archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/net/rras/ip/fltrdrvr/kdext/ipfext.c

892 lines
21 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1993 Microsoft Corporation
  5. Module Name:
  7. ipfext.c
  9. Abstract:
  11. This file contains the generic routines and initialization code
  12. for the kernel debugger extensions dll.
  14. Author:
  17. Environment:
  19. User Mode
  21. --*/
  23. //
  24. // globals
  25. //
  26. #include <ntverp.h>
  27. #include <nt.h>
  28. #include <ntrtl.h>
  29. #include <nturtl.h>
  30. #include <windows.h>
  31. #include <wdbgexts.h>
  32. #include <stdio.h>
  33. #include <stdlib.h>
  34. #include <winsock.h>
  36. #include "..\defs.h"
  37. #include <ipexport.h>
  38. #include <ipfilter.h>
  39. #include <filter.h>
  40. #include <ipfltdrv.h>
  42. BOOL
  43. ReadFilterDriver(
  44. PFILTER_DRIVER pIf
  45. );
  47. BOOL
  48. ReadCache(
  49. DWORD dwIndex,
  50. PFILTER_INCACHE pInCache,
  51. PFILTER_OUTCACHE pOutCache
  52. );
  54. BOOL
  55. ReadFilter(
  56. PFILTER_INTERFACE pIf,
  57. DWORD dwIndex,
  58. PFILTER pFilter,
  59. BOOL bInFilter
  60. );
  62. EXT_API_VERSION ApiVersion = { 3, 5, EXT_API_VERSION_NUMBER, 0 };
  63. WINDBG_EXTENSION_APIS ExtensionApis;
  64. USHORT SavedMajorVersion;
  65. USHORT SavedMinorVersion;
  66. BOOLEAN ChkTarget;
  67. INT Item;
  69. DWORD g_dwFilterInfo;
  70. DWORD g_dwIfLink;
  71. DWORD g_dwInIndex,g_dwOutIndex;
  72. DWORD g_dwCacheSize;
  73. FILTER_INTERFACE g_if;
  75. #define CHECK_SIZE(dwRead,dwReq,bRes){ \
  76. if((dwRead) < (dwReq)) \
  77. { \
  78. dprintf("Requested %s (%d) read %d \n",#dwReq,dwReq,dwRead); \
  79. dprintf("Error in %s at %d\n",__FILE__,__LINE__); \
  80. bRes = FALSE; \
  81. } \
  82. else \
  83. { \
  84. bRes = TRUE; \
  85. } \
  86. }
  88. #define READ_MEMORY_ERROR \
  89. dprintf("Error in ReadMemory() in %s at line %d\n",__FILE__,__LINE__);
  92. DllInit(
  93. HANDLE hModule,
  94. DWORD dwReason,
  95. DWORD dwReserved
  96. )
  97. {
  98. switch (dwReason) {
  99. case DLL_THREAD_ATTACH:
  100. break;
  102. case DLL_THREAD_DETACH:
  103. break;
  105. case DLL_PROCESS_DETACH:
  106. break;
  108. case DLL_PROCESS_ATTACH:
  109. break;
  110. }
  112. return TRUE;
  113. }
  116. VOID
  117. WinDbgExtensionDllInit(
  118. PWINDBG_EXTENSION_APIS lpExtensionApis,
  119. USHORT MajorVersion,
  120. USHORT MinorVersion
  121. )
  122. {
  123. ExtensionApis = *lpExtensionApis;
  125. SavedMajorVersion = MajorVersion;
  126. SavedMinorVersion = MinorVersion;
  127. ChkTarget = SavedMajorVersion == 0x0c ? TRUE : FALSE;
  129. g_dwIfLink = 0;
  130. g_dwInIndex = g_dwOutIndex = 0;
  132. return;
  133. }
