为什么不看看它的Developer's pack?里面有Demo的。 #include <windows.h> #include <stdio.h> #include <conio.h> #include "..\..\Include\packet32.h" #define SIMULTANEOU_READS 10 #define MAX_ETHERNET_FRAME_SIZE 1514#define Max_Num_Adapter 10// Prototypesvoid PrintPackets(LPPACKET lpPacket);char AdapterList[Max_Num_Adapter][1024];int main() { //define a pointer to an ADAPTER structure LPADAPTER lpAdapter = 0; //define a pointer to a PACKET structure LPPACKET lpPacket; int i; DWORD dwErrorCode; DWORD dwVersion; DWORD dwWindowsMajorVersion; //unicode strings (winnt) WCHAR AdapterName[512]; // string that contains a list of the network adapters WCHAR *temp,*temp1; //ascii strings (win95) char AdapterNamea[512]; // string that contains a list of the network adapters char *tempa,*temp1a; int AdapterNum=0,Open; ULONG AdapterLength;
char *buffer[256000]; // buffer to hold the data coming from the driver struct bpf_stat stat;
// obtain the name of the adapters installed on this machine AdapterLength=512;
printf("Adapters installed:\n"); i=0; // the data returned by PacketGetAdapterNames is different in Win95 and in WinNT. // We have to check the os on which we are running dwVersion=GetVersion(); dwWindowsMajorVersion = (DWORD)(LOBYTE(LOWORD(dwVersion))); if (!(dwVersion >= 0x80000000 && dwWindowsMajorVersion >= 4)) { // Windows NT PacketGetAdapterNames(AdapterName,&AdapterLength); temp=AdapterName; temp1=AdapterName; while ((*temp!='\0')||(*(temp-1)!='\0')) { if (*temp=='\0') { memcpy(AdapterList[i],temp1,(temp-temp1)*2); temp1=temp+1; i++; }
temp++; }
AdapterNum=i; for (i=0;i<AdapterNum;i++) wprintf(L"\n%d- %s\n",i+1,AdapterList[i]); printf("\n");
} else //windows 95 { PacketGetAdapterNames(AdapterNamea,&AdapterLength); tempa=AdapterNamea; temp1a=AdapterNamea; while ((*tempa!='\0')||(*(tempa-1)!='\0')) { if (*tempa=='\0') { memcpy(AdapterList[i],temp1a,tempa-temp1a); temp1a=tempa+1; i++; } tempa++; }
AdapterNum=i; for (i=0;i<AdapterNum;i++) printf("\n%d- %s\n",i+1,AdapterList[i]); printf("\n"); } do { printf("Select the number of the adapter to open : ");scanf("%d",&Open); if (Open>AdapterNum) printf("\nThe number must be smaller than %d",AdapterNum); } while (Open>AdapterNum);
if (!lpAdapter || (lpAdapter->hFile == INVALID_HANDLE_VALUE)) { dwErrorCode=GetLastError(); printf("Unable to open the driver, Error Code : %lx\n",dwErrorCode); return(-1); } // set the network adapter in promiscuous mode
PacketSetHwFilter(lpAdapter,NDIS_PACKET_TYPE_PROMISCUOUS); // set a 512K buffer in the driver PacketSetBuff(lpAdapter,512000);
//allocate and initialize a packet structure that will be used to //receive the packets. //Notice that the user buffer is only 256K to save memory. //For best capture performances a buffer of 512K // (i.e the same size of the kernel buffer) can be used. if((lpPacket = PacketAllocatePacket())==NULL){ printf("\nError:failed to allocate the LPPACKET structure."); return (-1); } PacketInitPacket(lpPacket,(char*)buffer,256000);
// close the adapter and exit PacketCloseAdapter(lpAdapter); return (0); }// this function prints the content of a block of packets received from the drivervoid PrintPackets(LPPACKET lpPacket) { ULONG i, j, ulLines, ulen, ulBytesReceived; char *pChar, *pLine, *base; char *buf; u_int off=0; u_int tlen,tlen1; struct bpf_hdr *hdr;
#include <windows.h>
#include <stdio.h>
#include <conio.h>
#include "..\..\Include\packet32.h"
#define SIMULTANEOU_READS 10
#define MAX_ETHERNET_FRAME_SIZE 1514#define Max_Num_Adapter 10// Prototypesvoid PrintPackets(LPPACKET lpPacket);char AdapterList[Max_Num_Adapter][1024];int main()
{ //define a pointer to an ADAPTER structure LPADAPTER lpAdapter = 0; //define a pointer to a PACKET structure LPPACKET lpPacket; int i;
DWORD dwErrorCode; DWORD dwVersion;
DWORD dwWindowsMajorVersion; //unicode strings (winnt)
WCHAR AdapterName[512]; // string that contains a list of the network adapters
WCHAR *temp,*temp1; //ascii strings (win95)
char AdapterNamea[512]; // string that contains a list of the network adapters
char *tempa,*temp1a;
int AdapterNum=0,Open;
ULONG AdapterLength;
char *buffer[256000]; // buffer to hold the data coming from the driver struct bpf_stat stat;
// obtain the name of the adapters installed on this machine
AdapterLength=512;
printf("Adapters installed:\n");
i=0; // the data returned by PacketGetAdapterNames is different in Win95 and in WinNT.
