Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1254 lines
34 KiB

  1. /*++
  2. Copyright (c) 1995 Microsoft Corporation
  3. Module Name:
  4. Abstract:
  5. Revision History:
  6. Amritansh Raghav
  7. --*/
  8. #include <nt.h>
  9. #include <ntrtl.h>
  10. #include <nturtl.h>
  11. #include <windows.h>
  12. #include <ntioapi.h>
  13. #include <stdio.h>
  14. #include <stdarg.h>
  15. #include <stdlib.h>
  16. #include <string.h>
  17. #include <crt\stddef.h>
  18. #include <ntosp.h>
  19. #include <ndis.h>
  20. #include <windef.h>
  21. //#include <ntddk.h>
  22. #include <ipexport.h>
  23. #include "defs.h"
  24. #include <cxport.h>
  25. #include <ip.h>
  26. #include "ipfltdrv.h"
  27. //#include "filter.h"
  28. #include <winsock.h>
  29. #include <ipinfo.h>
  30. #include <llinfo.h>
  31. #include <tcpinfo.h>
  32. #include <tdiinfo.h>
  33. #include <ntddtcp.h>
  34. #include <ntddip.h>
  35. #define is ==
  36. #define isnot !=
  37. #define and &&
  38. #define or ||
  39. DWORD InitializeFilter();
  40. VOID DoAddInterface();
  41. VOID DoSetFilters();
  42. VOID DoFilterPacket();
  43. VOID DoGetInfo();
  44. VOID DoDeleteInterface();
  45. VOID DoStopFilter();
  46. VOID DoAddRoute();
  47. VOID DoAddForwarderIf();
  48. DWORD GetIpStatsFromStack(IPSNMPInfo *IPSnmpInfo);
  49. DWORD GetIpAddrTableFromStack(IPAddrEntry *lpipaeTable, LPDWORD lpdwNumEntries);
  50. VOID CloseHandles();
  51. typedef struct _USER_IF
  52. {
  53. LIST_ENTRY ifLink;
  54. PVOID pvIfContext;
  55. CHAR pszName[80];
  56. }USER_IF, *PUSER_IF;
  57. LIST_ENTRY g_ifList;
  58. HANDLE g_FilterDriverHandle;
  59. HANDLE g_IpDriverHandle;
  60. HANDLE g_TcpDriverHandle;
  61. INT _cdecl main()
  62. {
  63. NTSTATUS ntStatus;
  64. WORD wVersion = MAKEWORD(1,1);
  65. WSADATA wsaData;
  66. if(WSAStartup(wVersion,&wsaData) isnot NO_ERROR)
  67. {
  68. printf("WSAStartup failed\n");
  69. return(1);
  70. }
  71. ntStatus = InitializeFilter();
  72. if(ntStatus isnot STATUS_SUCCESS)
  73. {
  74. printf("Couldnt init filter - error %x\n",ntStatus);
  75. exit(1);
  76. }
  77. InitializeListHead(&g_ifList);
  78. while(TRUE)
  79. {
  80. CHAR cInput[10];
  81. printf("\n----- USER MODE IP FILTER DRIVER TEST -----\n");
  82. printf("1.\tAdd Interface\n");
  83. printf("2.\tSet Filters\n");
  84. printf("3.\tFilter Packet\n");
  85. printf("4.\tGet Info\n");
  86. printf("5.\tDelete Interface\n");
  87. printf("6.\tStop Filter\n");
  88. printf("7.\tAdd Route to Forwarder\n");
  89. printf("8.\tAdd Interface to Forwarder\n");
  90. printf("99.\tQuit\n");
  91. printf("Selection:\t");
  92. gets(cInput);
  93. printf("\n");
  94. switch(atoi(cInput))
  95. {
  96. case 1:
  97. {
  98. DoAddInterface();
  99. break;
  100. }
  101. case 2:
  102. {
  103. DoSetFilters();
  104. break;
  105. }
  106. case 3:
  107. {
  108. DoFilterPacket();
  109. break;
  110. }
  111. case 4:
  112. {
  113. DoGetInfo();
  114. break;
  115. }
  116. case 5:
  117. {
  118. DoDeleteInterface();
  119. break;
  120. }
  121. case 6:
  122. {
  123. DoStopFilter();
  124. break;
  125. }
  126. case 7:
  127. {
  128. DoAddRoute();
  129. break;
  130. }
  131. case 8:
  132. {
  133. DoAddForwarderIf();
  134. break;
  135. }
  136. case 99:
  137. {
  138. DoStopFilter();
  139. WSACleanup();
  140. return(0);
  141. }
  142. default:
  143. {
  144. continue;
  145. }
  146. }
  147. }
  148. return(0);
  149. }
  150. VOID
  151. DoAddInterface()
  152. {
  153. NTSTATUS ntStatus;
  154. IO_STATUS_BLOCK IoStatusBlock;
  155. CHAR cName[70];
  156. FILTER_DRIVER_CREATE_INTERFACE inBuffer;
  157. DWORD dwInBufLen = sizeof(FILTER_DRIVER_CREATE_INTERFACE);
  158. PUSER_IF pIf;
  159. if((pIf = HeapAlloc(GetProcessHeap(),0,sizeof(USER_IF))) is NULL)
  160. {
  161. printf("Couldnt allocate memory\n");
  162. }
  163. printf("Enter new interface name: ");