  135. DECLARE_API( version )
  136. {
  137. #if DBG
  138. PCHAR DebuggerType = "Checked";
  139. #else
  140. PCHAR DebuggerType = "Free";
  141. #endif
  143. dprintf( "%s Extension dll for Build %d debugging %s kernel for Build %d\n",
  144. DebuggerType,
  145. VER_PRODUCTBUILD,
  146. SavedMajorVersion == 0x0c ? "Checked" : "Free",
  147. SavedMinorVersion
  148. );
  149. }
  151. VOID
  152. CheckVersion(
  153. VOID
  154. )
  155. {
  157. return;
  159. #if DBG
  160. if ((SavedMajorVersion isnot 0x0c) or (SavedMinorVersion isnot VER_PRODUCTBUILD))
  161. {
  162. dprintf("\r\n*** Extension DLL(%d Checked) does not match target system(%d %s)\r\n\r\n",
  163. VER_PRODUCTBUILD, SavedMinorVersion,
  164. (SavedMajorVersion==0x0f) ? "Free" : "Checked" );
  165. }
  166. #else
  167. if ((SavedMajorVersion isnot 0x0f) || (SavedMinorVersion isnot VER_PRODUCTBUILD))
  168. {
  169. dprintf("\r\n*** Extension DLL(%d Free) does not match target system(%d %s)\r\n\r\n",
  170. VER_PRODUCTBUILD, SavedMinorVersion,
  171. (SavedMajorVersion==0x0f) ? "Free" : "Checked" );
  172. }
  173. #endif
  174. }
  176. LPEXT_API_VERSION
  177. ExtensionApiVersion(
  178. VOID
  179. )
  180. {
  181. return &ApiVersion;
  182. }
  184. //
  185. // Exported functions
  186. //
  187. DECLARE_API( help )
  189. /*++
  191. Routine Description:
  193. Command help for IP Filter debugger extensions.
  195. Arguments:
  197. None
  199. Return Value:
  201. None
  203. --*/
  205. {
  206. dprintf("\n\tIP Filter debugger extension commands:\n\n");
  207. dprintf("\tNumIf - Print the number of interfaces in the filter\n");
  208. dprintf("\tIfByIndex <index> - Print the ith interface in the list\n");
  209. dprintf("\tIfByAddr <ptr> - Print the interface with given address\n");
  210. dprintf("\tIfEnumInit - Inits the If enumerator (to 0)\n");
  211. dprintf("\tNextIf - Print the next If enumerated\n");
  212. dprintf("\tPrintCache <index> - Print the contents of the ith cache bucket\n");
  213. dprintf("\tCacheSize - Print the current cache size\n");
  214. dprintf("\tPrintPacket - Dump a packet header and first DWORD of data\n");
  215. dprintf("\tFilterEnumInit <ptr> - Inits the in and out filter enumerator for If at addr\n");
  216. dprintf("\tNextInFilter - Print the next In Filter\n");
  217. dprintf("\tNextOutFilter - Print the next Out Filter\n");
  218. dprintf("\n\tCompiled on " __DATE__ " at " __TIME__ "\n" );
  219. return;
  220. }
  222. DECLARE_API( init )
  223. {
  224. DWORD dwBytesRead, dwCacheSize;
  225. BOOL bResult;
  227. dwCacheSize = GetExpression("ipfltdrv!g_dwCacheSize");
  228. if(dwCacheSize is 0)
  229. {
  230. dprintf("Couldnt get g_dwCacheSize address from filter driver\n");
