00001 /* 00002 * Copyright (c) 1999, 2000 00003 * Politecnico di Torino. All rights reserved. 00004 * 00005 * Redistribution and use in source and binary forms, with or without 00006 * modification, are permitted provided that: (1) source code distributions 00007 * retain the above copyright notice and this paragraph in its entirety, (2) 00008 * distributions including binary code include the above copyright notice and 00009 * this paragraph in its entirety in the documentation or other materials 00010 * provided with the distribution, and (3) all advertising materials mentioning 00011 * features or use of this software display the following acknowledgement: 00012 * ``This product includes software developed by the Politecnico 00013 * di Torino, and its contributors.'' Neither the name of 00014 * the University nor the names of its contributors may be used to endorse 00015 * or promote products derived from this software without specific prior 00016 * written permission. 00017 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 00018 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 00019 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 00020 */ 00021 00022 /** @ingroup packetapi 00023 * @{ 00024 */ 00025 00026 /** @defgroup packet32h Definitions and data structures 00027 * Packet32.h contains the data structures and the definitions used by packet.dll. 00028 * The file is used both by the Win9x and the WinNTx versions of packet.dll, and can be included 00029 * by the applications that use the functions of this library 00030 * @{ 00031 */ 00032 00033 #ifndef __PACKET32 00034 #define __PACKET32 00035 00036 #include <winsock2.h> 00037 #include "devioctl.h" 00038 00039 // Working modes 00040 #define PACKET_MODE_CAPT 0x0 ///< Capture mode 00041 #define PACKET_MODE_STAT 0x1 ///< Statistical mode 00042 #define PACKET_MODE_DUMP 0x10 ///< Dump mode 00043 #define PACKET_MODE_STAT_DUMP MODE_DUMP | MODE_STAT ///< Statistical dump Mode 00044 00045 // ioctls 00046 #define FILE_DEVICE_PROTOCOL 0x8000 00047 00048 #define IOCTL_PROTOCOL_STATISTICS CTL_CODE(FILE_DEVICE_PROTOCOL, 2 , METHOD_BUFFERED, FILE_ANY_ACCESS) 00049 #define IOCTL_PROTOCOL_RESET CTL_CODE(FILE_DEVICE_PROTOCOL, 3 , METHOD_BUFFERED, FILE_ANY_ACCESS) 00050 #define IOCTL_PROTOCOL_READ CTL_CODE(FILE_DEVICE_PROTOCOL, 4 , METHOD_BUFFERED, FILE_ANY_ACCESS) 00051 #define IOCTL_PROTOCOL_WRITE CTL_CODE(FILE_DEVICE_PROTOCOL, 5 , METHOD_BUFFERED, FILE_ANY_ACCESS) 00052 #define IOCTL_PROTOCOL_MACNAME CTL_CODE(FILE_DEVICE_PROTOCOL, 6 , METHOD_BUFFERED, FILE_ANY_ACCESS) 00053 #define IOCTL_OPEN CTL_CODE(FILE_DEVICE_PROTOCOL, 7 , METHOD_BUFFERED, FILE_ANY_ACCESS) 00054 #define IOCTL_CLOSE CTL_CODE(FILE_DEVICE_PROTOCOL, 8 , METHOD_BUFFERED, FILE_ANY_ACCESS) 00055 00056 #define pBIOCSETBUFFERSIZE 9592 00057 #define pBIOCSETF 9030 00058 #define pBIOCGSTATS 9031 00059 #define pBIOCSRTIMEOUT 7416 00060 #define pBIOCSMODE 7412 00061 #define pBIOCSWRITEREP 7413 00062 #define pBIOCSMINTOCOPY 7414 00063 #define pBIOCSETOID 2147483648 00064 #define pBIOCQUERYOID 2147483652 00065 #define pATTACHPROCESS 7117 00066 #define pDETACHPROCESS 7118 00067 #define pBIOCSETDUMPFILENAME 9029 00068 #define pBIOCEVNAME 7415 00069 00070 #define pBIOCSTIMEZONE 7471 00071 00072 // Alignment macros. Packet_WORDALIGN rounds up to the next 00073 // even multiple of Packet_ALIGNMENT. 00074 #define Packet_ALIGNMENT sizeof(int) 00075 #define Packet_WORDALIGN(x) (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1)) 00076 00077 /*! 00078 \brief Network type structure. 00079 00080 This structure is used by the PacketGetNetType() function to return information on the current adapter's type and speed. 00081 */ 00082 typedef struct NetType 00083 { 00084 UINT LinkType; ///< The MAC of the current network adapter (see function PacketGetNetType() for more information) 00085 UINT LinkSpeed; ///< The speed of the network in bits per second 00086 }NetType; 00087 00088 00089 //some definitions stolen from libpcap 00090 00091 #ifndef BPF_MAJOR_VERSION 00092 00093 /*! 