  164. gets(pIf->pszName);
  165. printf("\n");
  166. InitializeListHead(&pIf->ifLink);
  167. inBuffer.dwIfIndex = 0;
  168. inBuffer.pvRtrMgrContext = NULL;
  169. ntStatus = NtDeviceIoControlFile(g_FilterDriverHandle,
  170. NULL,
  171. NULL,
  172. NULL,
  173. &IoStatusBlock,
  174. IOCTL_CREATE_INTERFACE,
  175. (PVOID)&inBuffer,
  176. dwInBufLen,
  177. (PVOID)&inBuffer,
  178. dwInBufLen);
  179. if (!NT_SUCCESS(ntStatus))
  180. {
  181. printf("IOCTL failed - status %x \n", ntStatus);
  182. HeapFree(GetProcessHeap(),0,pIf);
  183. return;
  184. }
  185. printf("Added interface, context %x\n",(UINT_PTR)inBuffer.pvDriverContext);
  186. pIf->pvIfContext = inBuffer.pvDriverContext;
  187. InsertHeadList(&g_ifList,&(pIf->ifLink));
  188. return;
  189. }
  190. VOID
  191. DoSetFilters()
  192. {
  193. NTSTATUS ntStatus;
  194. IO_STATUS_BLOCK IoStatusBlock;
  195. PFILTER_INFO pInfo;
  196. PFILTER_DRIVER_SET_FILTERS pIo;
  197. DWORD i,dwNumInFilters = 0,dwNumOutFilters = 0,dwInBufLen;
  198. PLIST_ENTRY currentList;
  199. BYTE cAddr[50];
  200. PUSER_IF pIf;
  201. BOOL bSetInput,bSetOutput,bDelInput,bDelOutput;
  202. FORWARD_ACTION faOutAction,faInAction;
  203. DWORD dwInIndex,dwOutIndex;
  204. currentList = g_ifList.Flink;
  205. i = 1;
  206. printf("\nCurrent Interfaces\n");
  207. while(currentList isnot &g_ifList)
  208. {
  209. pIf = CONTAINING_RECORD(currentList,USER_IF,ifLink);
  210. printf("\t%d. %s\n",i++,pIf->pszName);
  211. currentList = currentList->Flink;
  212. }
  213. printf("Input Interface index: ");
  214. gets(cAddr);
  215. printf("\n");
  216. currentList = g_ifList.Flink;
  217. i = 1;
  218. pIf = NULL;
  219. while(currentList isnot &g_ifList)
  220. {
  221. if(i is (DWORD)atoi(cAddr))
  222. {
  223. pIf = CONTAINING_RECORD(currentList,USER_IF,ifLink);
  224. break;
  225. }
  226. i++;
  227. currentList = currentList->Flink;
  228. }
  229. if(pIf is NULL)
  230. {
  231. printf("Couldnt find interface block\n");
  232. return;
  233. }
  234. printf("Setting filters for %s with context %#08x\n",pIf->pszName,
  235. (UINT_PTR)pIf->pvIfContext);
  236. dwInBufLen = sizeof(FILTER_DRIVER_SET_FILTERS) - sizeof(RTR_TOC_ENTRY);
  237. printf("Do you want to modify input filters? (0/1): ");
  238. gets(cAddr);
  239. printf("\n");
  240. if(atoi(cAddr) is 1)
  241. {
  242. dwInBufLen += sizeof(RTR_TOC_ENTRY);
  243. bSetInput = TRUE;
  244. }
  245. else
  246. {
  247. bSetInput = FALSE;
  248. }
  249. printf("Do you want to modify output filters? (0/1): ");
  250. gets(cAddr);
  251. printf("\n");
  252. if(atoi(cAddr) is 1)
  253. {
  254. dwInBufLen += sizeof(RTR_TOC_ENTRY);
  255. bSetOutput = TRUE;
  256. }
  257. else
  258. {
  259. bSetOutput = FALSE;
  260. }
  261. if(bSetInput)
  262. {
  263. printf("Do you want to delete all in filters?(0/1): ");
  264. gets(cAddr);
  265. printf("\n");
  266. if(atoi(cAddr) is 0)
  267. {
  268. printf("How many input filters (0 will remove filters but allow a default action)?: ");
  269. gets(cAddr);
  270. printf("\n");
  271. dwNumInFilters = atoi(cAddr);
  272. printf("Default in action (0 - FORWARD, 1 - DROP): ");
  273. gets(cAddr);
  274. printf("\n");
  275. faInAction = (FORWARD_ACTION)atoi(cAddr);
  276. dwInBufLen += sizeof(FILTER_DESCRIPTOR) - sizeof(FILTER_INFO);
  277. bDelInput = FALSE;
  278. }
  279. else
  280. {
  281. bDelInput = TRUE;
  282. }
  283. }
  284. if(bSetOutput)
  285. {
  286. printf("Do you want to delete all out filters?(0/1): ");
  287. gets(cAddr);
  288. printf("\n");
  289. if(atoi(cAddr) is 0)
  290. {
  291. printf("How many out filters (0 will remove filters but allow a default action)?: ");
  292. gets(cAddr);
  293. printf("\n");
  294. dwNumInFilters = atoi(cAddr);
  295. printf("Default in action (0 - FORWARD, 1 - DROP): ");
  296. gets(cAddr);
  297. printf("\n");
  298. faOutAction = (FORWARD_ACTION)atoi(cAddr);