  231. return;
  232. }
  235. if(!ReadMemory(dwCacheSize,&g_dwCacheSize,sizeof(DWORD),&dwBytesRead))
  236. {
  237. dprintf("Attempted read at %x\n",dwCacheSize);
  238. READ_MEMORY_ERROR;
  239. return;
  240. }
  242. CHECK_SIZE(dwBytesRead,sizeof(DWORD),bResult);
  244. if(!bResult)
  245. {
  246. return;
  247. }
  249. g_dwFilterInfo = GetExpression("ipfltdrv!g_filters");
  251. if(g_dwFilterInfo is 0)
  252. {
  253. dprintf("Couldnt load the g_filters address from the filter driver\n");
  254. return;
  255. }
  256. else
  257. {
  258. dprintf("g_filters = %x\n",g_dwFilterInfo);
  259. }
  261. dprintf("Extension DLL successfully initialized\n");
  263. return;
  264. }
  266. DECLARE_API( numif )
  267. {
  268. DWORD dwNum = 0,dwBytesRead;
  269. DWORD dwCurrentList;
  270. FILTER_DRIVER filter;
  271. LIST_ENTRY leList;
  272. BOOL bResult;
  274. if(!ReadFilterDriver(&filter))
  275. {
  276. return;
  277. }
  279. dwCurrentList = (DWORD)filter.leIfListHead.Flink;
  281. while(dwCurrentList isnot (g_dwFilterInfo + FIELD_OFFSET(FILTER_DRIVER,leIfListHead)))
  282. {
  283. if(!ReadMemory(dwCurrentList,&leList,sizeof(LIST_ENTRY),&dwBytesRead))
  284. {
  285. dprintf("Attempted read at %x\n",dwCurrentList);
  286. READ_MEMORY_ERROR;
  287. return;
  288. }
  290. CHECK_SIZE(dwBytesRead,sizeof(LIST_ENTRY),bResult);
  292. if(!bResult)
  293. {
  294. return;
  295. }
  297. dwNum++;
  298. dwCurrentList = (DWORD)leList.Flink;
  299. }
  301. dprintf("Currently there are %d interfaces\n",dwNum);
  303. return;
  304. }
  307. DECLARE_API( ifbyindex )
  308. {
  309. DWORD dwNum = 0,dwBytesRead;
  310. DWORD dwCurrentList,dwIndex;
  311. PFILTER_INTERFACE pIf = NULL;
  312. FILTER_INTERFACE If;
  313. FILTER_DRIVER filter;
  314. LIST_ENTRY leList;
  315. BOOL bResult;
  317. if(args[0] is 0)
  318. {
  319. dprintf("!ipfext.ifbyindex <DWORD>\n");
  320. return;
  321. }
  323. sscanf(args,"%d",&dwIndex);
  325. dprintf("Printing interface# %d\n",dwIndex);
  327. if(!ReadFilterDriver(&filter))
  328. {
  329. return;
  330. }
  332. dwCurrentList = (DWORD)filter.leIfListHead.Flink;
  334. while(dwCurrentList isnot (g_dwFilterInfo + FIELD_OFFSET(FILTER_DRIVER,leIfListHead)))
  335. {
  336. if(!ReadMemory(dwCurrentList,&leList,sizeof(LIST_ENTRY),&dwBytesRead))
  337. {
  338. dprintf("Attempted read at %x\n",dwCurrentList);
  339. READ_MEMORY_ERROR;
  340. return;
  341. }
  343. CHECK_SIZE(dwBytesRead,sizeof(LIST_ENTRY),bResult);
  345. if(!bResult)
  346. {
  347. return;
  348. }
  350. dwNum++;
  351. if(dwNum is dwIndex)
  352. {
  353. pIf = CONTAINING_RECORD((PLIST_ENTRY)dwCurrentList,FILTER_INTERFACE,leIfLink);
  354. break;