00094 \brief A BPF pseudo-assembly program. 00095 00096 The program will be injected in the kernel by the PacketSetBPF() function and applied to every incoming packet. 00097 */ 00098 struct bpf_program { 00099 UINT bf_len; ///< Indicates the number of instructions of the program, i.e. the number of struct bpf_insn that will follow. 00100 struct bpf_insn *bf_insns; ///< A pointer to the first instruction of the program. 00101 }; 00102 00103 /*! 00104 \brief A single BPF pseudo-instruction. 00105 00106 bpf_insn contains a single instruction for the BPF register-machine. It is used to send a filter program to the driver. 00107 */ 00108 struct bpf_insn { 00109 USHORT code; ///< Instruction type and addressing mode. 00110 UCHAR jt; ///< Jump if true 00111 UCHAR jf; ///< Jump if false 00112 int k; ///< Generic field used for various purposes. 00113 }; 00114 00115 /*! 00116 \brief Structure that contains a couple of statistics values on the current capture. 00117 00118 It is used by packet.dll to return statistics about a capture session. 00119 */ 00120 struct bpf_stat { 00121 UINT bs_recv; ///< Number of packets that the driver received from the network adapter 00122 ///< from the beginning of the current capture. This value includes the packets 00123 ///< lost by the driver as well. 00124 UINT bs_drop; ///< number of packets that the driver lost from the beginning of a capture. 00125 ///< Basically, a packet is lost when the the buffer of the driver is full. 00126 ///< In this situation the packet cannot be stored and the driver rejects it. 00127 }; 00128 00129 /*! 00130 \brief Packet header. 00131 00132 This structure defines the header associated with every packet delivered to the application. 00133 */ 00134 struct bpf_hdr { 00135 struct timeval bh_tstamp; ///< The timestamp associated with the captured packet. 00136 ///< It is stored in a TimeVal structure. 00137 UINT bh_caplen; ///< Length of captured portion. The captured portion <b>can be different</b> 00138 ///< from the original packet, because it is possible (with a proper filter) 00139 ///< to instruct the driver to capture only a portion of the packets. 00140 UINT bh_datalen; ///< Original length of packet 00141 USHORT bh_hdrlen; ///< Length of bpf header (this struct plus alignment padding). In some cases, 00142 ///< a padding could be added between the end of this structure and the packet 00143 ///< data for performance reasons. This filed can be used to retrieve the actual data 00144 ///< of the packet. 00145 }; 00146 00147 #endif 00148 00149 #define DOSNAMEPREFIX TEXT("Packet_") 00150 #define MAX_LINK_NAME_LENGTH 64 00151 #define NMAX_PACKET 65535 00152 00153 /*! 00154 \brief Describes a network adapter. 00155 00156 This structure is the most important for the functioning of packet.dll, but the great part of its fields 00157 should be ignored by the user, since the library offers functions that avoid to cope with low-level parameters 00158 */ 00159 typedef struct _ADAPTER { 00160 HANDLE hFile; ///< \internal Handle to an open instance of the NPF driver. 00161 TCHAR SymbolicLink[MAX_LINK_NAME_LENGTH]; ///< \internal A string containing the name of the network adapter currently opened. 00162 int NumWrites; ///< \internal Number of times a packets written on this adapter will be repeated 00163 ///< on the wire. 00164 HANDLE ReadEvent; ///< A notification event associated with the read calls on the adapter. 00165 ///< It can be passed to standard Win32 functions (like WaitForSingleObject 00166 ///< or WaitForMultipleObjects) to wait until the driver's buffer contains some 00167 ///< data. It is particularly useful in GUI applications that need to wait 00168 ///< concurrently on several events. In Windows NT/2000 the PacketSetMinToCopy() 00169 ///< function can be used to define the minimum amount of data in the kernel buffer 00170 ///< that will cause the event to be signalled. 