  299. dwInBufLen += sizeof(FILTER_DESCRIPTOR) - sizeof(FILTER_INFO);
  300. bDelOutput = FALSE;
  301. }
  302. else
  303. {
  304. bDelOutput = TRUE;
  305. }
  306. }
  307. if(!(bSetInput or bSetOutput) )
  308. {
  309. return;
  310. }
  311. dwInBufLen += ((dwNumInFilters + dwNumOutFilters -1) * sizeof(FILTER_INFO));
  312. pIo = HeapAlloc(GetProcessHeap(),0,dwInBufLen);
  313. if(pIo is NULL)
  314. {
  315. printf("Couldnt allocate memory\n");
  316. return;
  317. }
  318. pIo->pvDriverContext = (PVOID)pIf;
  319. dwInIndex = 0;
  320. dwOutIndex = 1;
  321. if(!bSetInput)
  322. {
  323. dwOutIndex = 0;
  324. }
  325. pIo->ribhInfoBlock.Version = IP_FILTER_DRIVER_VERSION;
  326. pIo->ribhInfoBlock.Size = dwInBufLen - FIELD_OFFSET(FILTER_DRIVER_SET_FILTERS,
  327. ribhInfoBlock);
  328. pIo->ribhInfoBlock.TocEntriesCount = 0;
  329. if(bSetInput)
  330. {
  331. pIo->ribhInfoBlock.TocEntry[dwInIndex].InfoType = IP_FILTER_DRIVER_IN_FILTER_INFO;
  332. if(bDelInput)
  333. {
  334. pIo->ribhInfoBlock.TocEntry[dwInIndex].InfoSize = 0;
  335. pIo->ribhInfoBlock.TocEntry[dwInIndex].Offset = 0;
  336. pIo->ribhInfoBlock.TocEntry[dwInIndex].Count = 0;
  337. }
  338. else
  339. {
  340. pIo->ribhInfoBlock.TocEntry[dwInIndex].InfoSize = sizeof(FILTER_DESCRIPTOR) -
  341. sizeof(FILTER_INFO) + (dwNumInFilters * sizeof(FILTER_INFO));
  342. if(bSetOutput)
  343. {
  344. pIo->ribhInfoBlock.TocEntry[dwInIndex].Offset = (ULONG) (((PBYTE)&pIo->ribhInfoBlock.TocEntry[2] - (PBYTE)&pIo->ribhInfoBlock));
  345. }
  346. else
  347. {
  348. pIo->ribhInfoBlock.TocEntry[dwInIndex].Offset = (ULONG) (((PBYTE)&pIo->ribhInfoBlock.TocEntry[1] - (PBYTE)&pIo->ribhInfoBlock));
  349. }
  350. pIo->ribhInfoBlock.TocEntry[dwInIndex].Count = 1;
  351. }
  352. }
  353. if(bSetOutput)
  354. {
  355. pIo->ribhInfoBlock.TocEntry[dwOutIndex].InfoType = IP_FILTER_DRIVER_OUT_FILTER_INFO;
  356. if(bDelOutput)
  357. {
  358. pIo->ribhInfoBlock.TocEntry[dwOutIndex].InfoSize = 0;
  359. pIo->ribhInfoBlock.TocEntry[dwOutIndex].Offset = 0;
  360. pIo->ribhInfoBlock.TocEntry[dwOutIndex].Count = 0;
  361. }
  362. else
  363. {
  364. pIo->ribhInfoBlock.TocEntry[dwOutIndex].InfoSize = sizeof(FILTER_DESCRIPTOR) -
  365. sizeof(FILTER_INFO) + (dwNumOutFilters * sizeof(FILTER_INFO));
  366. if(bSetInput)
  367. {
  368. pIo->ribhInfoBlock.TocEntry[dwOutIndex].Offset = (ULONG) (((PBYTE)&pIo->ribhInfoBlock.TocEntry[2] + pIo->ribhInfoBlock.TocEntry[1].InfoSize - (PBYTE)&pIo->ribhInfoBlock));
  369. }
  370. else
  371. {
  372. pIo->ribhInfoBlock.TocEntry[dwOutIndex].Offset = (ULONG) (((PBYTE)&pIo->ribhInfoBlock.TocEntry[1] - (PBYTE)&pIo->ribhInfoBlock));
  373. }
  374. pIo->ribhInfoBlock.TocEntry[dwOutIndex].Count = 1;
  375. }
  376. }
  377. if(bSetInput and !bDelInput)
  378. {
  379. pInfo = ((PFILTER_DESCRIPTOR)((PBYTE)&pIo->ribhInfoBlock + pIo->ribhInfoBlock.TocEntry[dwInIndex].Offset))->fiFilter;
  380. ((PFILTER_DESCRIPTOR)((PBYTE)&pIo->ribhInfoBlock + pIo->ribhInfoBlock.TocEntry[dwInIndex].Offset))->dwVersion = IP_FILTER_DRIVER_VERSION;
  381. ((PFILTER_DESCRIPTOR)((PBYTE)&pIo->ribhInfoBlock + pIo->ribhInfoBlock.TocEntry[dwInIndex].Offset))->dwNumFilters = dwNumInFilters;
  382. ((PFILTER_DESCRIPTOR)((PBYTE)&pIo->ribhInfoBlock + pIo->ribhInfoBlock.TocEntry[dwInIndex].Offset))->faDefaultAction = faInAction;
  383. printf("Input Filters - addresses and mask in dotted decimal\n");
  384. for(i = 0; i < dwNumInFilters; i++)
  385. {
  386. printf("Enter source addr: ");
  387. gets(cAddr);
  388. printf("\n");
  389. pInfo[i].dwSrcAddr = inet_addr(cAddr);
  390. printf("Enter source mask: ");
  391. gets(cAddr);
  392. printf("\n");
  393. pInfo[i].dwSrcMask = inet_addr(cAddr);
  394. printf("Enter dest addr: ");
  395. gets(cAddr);
  396. printf("\n");
  397. pInfo[i].dwDstAddr = inet_addr(cAddr);
  398. printf("Enter dest mask: ");