  355. }
  357. dwCurrentList = (DWORD)leList.Flink;
  358. }
  360. if(pIf is NULL)
  361. {
  362. dprintf("Interface not found\n");
  363. return;
  364. }
  366. if(!ReadMemory((DWORD)pIf,&If,sizeof(FILTER_INTERFACE),&dwBytesRead))
  367. {
  368. dprintf("Attempted read at %x\n",(DWORD)pIf);
  369. READ_MEMORY_ERROR;
  370. return;
  371. }
  373. CHECK_SIZE(dwBytesRead,sizeof(FILTER_INTERFACE),bResult);
  374. if(!bResult)
  375. {
  376. return;
  377. }
  379. dprintf("Address of Interface:\t%x\n",pIf);
  380. dprintf("Next Interface at:\t%x\n",If.leIfLink);
  381. dprintf("Number Input Filters:\t%d\n",If.dwNumInFilters);
  382. dprintf("Number Output Filters:\t%d\n",If.dwNumOutFilters);
  383. dprintf("Input action:\t%s\n",(If.eaInAction is DROP)?"DROP":"FORWARD");
  384. dprintf("Output action:\t%s\n",(If.eaOutAction is DROP)?"DROP":"FORWARD");
  385. dprintf("Router Manager Context:\t%x\n",If.pvRtrMgrContext);
  386. dprintf("Router Manager Index:\t%d\n",If.dwRtrMgrIndex);
  388. return;
  389. }
  391. DECLARE_API( ifbyaddr )
  392. {
  393. DWORD pIf;
  394. FILTER_INTERFACE If;
  395. DWORD dwBytesRead;
  396. BOOL bResult;
  398. if(args[0] is 0)
  399. {
  400. dprintf("!ipfext.ifbyaddr <DWORD>\n");
  401. return;
  402. }
  404. sscanf(args,"%lx",&pIf);
  406. dprintf("Printing interface at %x\n",pIf);
  408. if(!ReadMemory(pIf,&If,sizeof(FILTER_INTERFACE),&dwBytesRead))
  409. {
  410. dprintf("Attempted read at %x\n",pIf);
  411. READ_MEMORY_ERROR;
  412. return;
  413. }
  415. CHECK_SIZE(dwBytesRead,sizeof(FILTER_INTERFACE),bResult);
  417. if(!bResult)
  418. {
  419. return;
  420. }
  422. dprintf("Next Interface at:\t%x\n",If.leIfLink);
  423. dprintf("Number Input Filters:\t%d\n",If.dwNumInFilters);
  424. dprintf("Number Output Filters:\t%d\n",If.dwNumOutFilters);
  425. dprintf("Input action:\t%s\n",(If.eaInAction is DROP)?"DROP":"FORWARD");
  426. dprintf("Output action:\t%s\n",(If.eaOutAction is DROP)?"DROP":"FORWARD");
  427. dprintf("Router Manager Context:\t%x\n",If.pvRtrMgrContext);
  428. dprintf("Router Manager Index:\t%d\n",If.dwRtrMgrIndex);
  430. return;
  431. }
  433. DECLARE_API( ifenuminit )
  434. {
  435. FILTER_DRIVER filter;
  437. g_dwIfLink = 0;
  439. if(!ReadFilterDriver(&filter))
  440. {
  441. return;
  442. }
  444. if(filter.leIfListHead.Flink is (PLIST_ENTRY)(g_dwFilterInfo +
  445. FIELD_OFFSET(FILTER_DRIVER,leIfListHead)))
  446. {
  447. dprintf("No interfaces\n");
  448. return;
  449. }
  451. g_dwIfLink = (DWORD)filter.leIfListHead.Flink;
  453. dprintf("Enumerator Initialized\n");
  455. return;
  456. }
  458. DECLARE_API( nextif )
  459. {
  460. PFILTER_INTERFACE pIf;
  461. FILTER_INTERFACE If;