// We have to check the os on which we are running
dwVersion=GetVersion();
dwWindowsMajorVersion = (DWORD)(LOBYTE(LOWORD(dwVersion)));
if (!(dwVersion >= 0x80000000 && dwWindowsMajorVersion >= 4))
{ // Windows NT
PacketGetAdapterNames(AdapterName,&AdapterLength);
temp=AdapterName;
temp1=AdapterName;
while ((*temp!='\0')||(*(temp-1)!='\0'))
{
if (*temp=='\0')
{
memcpy(AdapterList[i],temp1,(temp-temp1)*2);
temp1=temp+1;
i++;
}
temp++;
}
AdapterNum=i;
for (i=0;i<AdapterNum;i++)
wprintf(L"\n%d- %s\n",i+1,AdapterList[i]);
printf("\n");
} else //windows 95
{
PacketGetAdapterNames(AdapterNamea,&AdapterLength);
tempa=AdapterNamea;
temp1a=AdapterNamea; while ((*tempa!='\0')||(*(tempa-1)!='\0'))
{
if (*tempa=='\0')
{
memcpy(AdapterList[i],temp1a,tempa-temp1a);
temp1a=tempa+1;
i++;
}
tempa++;
}
AdapterNum=i;
for (i=0;i<AdapterNum;i++)
printf("\n%d- %s\n",i+1,AdapterList[i]);
printf("\n"); } do
{
printf("Select the number of the adapter to open : ");scanf("%d",&Open);
if (Open>AdapterNum) printf("\nThe number must be smaller than %d",AdapterNum);
} while (Open>AdapterNum);
lpAdapter = PacketOpenAdapter(AdapterList[Open-1]);
if (!lpAdapter || (lpAdapter->hFile == INVALID_HANDLE_VALUE))
{
dwErrorCode=GetLastError();
printf("Unable to open the driver, Error Code : %lx\n",dwErrorCode); return(-1);
} // set the network adapter in promiscuous mode
PacketSetHwFilter(lpAdapter,NDIS_PACKET_TYPE_PROMISCUOUS); // set a 512K buffer in the driver PacketSetBuff(lpAdapter,512000);
//allocate and initialize a packet structure that will be used to
//receive the packets.
//Notice that the user buffer is only 256K to save memory.
//For best capture performances a buffer of 512K
// (i.e the same size of the kernel buffer) can be used.
if((lpPacket = PacketAllocatePacket())==NULL){
printf("\nError:failed to allocate the LPPACKET structure.");
return (-1);
}
PacketInitPacket(lpPacket,(char*)buffer,256000);
//main capture loop
while(!kbhit())
{
// capture the packets
if(PacketReceivePacket(lpAdapter,lpPacket,TRUE)==FALSE){
printf("Error: PacketReceivePacket failed");
return (-1);
} PrintPackets(lpPacket);
}
//print the capture statistics
PacketGetStats(lpAdapter,&stat);
printf("\n\n%d packets received.\n%d Packets lost",stat.bs_recv,stat.bs_drop); PacketFreePacket(lpPacket);
// close the adapter and exit PacketCloseAdapter(lpAdapter);
return (0);
}// this function prints the content of a block of packets received from the drivervoid PrintPackets(LPPACKET lpPacket)
{ ULONG i, j, ulLines, ulen, ulBytesReceived;
char *pChar, *pLine, *base;
char *buf;
u_int off=0;
u_int tlen,tlen1;
struct bpf_hdr *hdr;
ulBytesReceived = lpPacket->ulBytesReceived;
buf = lpPacket->Buffer; off=0; while(off<ulBytesReceived){
if(kbhit())return;
hdr=(struct bpf_hdr *)(buf+off);
tlen1=hdr->bh_datalen;
tlen=hdr->bh_caplen;
printf("Packet length : %ld\n",tlen1);
off+=hdr->bh_hdrlen; ulLines = (tlen + 15) / 16;
if (ulLines > 5) ulLines=5; pChar =(char*)(buf+off);
base=pChar;
off=Packet_WORDALIGN(off+tlen1);
for ( i=0; i<ulLines; i++ )
{ pLine =pChar; printf( "%08lx : ", pChar-base ); ulen=tlen;
ulen = ( ulen > 16 ) ? 16 : ulen;
tlen -= ulen; for ( j=0; j<ulen; j++ )
printf( "%02x ", *(BYTE *)pChar++ ); if ( ulen < 16 )
printf( "%*s", (16-ulen)*3, " " ); pChar = pLine; for ( j=0; j<ulen; j++, pChar++ )
printf( "%c", isprint( *pChar ) ? *pChar : '.' ); printf( "\n" );
} printf( "\n" );
}
}