  399. gets(cAddr);
  400. printf("\n");
  401. pInfo[i].dwDstMask = inet_addr(cAddr);
  402. printf("Enter protocol id - 0 for any: ");
  403. gets(cAddr);
  404. printf("\n");
  405. pInfo[i].dwProtocol = atoi(cAddr);
  406. pInfo[i].wSrcPort = pInfo[i].wDstPort = 0x00000000;
  407. switch(pInfo[i].dwProtocol)
  408. {
  409. case 1:
  410. {
  411. printf("Enter type - 255 for any");
  412. gets(cAddr);
  413. printf("\n");
  414. pInfo[i].wSrcPort = (BYTE)atoi(cAddr);
  415. printf("Enter code - 255 for any");
  416. gets(cAddr);
  417. printf("\n");
  418. pInfo[i].wDstPort = (BYTE)atoi(cAddr);
  419. break;
  420. }
  421. case 6:
  422. case 17:
  423. {
  424. printf("Enter source port - 0 for any: ");
  425. gets(cAddr);
  426. printf("\n");
  427. pInfo[i].wSrcPort = htons((WORD)atoi(cAddr));
  428. printf("Enter Dst Port - 0 for any: ");
  429. gets(cAddr);
  430. printf("\n");
  431. pInfo[i].wDstPort = htons((WORD)atoi(cAddr));
  432. break;
  433. }
  434. }
  435. }
  436. }
  437. if(bSetOutput and !bDelOutput)
  438. {
  439. pInfo = ((PFILTER_DESCRIPTOR)((PBYTE)&pIo->ribhInfoBlock + pIo->ribhInfoBlock.TocEntry[dwOutIndex].Offset))->fiFilter;
  440. ((PFILTER_DESCRIPTOR)((PBYTE)&pIo->ribhInfoBlock + pIo->ribhInfoBlock.TocEntry[dwOutIndex].Offset))->dwVersion = IP_FILTER_DRIVER_VERSION;
  441. ((PFILTER_DESCRIPTOR)((PBYTE)&pIo->ribhInfoBlock + pIo->ribhInfoBlock.TocEntry[dwOutIndex].Offset))->dwNumFilters = dwNumOutFilters;
  442. ((PFILTER_DESCRIPTOR)((PBYTE)&pIo->ribhInfoBlock + pIo->ribhInfoBlock.TocEntry[dwOutIndex].Offset))->faDefaultAction = faOutAction;
  443. printf("Output Filters - addresses and mask in dotted decimal\n");
  444. for(i = 0; i < dwNumOutFilters; i++)
  445. {
  446. printf("Enter source addr: ");
  447. gets(cAddr);
  448. printf("\n");
  449. pInfo[i].dwSrcAddr = inet_addr(cAddr);
  450. printf("Enter source mask: ");
  451. gets(cAddr);
  452. printf("\n");
  453. pInfo[i].dwSrcMask = inet_addr(cAddr);
  454. printf("Enter dest addr: ");
  455. gets(cAddr);
  456. printf("\n");
  457. pInfo[i].dwDstAddr = inet_addr(cAddr);
  458. printf("Enter dest mask: ");
  459. gets(cAddr);
  460. printf("\n");
  461. pInfo[i].dwDstMask = inet_addr(cAddr);
  462. printf("Enter protocol id - 0 for any: ");
  463. gets(cAddr);
  464. printf("\n");
  465. pInfo[i].dwProtocol = atoi(cAddr);
  466. pInfo[i].wSrcPort = pInfo[i].wDstPort = 0x00000000;
  467. switch(pInfo[i].dwProtocol)
  468. {
  469. case 1:
  470. {
  471. printf("Enter type - 255 for any");
  472. gets(cAddr);
  473. printf("\n");
  474. pInfo[i].wSrcPort = (BYTE)atoi(cAddr);
  475. printf("Enter code - 255 for any");
  476. gets(cAddr);
  477. printf("\n");
  478. pInfo[i].wDstPort = (BYTE)atoi(cAddr);
  479. break;
  480. }
  481. case 6:
  482. case 17:
  483. {
  484. printf("Enter source port - 0 for any: ");
  485. gets(cAddr);
  486. printf("\n");
  487. pInfo[i].wSrcPort = htons((WORD)atoi(cAddr));
  488. printf("Enter Dst Port - 0 for any: ");
  489. gets(cAddr);
  490. printf("\n");
  491. pInfo[i].wDstPort = htons((WORD)atoi(cAddr));
  492. }
  493. }
  494. }
  495. }
  496. ntStatus = NtDeviceIoControlFile(g_FilterDriverHandle,
  497. NULL,
  498. NULL,
  499. NULL,
  500. &IoStatusBlock,
  501. IOCTL_SET_INTERFACE_FILTERS,
  502. (PVOID)pIo,
  503. dwInBufLen,
  504. NULL,
  505. 0);
  506. if (!NT_SUCCESS(ntStatus))
  507. {
  508. printf("IOCTL failed - status %x \n", ntStatus);
  509. }
  510. printf("Filters set\n");
  511. HeapFree(GetProcessHeap(),0,pIo);
  512. return;
  513. }
  514. VOID
  515. DoFilterPacket()
  516. {
  517. NTSTATUS ntStatus;
  518. IO_STATUS_BLOCK IoStatusBlock;
  519. DWORD i,dwInBufLen;
  520. BYTE cAddr[40];
  521. PFILTER_DRIVER_TEST_PACKET pTest;
  522. IPHeader *pIph;
  523. PWORD pwPort;
  524. PLIST_ENTRY currentList;
  525. PUSER_IF pInIf = NULL, pOutIf = NULL, pIf;