  462. BOOL bResult;
  463. DWORD dwBytesRead;
  465. if(g_dwIfLink is 0)
  466. {
  467. dprintf("Enumerator not initialized");
  468. return;
  469. }
  471. if(g_dwIfLink is (g_dwFilterInfo + FIELD_OFFSET(FILTER_DRIVER,leIfListHead)))
  472. {
  473. dprintf("No more interfaces to enumerate\n");
  474. return;
  475. }
  477. pIf = CONTAINING_RECORD((PLIST_ENTRY)g_dwIfLink,FILTER_INTERFACE,leIfLink);
  479. if(!ReadMemory((DWORD)pIf,&If,sizeof(FILTER_INTERFACE),&dwBytesRead))
  480. {
  481. dprintf("Attempted read at %x\n",(DWORD)pIf);
  482. READ_MEMORY_ERROR;
  483. return;
  484. }
  486. CHECK_SIZE(dwBytesRead,sizeof(FILTER_INTERFACE),bResult);
  488. if(!bResult)
  489. {
  490. return;
  491. }
  493. dprintf("Address of Interface:\t%x\n",pIf);
  494. dprintf("Next Interface at:\t%x\n",If.leIfLink);
  495. dprintf("Number Input Filters:\t%d\n",If.dwNumInFilters);
  496. dprintf("Number Output Filters:\t%d\n",If.dwNumOutFilters);
  497. dprintf("Input action:\t%s\n",(If.eaInAction is DROP)?"DROP":"FORWARD");
  498. dprintf("Output action:\t%s\n",(If.eaOutAction is DROP)?"DROP":"FORWARD");
  499. dprintf("Router Manager Context:\t%x\n",If.pvRtrMgrContext);
  500. dprintf("Router Manager Index:\t%d\n",If.dwRtrMgrIndex);
  502. g_dwIfLink = (DWORD)If.leIfLink.Flink;
  504. return;
  505. }
  507. DECLARE_API( printcache )
  508. {
  509. struct in_addr addr;
  510. BYTE bIpAddr1[20], bIpAddr2[20];
  511. FILTER_DRIVER filter;
  512. DWORD dwBytesRead;
  513. FILTER_INCACHE inCache;
  514. FILTER_OUTCACHE outCache;
  515. DWORD dwIndex;
  517. if(args[0] is 0)
  518. {
  519. dprintf("!ipfext.printcache <DWORD>\n");
  520. return;
  521. }
  523. sscanf(args,"%d",&dwIndex);
  525. if(dwIndex >= g_dwCacheSize)
  526. {
  527. printf("Cache size is %\n",g_dwCacheSize);
  528. return;
  529. }
  531. if(!ReadCache(dwIndex,&inCache,&outCache))
  532. {
  533. return;
  534. }
  536. dprintf("In Cache for Bucket %d\n",dwIndex);
  538. addr.s_addr = inCache.uliSrcDstAddr.LowPart;
  539. strcpy(bIpAddr1,inet_ntoa(addr));
  540. addr.s_addr = inCache.uliSrcDstAddr.HighPart;
  541. strcpy(bIpAddr2,inet_ntoa(addr));
  543. dprintf("Addr - Source:\t%s\tDest:\t%d\n",bIpAddr1,bIpAddr2);
  544. dprintf("Protocol:\t%d\n",inCache.uliProtoSrcDstPort.LowPart);
  545. dprintf("Port - Source:\t%hd\tDest:\t%hd\n",
  546. LOWORD(inCache.uliProtoSrcDstPort.HighPart),
  547. HIWORD(inCache.uliProtoSrcDstPort.HighPart));
  548. dprintf("Context - In:\t%x\tOut:\t%x\n",
  549. inCache.pInContext,
  550. inCache.pOutContext);
  551. dprintf("Action - In:\t%s\tOut:\t%s\n",
  552. ((inCache.eaInAction is DROP)?"DROP":"FORWARD"),
  553. ((inCache.eaOutAction is DROP)?"DROP":"FORWARD"));
