 0) {
inaddr.S_un.S_addr = htonl(
entry->tsf_address
);
printf(
" %15s %8u %5u\n",
inet_ntoa(inaddr),
entry->tsf_protocol,
entry->tsf_value
);
entry++;
}
}
}
}
} while (!done);
if (enumResponse != NULL) {
LocalFree(enumResponse);
}
break;
}
default:
break;
}
error_exit:
return(0);
}