  526. dwInBufLen = sizeof(FILTER_DRIVER_TEST_PACKET) + sizeof(IPHeader) + 2*sizeof(DWORD);
  527. pTest = HeapAlloc(GetProcessHeap(),0,dwInBufLen);
  528. if(pTest is NULL)
  529. {
  530. printf("Couldnt allocate memory for the packet\n");
  531. return;
  532. }
  533. pIph = (IPHeader*)(pTest->bIpPacket);
  534. pwPort = (PWORD)((PBYTE)pIph + sizeof(IPHeader));
  535. currentList = g_ifList.Flink;
  536. i=1;
  537. printf("\nCurrent Interfaces\n");
  538. while(currentList isnot &g_ifList)
  539. {
  540. pIf = CONTAINING_RECORD(currentList,USER_IF,ifLink);
  541. printf("\t%d. %s\n",i++,pIf->pszName);
  542. currentList = currentList->Flink;
  543. }
  544. printf("Index of input Interface <enter for none>: ");
  545. gets(cAddr);
  546. printf("\n");
  547. if(strlen(cAddr) isnot 0)
  548. {
  549. DWORD dwInIf = atoi(cAddr);
  550. currentList = g_ifList.Flink;
  551. i = 1;
  552. while(currentList isnot &g_ifList)
  553. {
  554. if(i is dwInIf)
  555. {
  556. pInIf = CONTAINING_RECORD(currentList,USER_IF,ifLink);
  557. break;
  558. }
  559. i++;
  560. currentList = currentList->Flink;
  561. }
  562. }
  563. printf("Index of output Interface <enter for none>: ");
  564. gets(cAddr);
  565. printf("\n");
  566. if(strlen(cAddr) isnot 0)
  567. {
  568. DWORD dwOutIf = atoi(cAddr);
  569. currentList = g_ifList.Flink;
  570. i = 1;
  571. while(currentList isnot &g_ifList)
  572. {
  573. if(i is dwOutIf)
  574. {
  575. pOutIf = CONTAINING_RECORD(currentList,USER_IF,ifLink);
  576. break;
  577. }
  578. i++;
  579. currentList = currentList->Flink;
  580. }
  581. }
  582. printf("Input if is %s and output if is %s\n",
  583. (pInIf is NULL)? "NULL":pInIf->pszName,
  584. (pOutIf is NULL)?"NULL":pOutIf->pszName);
  585. pTest->pvInInterfaceContext = (pInIf is NULL)?NULL:pInIf->pvIfContext;
  586. pTest->pvOutInterfaceContext = (pOutIf is NULL)?NULL:pOutIf->pvIfContext;
  587. printf("Enter packet header\n\n");
  588. printf("Enter source addr: ");
  589. gets(cAddr);
  590. printf("\n");
  591. pIph->iph_src = (IPAddr)inet_addr(cAddr);
  592. printf("Enter dest addr: ");
  593. gets(cAddr);
  594. printf("\n");
  595. pIph->iph_dest = (IPAddr)inet_addr(cAddr);
  596. printf("Enter Protocol id - 0 for any: ");
  597. gets(cAddr);
  598. printf("\n");
  599. pIph->iph_protocol = (UCHAR)LOBYTE(atoi(cAddr));
  600. printf("Is this a fragment? (1 - yes 0 - no): ");
  601. gets(cAddr);
  602. printf("\n");
  603. if(atoi(cAddr) is 0)
  604. {
  605. printf("Enter source port - 0 for any: ");
  606. gets(cAddr);
  607. printf("\n");
  608. pwPort[0] = htons((WORD)atoi(cAddr));
  609. printf("Enter Dst Port - 0 for any: ");
  610. gets(cAddr);
  611. printf("\n");
  612. pwPort[1] = htons((WORD)atoi(cAddr));
  613. pIph->iph_offset = 0x0000; // no flags , no fragment
  614. }
  615. else
  616. {
  617. // Lets give it a frag offset of 100 - 64h
  618. pIph->iph_offset = 0x6400;
  619. }
  620. //
  621. // Fill up the rest of the packet with some meaningful info
  622. //
  623. pIph->iph_verlen = '\x45'; //Version = 4 Hdr Len = 5*4bytes
  624. pIph->iph_tos = '\x0f'; //TOS signature for mem dumps
  625. pIph->iph_length = htons((WORD)(sizeof(IPHeader)+2*sizeof(DWORD))); //Length in bytes
  626. pIph->iph_id = 0xcdab; //ID another signature
  627. pIph->iph_ttl = 0xef; // TTL
  628. pIph->iph_xsum = 0xcdab; //Checksum;
  629. ntStatus = NtDeviceIoControlFile(g_FilterDriverHandle,
  630. NULL,
  631. NULL,
  632. NULL,
  633. &IoStatusBlock,
  634. IOCTL_TEST_PACKET,
  635. (PVOID)pTest,
  636. dwInBufLen,
  637. (PVOID)pTest,
  638. dwInBufLen);
  639. if (!NT_SUCCESS(ntStatus))
  640. {
  641. printf("IOCTL failed - status %x \n", ntStatus);
  642. return;
  643. }
  644. if(pTest->eaResult is DROP)
  645. {
  646. printf("Packet rejected\n");
  647. }
  648. else
  649. {
  650. printf("Packet accepted\n");
  651. }
  652. HeapFree(GetProcessHeap(),0,pTest);