  555. dprintf("Out Cache for Bucket %d\n",dwIndex);
  557. addr.s_addr = outCache.uliSrcDstAddr.LowPart;
  558. strcpy(bIpAddr1,inet_ntoa(addr));
  559. addr.s_addr = outCache.uliSrcDstAddr.HighPart;
  560. strcpy(bIpAddr2,inet_ntoa(addr));
  562. dprintf("Addr - Source:\t%s\tDest:\t%d\n",bIpAddr1,bIpAddr2);
  563. dprintf("Protocol:\t%d\n",outCache.uliProtoSrcDstPort.LowPart);
  564. dprintf("Port - Source:\t%hd\tDest:\t%hd\n",
  565. LOWORD(outCache.uliProtoSrcDstPort.HighPart),
  566. HIWORD(outCache.uliProtoSrcDstPort.HighPart));
  567. dprintf("Context:\t%x\n",outCache.pOutContext);
  568. dprintf("Action:\t%s\n",((outCache.eaOutAction is DROP)?"DROP":"FORWARD"));
  570. return;
  571. }
  573. DECLARE_API( cachesize )
  574. {
  575. dprintf("Cache size is %d\n",g_dwCacheSize);
  576. return;
  577. }
  580. DECLARE_API( printpacket )
  581. {
  582. DWORD dwHdrAddr,dwBytesRead,i,j,k;
  583. BYTE pPacket[sizeof(IPHeader)+2*sizeof(DWORD)];
  584. BOOL bResult;
  586. if(args[0] is 0)
  587. {
  588. dprintf("!ipfext.printpacket <DWORD>\n");
  589. return;
  590. }
  592. sscanf(args,"%lx",&dwHdrAddr);
  594. if(!ReadMemory(dwHdrAddr,pPacket,sizeof(IPHeader)+2*sizeof(DWORD),&dwBytesRead))
  595. {
  596. dprintf("Attempted read at %x\n",dwHdrAddr);
  597. READ_MEMORY_ERROR;
  598. return;
  599. }
  601. CHECK_SIZE(dwBytesRead,sizeof(IPHeader)+2*sizeof(DWORD),bResult);
  603. if(!bResult)
  604. {
  605. return;
  606. }
  608. k = 0;
  610. for(i = 0; i < 5; i++)
  611. {
  612. for(j = 0; j < 4; j++)
  613. {
  614. dprintf("%02x",pPacket[k++]);
  615. }
  616. dprintf("\n");
  617. }
  619. dprintf("--Data--\n");
  620. dprintf("%02x%02x%02x%02x\n",pPacket[k],pPacket[k+1],pPacket[k+2],pPacket[k+3]);
  622. return;
  623. }
  625. DECLARE_API( filterenuminit )
  626. {
  627. DWORD pIf;
  628. DWORD dwBytesRead;
  629. BOOL bResult;
  631. if(args[0] is 0)
  632. {
  633. dprintf("!ipfext.filterenuminit <DWORD>\n");
  634. return;
  635. }
  637. sscanf(args,"%lx",&pIf);
  639. dprintf("Enum for interface at %x\n",pIf);
  641. g_dwInIndex = g_dwOutIndex = 0;
  643. if(!ReadMemory(pIf,&g_if,sizeof(FILTER_INTERFACE),&dwBytesRead))
  644. {
  645. dprintf("Attempted read at %x\n",pIf);
  646. READ_MEMORY_ERROR;
  647. return;
  648. }
  650. CHECK_SIZE(dwBytesRead,sizeof(FILTER_INTERFACE),bResult);
  652. if(!bResult)
  653. {
  654. return;
  655. }
  657. dprintf("Enumerator Initialized\n");
  659. return;
  660. }
  662. DECLARE_API( nextinfilter )
  663. {
  664. struct in_addr addr;
  665. BYTE bIpAddr1[20], bIpAddr2[20];
  666. FILTER inFilter;
  668. if(g_dwInIndex >= g_if.dwNumInFilters)
  669. {
  670. dprintf("End of in filter set\n");
  671. return;
  672. }
