拦截网络数据包的方法一般有RAWSOCKET,SLP,NDIS等,具体方法与实现源码.
解决方案 »
- 怎么用标准C++将半角字符转化为全角字符??
- 怎样让对话框显示后改变大小啊
- 有没有ScrollText的源码(C++)?
- -------入门问题,马上给分!###################
- CString最大可以有多长?
- 简单问题,updatedata()问题请教,万分危急,在线等待(高分赠送!)
- 有谁知道任意多边形的面积该如何计算.
- 紧急求救:打印预览中不能显示中文怎么解决啊?是不是意味着打印出来的东西也没法显示中文???
- 100分,我们应该怎样最大限度的利用开源代码?(欢迎讨论,共利大家)
- CAtlRegExp类进行正则表达式的问题
- CDockablePane的x 关闭按钮如何去掉
- 控制其他窗口的排列问题
使用它的例子框架
1.Registering an Intermediate Driver as a Miniport
修改与以下注册句柄相关的函数
SendHandler Or SendPacketsHandler
2.Registering an Intermediate Driver as a Protocol
修改与以下注册句柄相关的函数
ReceiveHandler
ReceivePacketHandler
BindAdapterHandler
SendComleteHandler 分析不同的数据包,你可以操纵所有经过 中间层驱动程序所绑定网卡 的数据
[email protected] 谢谢!!!!
那里有NDIS的开发包,我就是基于这个开发包作出了“基于包过滤的防火墙”程序
如果只要监听,则更简单
但是代码在家里,现在没办法给你
http://www.codeproject.com/internet/tcpinfo.asp
http://www.codeguru.com/network/ipmon.html
下面有例子
Version 3.0 alpha, 09 aug 02
New features and optimizations of the NPF device driver:
JIT compiler for the BPF virtual machine
Dump to disk from kernel mode
Buffered sends
System-related optimizations (timestamps, data copies, interaction with NDIS)
further low-level optimizations
New kernel-level monitoring system, that includes extensions to the BPF interpreter.
NOTE: this feature is experimental and not yet documented
Integration with the tcpdump.org sources: it's now possible to download the libpcap source code from www.tcpdump.org and compile it inside WinPcap.
Additions to the wpcap.dll API:
pcap_findalldevs() to obtain the installed devices and their parametrs
send queues for high-speed synchronized packet injection
pcap_read_ex(), an alternative the traditional callback system of libpcap
pcap_live_dump() to save traffic dumps from kernel mode
pcap_stats_ex() that reports the number of captured packets in addition to the statistics returned by pcap_stats(). Note that a new function was created to grant backward compatibility.
New developer's pack, with the new libraries and several additional samples
New doxygen-based documentation, that covers the whole API and the internals of WinPcap. A tutorial with several browsable samples is included
Improved ACPI support: now the driver continues to work after a system hybernation
Bug fixing:
different capture instances are now globally synchronizes
rename packet.a in libpacket.a for easier usage from cygwin
removed some memory leaks in the driver. The XP driver verifier doesn't complain any more. Moreover, all the memory allocations in the driver are now tagged for easier memory leak detection.
fixed a data structure overlapping that sometimes messed up the read event under WinNTx
Corrected a wrong registry path that caused PacketGetNetInfoEx() not to work properly under WinNT4
Version 2.3, 28 mar 02
New installation applet based on Ghost installer. This should hopefully solve the large number of problems of the old Installshield version that we used previously.
Version numbers in the installation and in the binaries.
The code to retrieve the addresses of the adapters was updated, PacketGetNetInfo() was rewritten and a new function called PacketGetNetInfoEx() has been added to packet.dll.
The name of the WinPcap drivers has been changed from packet.sys/packet.vxd to npf.sys/npf.vxd. This is transparent to the applications and should avoid conflicts with other drivers.
Updates to the developer's pack, that is now based on the includes and libraries of WinPcap 2.3. Some bugs were corrected in the samples.
Bug fixing:
always start winsock during winpcap initialization
Correct use of the lookahead buffer in Packet_tap
Use of snprintf instead of sprintf in pcap-win32.c
fixed wrong memory accesses in bpf_filter_with_2_buffers()
m
www.vckbase.com
=fly by=
菲尔防火墙的源代码哪里有的免费下载?
悄悄告诉我好了:)
[email protected]
=fly by=
[email protected]
[email protected]
gz是什么意思?
我已经收藏了此帖!
[email protected]
[email protected]
谢谢!
1、替换wsock32.dll,最简单的方法,简单又实用,为何不用。
2、Api hook,至于怎么hook api,方法太多,不胜枚举。
3、Winpcap,简单实用,我的一个网络包过滤程序就是这样做出来的。
4、rawsocket,跟socket api同一级别的东西,编程简单。
5、SPI(service provider interface),用户层dll,简单实用,安装稍微麻烦一点。
6、NDIS驱动,这个估计是最麻烦的,好在微软DDK里面有现成的例子。以上所有方法我都用过,我在主页上公开了一些用这里提到的技术作出来的东西,http://www.oldworm.com谁有费尔防火墙源代码,能否给我一份?最好是2.0以上版本的,[email protected]
[email protected]
[email protected]
英雄哥哥
偶们又见面了
不知这有没有帮助
-------------------------------
=fly by=
老大,那个是广告,要钱的。我给他们写信过,竟然不肯赊账;(
-------------------------------
=fly by=
[email protected]
[email protected]
里面有你想要的东西
老大,那个是广告,要钱的。我给他们写信过,竟然不肯赊账;(______________
你居然想到赊帐 :) ,佩服.
[email protected]
我也要非尔防火墙的代码,谢谢
[email protected]
[email protected]
谢谢!