  653. return;
  654. }
  655. VOID
  656. DoDeleteInterface()
  657. {
  658. }
  659. VOID
  660. DoStopFilter()
  661. {
  662. CloseHandles();
  663. }
  664. VOID
  665. DoGetInfo()
  666. {
  667. }
  668. VOID
  669. DoAddRoute()
  670. {
  671. TDIObjectID *lpObject;
  672. IPRouteEntry *lpentry;
  673. NTSTATUS ntStatus;
  674. IO_STATUS_BLOCK IoStatusBlock;
  675. CHAR szIPAddr[20];
  676. DWORD dwInBufLen;
  677. TCP_REQUEST_SET_INFORMATION_EX *lptrsiBuffer;
  678. BYTE buffer[sizeof(TCP_REQUEST_SET_INFORMATION_EX) + sizeof(IPRouteEntry)];
  679. lptrsiBuffer = (TCP_REQUEST_SET_INFORMATION_EX *)buffer;
  680. lptrsiBuffer->BufferSize = sizeof(IPRouteEntry);
  681. lpObject = &lptrsiBuffer->ID;
  682. lpObject->toi_id = IP_MIB_RTTABLE_ENTRY_ID;
  683. lpObject->toi_type = INFO_TYPE_PROVIDER;
  684. lpObject->toi_class = INFO_CLASS_PROTOCOL;
  685. lpObject->toi_entity.tei_entity = CL_NL_ENTITY;
  686. lpObject->toi_entity.tei_instance = 0;
  687. lpentry = (IPRouteEntry *)lptrsiBuffer->Buffer;
  688. dwInBufLen = sizeof(TCP_REQUEST_SET_INFORMATION_EX) + sizeof(IPRouteEntry) - 1;
  689. printf("Enter Address (Dotted Decimal Form): ");
  690. gets(szIPAddr);
  691. printf("\n");
  692. lpentry->ire_dest = inet_addr(szIPAddr);
  693. printf("Enter IF (numerical):");
  694. gets(szIPAddr);
  695. printf("\n");
  696. lpentry->ire_index = atoi(szIPAddr);
  697. printf("Enter Next Hop (Dotted Decimal Form): ");
  698. gets(szIPAddr);
  699. printf("\n");
  700. lpentry->ire_nexthop = inet_addr(szIPAddr);
  701. printf("Enter Mask (Dotted Decimal Form): ");
  702. gets(szIPAddr);
  703. printf("\n");
  704. lpentry->ire_mask = inet_addr(szIPAddr);
  705. printf("Enter Metric 1: ");
  706. gets(szIPAddr);
  707. printf("\n");
  708. lpentry->ire_metric1 = atoi(szIPAddr);
  709. lpentry->ire_metric2 =
  710. lpentry->ire_metric3 =
  711. lpentry->ire_metric4 =
  712. lpentry->ire_metric5 = IRE_METRIC_UNUSED;
  713. lpentry->ire_age = 0;
  714. printf("Enter type 2 - invalid 3 - direct 4 - indirect: ");
  715. gets(szIPAddr);
  716. printf("\n");
  717. lpentry->ire_type = atoi(szIPAddr);
  718. lpentry->ire_proto = IRE_PROTO_LOCAL;
  719. ntStatus = NtDeviceIoControlFile(g_TcpDriverHandle,
  720. NULL,
  721. NULL,
  722. NULL,
  723. &IoStatusBlock,
  724. IOCTL_TCP_SET_INFORMATION_EX,
  725. (PVOID)lptrsiBuffer,
  726. dwInBufLen,
  727. NULL,
  728. 0);
  729. if(ntStatus is STATUS_PENDING)
  730. {
  731. ntStatus = NtWaitForSingleObject(g_TcpDriverHandle, FALSE, NULL );
  732. ntStatus = IoStatusBlock.Status;
  733. }
  734. if (!NT_SUCCESS(ntStatus))
  735. {
  736. printf("IOCTL failed to get set route - error %x\n",ntStatus);
  737. }
  738. }
  739. VOID
  740. DoAddForwarderIf()
  741. {
  742. NTSTATUS ntStatus;
  743. IO_STATUS_BLOCK IoStatusBlock;
  744. DWORD dwResult;
  745. DWORD dwSpace,dwId,dwIf,i;
  746. IPSNMPInfo ipsiInfo;
  747. IPAddrEntry *pAddrTable;
  748. PLIST_ENTRY currentList;
  749. PUSER_IF pIf;
  750. IP_SET_IF_CONTEXT_INFO info;
  751. CHAR cAddr1[20],cAddr2[20];
  752. dwResult = GetIpStatsFromStack(&ipsiInfo);
  753. if(dwResult isnot NO_ERROR)
  754. {
  755. printf("Couldnt get Ip Snmp info from stack for num addr error %x\n",dwResult);
  756. return;
  757. }
  758. dwSpace = ipsiInfo.ipsi_numaddr + 10;
  759. pAddrTable = HeapAlloc(GetProcessHeap(),0,dwSpace * sizeof(IPAddrEntry));
  760. if(pAddrTable is NULL)
  761. {
  762. printf("Couldnt allocate space for ipAddr table\n");
  763. return;
  764. }
  765. dwResult = GetIpAddrTableFromStack(pAddrTable,&dwSpace);
  766. if(dwResult isnot NO_ERROR)
  767. {
  768. printf("Couldnt get addr table from stack %x\n",dwResult);
  769. HeapFree(GetProcessHeap(),0,pAddrTable);
  770. return;
  771. }
  772. printf("\nForwarder Interfaces\n");
  773. printf("Index\tAddress\t\tMask\n");
  774. for(i = 0; i < dwSpace; i++)
  775. {