  674. if(!ReadFilter(&g_if,g_dwInIndex,&inFilter,TRUE))
  675. {
  676. return;
  677. }
  679. addr.s_addr = inFilter.uliSrcDstAddr.LowPart;
  680. strcpy(bIpAddr1,inet_ntoa(addr));
  681. addr.s_addr = inFilter.uliSrcDstAddr.HighPart;
  682. strcpy(bIpAddr2,inet_ntoa(addr));
  684. dprintf("Addr - Source:\t%s\t\tDest:\t%d\n",bIpAddr1,bIpAddr2);
  686. addr.s_addr = inFilter.uliSrcDstMask.LowPart;
  687. strcpy(bIpAddr1,inet_ntoa(addr));
  688. addr.s_addr = inFilter.uliSrcDstMask.HighPart;
  689. strcpy(bIpAddr2,inet_ntoa(addr));
  691. dprintf("Mask - Source:\t%s\t\tDest:\t%d\n",bIpAddr1,bIpAddr2);
  692. dprintf("Protocol:\t%d\n",inFilter.uliProtoSrcDstPort.LowPart);
  693. dprintf("Port - Source:\t%hd\tDest:\t%hd\n",
  694. LOWORD(inFilter.uliProtoSrcDstPort.HighPart),
  695. HIWORD(inFilter.uliProtoSrcDstPort.HighPart));
  697. dprintf("Protocol Mask:\t%x\n",inFilter.uliProtoSrcDstMask.LowPart);
  698. dprintf("Port Mask:\t%x\n",inFilter.uliProtoSrcDstMask.HighPart);
  700. g_dwInIndex++;
  702. return;
  703. }
  705. DECLARE_API( nextoutfilter )
  706. {
  707. struct in_addr addr;
  708. BYTE bIpAddr1[20], bIpAddr2[20];
  709. FILTER outFilter;
  711. if(g_dwOutIndex >= g_if.dwNumOutFilters)
  712. {
  713. dprintf("End of out filter set\n");
  714. return;
  715. }
  717. if(!ReadFilter(&g_if,g_dwOutIndex,&outFilter,FALSE))
  718. {
  719. return;
  720. }
  722. addr.s_addr = outFilter.uliSrcDstAddr.LowPart;
  723. strcpy(bIpAddr1,inet_ntoa(addr));
  724. addr.s_addr = outFilter.uliSrcDstAddr.HighPart;
  725. strcpy(bIpAddr2,inet_ntoa(addr));
  727. dprintf("Addr - Source:\t%s\tDest:\t%d\n",bIpAddr1,bIpAddr2);
  729. addr.s_addr = outFilter.uliSrcDstMask.LowPart;
  730. strcpy(bIpAddr1,inet_ntoa(addr));
  731. addr.s_addr = outFilter.uliSrcDstMask.HighPart;
  732. strcpy(bIpAddr2,inet_ntoa(addr));
  734. dprintf("Mask - Source:\t%s\tDest:\t%d\n",bIpAddr1,bIpAddr2);
  737. dprintf("Protocol:\t%d\n",outFilter.uliProtoSrcDstPort.LowPart);
  738. dprintf("Port - Source:\t%hd\tDest:\t%hd\n",
  739. LOWORD(outFilter.uliProtoSrcDstPort.HighPart),
  740. HIWORD(outFilter.uliProtoSrcDstPort.HighPart));
  742. dprintf("Protocol Mask:\t%x\n",outFilter.uliProtoSrcDstMask.LowPart);
  743. dprintf("Port Mask:\t%x\n",outFilter.uliProtoSrcDstMask.HighPart);
  745. g_dwOutIndex++;
  747. return;
  748. }
  750. BOOL
  751. ReadCache(
  752. DWORD dwIndex,
  753. PFILTER_INCACHE pInCache,
  754. PFILTER_OUTCACHE pOutCache
  755. )
  756. {
  757. FILTER_DRIVER filter;
  758. DWORD dwCacheAddr,dwCacheAddrAddr;
  759. DWORD dwBytesRead;
  760. BOOL bResult;
  762. if(!ReadFilterDriver(&filter))
  763. {
  764. return FALSE;
  765. }
  767. dwCacheAddrAddr = (DWORD)(filter.pInCache) + (dwIndex * sizeof(PFILTER_INCACHE));
  769. if(!ReadMemory(dwCacheAddrAddr,&dwCacheAddr,sizeof(DWORD),&dwBytesRead))
  770. {
  771. dprintf("Attempted read at %x\n",dwCacheAddrAddr);
  772. READ_MEMORY_ERROR;
  773. return FALSE;
  774. }
  776. CHECK_SIZE(dwBytesRead,sizeof(DWORD),bResult);
  778. if(!bResult)
  779. {
  780. return FALSE;
  781. }
  783. if(!ReadMemory(dwCacheAddr,pInCache,sizeof(FILTER_INCACHE),&dwBytesRead))
  784. {
  785. dprintf("Attempted read at %x\n",dwCacheAddr);
  786. READ_MEMORY_ERROR;
  787. return FALSE;
  788. }
  790. CHECK_SIZE(dwBytesRead,sizeof(FILTER_INCACHE),bResult);
  792. if(!bResult)
  793. {
  794. return FALSE;
  795. }
  797. dwCacheAddrAddr = (DWORD)(filter.pOutCache) + (dwIndex * sizeof(PFILTER_OUTCACHE));
  799. if(!ReadMemory(dwCacheAddrAddr,&dwCacheAddr,sizeof(DWORD),&dwBytesRead))
  800. {
  801. dprintf("Attempted read at %x\n",dwCacheAddrAddr);
  802. READ_MEMORY_ERROR;
  803. return FALSE;
  804. }
  806. CHECK_SIZE(dwBytesRead,sizeof(DWORD),bResult);
  808. if(!bResult)
  809. {
  810. return FALSE;
  811. }
  813. if(!ReadMemory(dwCacheAddr,pOutCache,sizeof(FILTER_OUTCACHE),&dwBytesRead))
  814. {
  815. dprintf("Attempted read at %x\n",dwCacheAddr);
  816. READ_MEMORY_ERROR;
  817. return FALSE;
  818. }
  820. CHECK_SIZE(dwBytesRead,sizeof(FILTER_OUTCACHE),bResult);
  822. if(!bResult)
  823. {
  824. return FALSE;
  825. }
  827. return TRUE;
  828. }
  831. BOOL
  832. ReadFilterDriver(
  833. PFILTER_DRIVER pIf
  834. )
  835. {
  836. DWORD dwBytesRead;
  837. BOOL bResult;
  839. if(!ReadMemory(g_dwFilterInfo,pIf,sizeof(FILTER_DRIVER),&dwBytesRead))
  840. {
  841. dprintf("Attempted read at %x\n",g_dwFilterInfo);
  842. READ_MEMORY_ERROR;
  843. return FALSE;
  844. }
  846. CHECK_SIZE(dwBytesRead,sizeof(FILTER_DRIVER),bResult);
  848. if(!bResult)
  849. {
  850. return FALSE;
  851. }
  853. return TRUE;
  854. }
  856. BOOL
  857. ReadFilter(
  858. PFILTER_INTERFACE pIf,
  859. DWORD dwIndex,
  860. PFILTER pFilter,
  861. BOOL bInFilter
  862. )
  863. {
  864. DWORD dwFilterAddr;
  865. DWORD dwBytesRead;
  866. BOOL bResult;
  868. if(bInFilter)
  869. {
  870. dwFilterAddr = (DWORD)(pIf->pInFilterSet) + (dwIndex * sizeof(FILTER));
  871. }
  872. else
  873. {
  874. dwFilterAddr = (DWORD)(pIf->pOutFilterSet) + (dwIndex * sizeof(FILTER));
  875. }
  877. if(!ReadMemory(dwFilterAddr,pFilter,sizeof(FILTER),&dwBytesRead))
  878. {
  879. dprintf("Attempted read at %x\n",dwFilterAddr);
  880. READ_MEMORY_ERROR;
  881. return FALSE;
  882. }
  884. CHECK_SIZE(dwBytesRead,sizeof(FILTER),bResult);
  886. if(!bResult)
  887. {
  888. return FALSE;
  889. }
  891. return TRUE;
  892. }