  776. struct in_addr addr;
  777. addr.s_addr = pAddrTable[i].iae_addr;
  778. strcpy(cAddr1,inet_ntoa(addr));
  779. addr.s_addr = pAddrTable[i].iae_mask;
  780. strcpy(cAddr2,inet_ntoa(addr));
  781. printf("%d.\t%s\t\t%s\n",pAddrTable[i].iae_index,cAddr1,cAddr2);
  782. }
  783. printf("\nFilter Interfaces\n");
  784. currentList = g_ifList.Flink;
  785. i = 1;
  786. while(currentList isnot &g_ifList)
  787. {
  788. pIf = CONTAINING_RECORD(currentList,USER_IF,ifLink);
  789. printf("\t%d. %s\n",i++,pIf->pszName);
  790. currentList = currentList->Flink;
  791. }
  792. while(TRUE)
  793. {
  794. printf("Enter Forwarder index (99 to exit): ");
  795. gets(cAddr1);
  796. printf("\n");
  797. dwId = atoi(cAddr1);
  798. if(dwId is 99)
  799. break;
  800. printf("Enter Interface Index to associate with: ");
  801. gets(cAddr1);
  802. printf("\n");
  803. dwIf = atoi(cAddr1);
  804. currentList = g_ifList.Flink;
  805. i = 1;
  806. pIf = NULL;
  807. while(currentList isnot &g_ifList)
  808. {
  809. if(i is dwIf)
  810. {
  811. pIf = CONTAINING_RECORD(currentList,USER_IF,ifLink);
  812. break;
  813. }
  814. i++;
  815. currentList = currentList->Flink;
  816. }
  817. if(pIf is NULL)
  818. {
  819. printf("Couldnt find filter interface\n");
  820. continue;
  821. }
  822. info.Index = dwId;
  823. info.Context = pIf->pvIfContext;
  824. ntStatus = NtDeviceIoControlFile(g_IpDriverHandle,
  825. NULL,
  826. NULL,
  827. NULL,
  828. &IoStatusBlock,
  829. IOCTL_IP_SET_IF_CONTEXT,
  830. (PVOID)&info,
  831. sizeof(IP_SET_IF_CONTEXT_INFO),
  832. NULL,
  833. 0);
  834. if(!NT_SUCCESS(ntStatus))
  835. {
  836. printf("Couldnt set context\n");
  837. }
  838. else
  839. {
  840. printf("Set context successfully\n");
  841. }
  842. }
  843. HeapFree(GetProcessHeap(),0,pAddrTable);
  844. return;
  845. }
  846. DWORD
  847. InitializeFilter()
  848. {
  849. NTSTATUS status;
  850. UNICODE_STRING nameString;
  851. IO_STATUS_BLOCK ioStatusBlock;
  852. OBJECT_ATTRIBUTES objectAttributes;
  853. RtlInitUnicodeString(&nameString,DD_IPFLTRDRVR_DEVICE_NAME);
  854. InitializeObjectAttributes(&objectAttributes, &nameString,
  855. OBJ_CASE_INSENSITIVE, NULL, NULL);
  856. status = NtCreateFile(&g_FilterDriverHandle,
  857. SYNCHRONIZE | FILE_READ_DATA | FILE_WRITE_DATA,
  858. &objectAttributes,
  859. &ioStatusBlock,
  860. NULL,
  861. FILE_ATTRIBUTE_NORMAL,
  862. FILE_SHARE_READ | FILE_SHARE_WRITE,
  863. FILE_OPEN_IF,
  864. 0,
  865. NULL,
  866. 0);
  867. if(!NT_SUCCESS(status))
  868. {
  869. printf("Couldnt create filter driver handle\n");
  870. return(status);
  871. }
  872. RtlInitUnicodeString(&nameString, DD_IP_DEVICE_NAME);
  873. InitializeObjectAttributes(&objectAttributes, &nameString,
  874. OBJ_CASE_INSENSITIVE, NULL, NULL);
  875. status = NtCreateFile(&g_IpDriverHandle,
  876. SYNCHRONIZE | FILE_READ_DATA | FILE_WRITE_DATA,
  877. &objectAttributes,
  878. &ioStatusBlock,
  879. NULL,
  880. FILE_ATTRIBUTE_NORMAL,
  881. FILE_SHARE_READ | FILE_SHARE_WRITE,
  882. FILE_OPEN_IF,
  883. 0,
  884. NULL,
  885. 0);
  886. if(!NT_SUCCESS(status))
  887. {
  888. printf("Couldnt create ip driver handle\n");
  889. return(status);
  890. }
  891. RtlInitUnicodeString(&nameString, DD_TCP_DEVICE_NAME);
  892. InitializeObjectAttributes(&objectAttributes, &nameString,
  893. OBJ_CASE_INSENSITIVE, NULL, NULL);
  894. status = NtCreateFile(&g_TcpDriverHandle,
  895. SYNCHRONIZE | FILE_READ_DATA | FILE_WRITE_DATA,
  896. &objectAttributes,
  897. &ioStatusBlock,
  898. NULL,
  899. FILE_ATTRIBUTE_NORMAL,
  900. FILE_SHARE_READ | FILE_SHARE_WRITE,
  901. FILE_OPEN_IF,
  902. 0,
  903. NULL,
  904. 0);
  905. if(!NT_SUCCESS(status))
  906. {
  907. printf("Couldnt create tcp driver handle\n");
  908. }
  909. return (status);
  910. }
  911. //* CloseHandles()
  912. //
  913. // Function: Close TCPIP stack handle.
  914. //
  915. // Returns: 0
  916. //*
  917. VOID
  918. CloseHandles ()
  919. {
  920. CloseHandle(g_FilterDriverHandle);
  921. CloseHandle(g_IpDriverHandle);
  922. CloseHandle(g_TcpDriverHandle);
  923. }
  924. DWORD
  925. GetIpAddrTableFromStack(IPAddrEntry *lpipaeTable, LPDWORD lpdwNumEntries)
  926. {
  927. DWORD dwResult;
  928. DWORD dwInBufLen;
  929. DWORD dwOutBufLen;
  930. DWORD i,j;
  931. TCP_REQUEST_QUERY_INFORMATION_EX trqiInBuf;
  932. TDIObjectID *ID;
  933. BYTE *Context;
  934. NTSTATUS Status;
  935. IO_STATUS_BLOCK IoStatusBlock;
  936. dwInBufLen = sizeof(TCP_REQUEST_QUERY_INFORMATION_EX);
  937. dwOutBufLen = (*lpdwNumEntries) * sizeof( IPAddrEntry );
  938. ID = &(trqiInBuf.ID);
  939. ID->toi_entity.tei_entity = CL_NL_ENTITY;
  940. ID->toi_entity.tei_instance = 0;
  941. ID->toi_class = INFO_CLASS_PROTOCOL;
  942. ID->toi_type = INFO_TYPE_PROVIDER;
  943. ID->toi_id = IP_MIB_ADDRTABLE_ENTRY_ID;
  944. Context = (BYTE *) &(trqiInBuf.Context[0]);
  945. ZeroMemory( Context, CONTEXT_SIZE );
  946. Status = NtDeviceIoControlFile(g_TcpDriverHandle,
  947. NULL,
  948. NULL,
  949. NULL,
  950. &IoStatusBlock,
  951. IOCTL_TCP_QUERY_INFORMATION_EX,
  952. (PVOID)&trqiInBuf,
  953. dwInBufLen,
  954. lpipaeTable,
  955. dwOutBufLen);
  956. if(Status is STATUS_PENDING)
  957. {
  958. Status = NtWaitForSingleObject(g_TcpDriverHandle, FALSE, NULL );
  959. Status = IoStatusBlock.Status;
  960. }
  961. if (!NT_SUCCESS( Status ))
  962. {
  963. printf("IOCTL failed to get address table\n");
  964. *lpdwNumEntries = 0;
  965. return ( Status );
  966. }
  967. *lpdwNumEntries = (ULONG)(((UINT_PTR)IoStatusBlock.Information / sizeof(IPAddrEntry)));
  968. return (NO_ERROR);
  969. }
  970. DWORD
  971. GetIpStatsFromStack(IPSNMPInfo *IPSnmpInfo)
  972. {
  973. DWORD dwResult;
  974. DWORD dwInBufLen;
  975. DWORD dwOutBufLen;
  976. TCP_REQUEST_QUERY_INFORMATION_EX trqiInBuf;
  977. TDIObjectID *ID;
  978. BYTE *Context;
  979. NTSTATUS Status;
  980. IO_STATUS_BLOCK IoStatusBlock;
  981. dwInBufLen = sizeof(TCP_REQUEST_QUERY_INFORMATION_EX);
  982. dwOutBufLen = sizeof(IPSNMPInfo);
  983. ID = &(trqiInBuf.ID);
  984. ID->toi_entity.tei_entity = CL_NL_ENTITY;
  985. ID->toi_entity.tei_instance = 0;
  986. ID->toi_class = INFO_CLASS_PROTOCOL;
  987. ID->toi_type = INFO_TYPE_PROVIDER;
  988. ID->toi_id = IP_MIB_STATS_ID;
  989. Context = (BYTE *) &(trqiInBuf.Context[0]);
  990. ZeroMemory(Context, CONTEXT_SIZE);
  991. Status = NtDeviceIoControlFile(g_TcpDriverHandle,
  992. NULL,
  993. NULL,
  994. NULL,
  995. &IoStatusBlock,
  996. IOCTL_TCP_QUERY_INFORMATION_EX,
  997. (PVOID)&trqiInBuf,
  998. sizeof(TCP_REQUEST_QUERY_INFORMATION_EX),
  999. IPSnmpInfo,
  1000. dwOutBufLen);
  1001. if(Status is STATUS_PENDING)
  1002. {
  1003. Status = NtWaitForSingleObject(g_TcpDriverHandle, FALSE, NULL);
  1004. Status = IoStatusBlock.Status;
  1005. }
  1006. if (!NT_SUCCESS(Status))
  1007. {
  1008. printf("IOCTL failed to get SNMP info\n");
  1009. return (Status);
  1010. }
  1011. return (NO_ERROR);
  1012. }