00171 00172 UINT ReadTimeOut; ///< \internal The amount of time after which a read on the driver will be released and 00173 ///< ReadEvent will be signaled, also if no packets were captured 00174 } ADAPTER, *LPADAPTER; 00175 00176 /*! 00177 \brief Structure that contains a group of packets coming from the driver. 00178 00179 This structure defines the header associated with every packet delivered to the application. 00180 */ 00181 typedef struct _PACKET { 00182 HANDLE hEvent; ///< \deprecated Still present for compatibility with old applications. 00183 OVERLAPPED OverLapped; ///< \deprecated Still present for compatibility with old applications. 00184 PVOID Buffer; ///< Buffer with containing the packets. See the PacketReceivePacket() for 00185 ///< details about the organization of the data in this buffer 00186 UINT Length; ///< Length of the buffer 00187 UINT ulBytesReceived; ///< Number of valid bytes present in the buffer, i.e. amount of data 00188 ///< received by the last call to PacketReceivePacket() 00189 BOOLEAN bIoComplete; ///< \deprecated Still present for compatibility with old applications. 00190 } PACKET, *LPPACKET; 00191 00192 /*! 00193 \brief Structure containing an OID request. 00194 00195 It is used by the PacketRequest() function to send an OID to the interface card driver. 00196 It can be used, for example, to retrieve the status of the error counters on the adapter, its MAC address, 00197 the list of the multicast groups defined on it, and so on. 00198 */ 00199 struct _PACKET_OID_DATA { 00200 ULONG Oid; ///< OID code. See the Microsoft DDK documentation or the file ntddndis.h 00201 ///< for a complete list of valid codes. 00202 ULONG Length; ///< Length of the data field 00203 UCHAR Data[1]; ///< variable-lenght field that contains the information passed to or received 00204 ///< from the adapter. 00205 }; 00206 typedef struct _PACKET_OID_DATA PACKET_OID_DATA, *PPACKET_OID_DATA; 00207 00208 /*! 00209 \brief Addresses of a network adapter. 00210 00211 This structure is used by the PacketGetNetInfoEx() function to return the IP addresses associated with 00212 an adapter. 00213 */ 00214 typedef struct npf_if_addr { 00215 struct sockaddr IPAddress; ///< IP address. 00216 struct sockaddr SubnetMask; ///< Netmask for that address. 00217 struct sockaddr Broadcast; ///< Broadcast address. 00218 }npf_if_addr; 00219 00220 #ifdef __cplusplus 00221 extern "C" { 00222 #endif 00223 00224 //--------------------------------------------------------------------------- 00225 // FUNCTIONS 00226 //--------------------------------------------------------------------------- 00227 00228 PCHAR PacketGetVersion(); 00229 BOOLEAN PacketSetMinToCopy(LPADAPTER AdapterObject,int nbytes); 00230 BOOLEAN PacketSetNumWrites(LPADAPTER AdapterObject,int nwrites); 00231 BOOLEAN PacketSetMode(LPADAPTER AdapterObject,int mode); 00232 BOOLEAN PacketSetReadTimeout(LPADAPTER AdapterObject,int timeout); 00233 BOOLEAN PacketSetBpf(LPADAPTER AdapterObject,struct bpf_program *fp); 00234 BOOLEAN PacketGetStats(LPADAPTER AdapterObject,struct bpf_stat *s); 00235 BOOLEAN PacketSetBuff(LPADAPTER AdapterObject,int dim); 00236 BOOLEAN PacketGetNetType (LPADAPTER AdapterObject,NetType *type); 00237 LPADAPTER PacketOpenAdapter(LPTSTR AdapterName); 00238 BOOLEAN PacketSendPacket(LPADAPTER AdapterObject,LPPACKET pPacket,BOOLEAN Sync); 00239 LPPACKET PacketAllocatePacket(void); 00240 VOID PacketInitPacket(LPPACKET lpPacket,PVOID Buffer,UINT Length); 00241 VOID PacketFreePacket(LPPACKET lpPacket); 00242 BOOLEAN PacketReceivePacket(LPADAPTER AdapterObject,LPPACKET lpPacket,BOOLEAN Sync); 00243 BOOLEAN PacketSetHwFilter(LPADAPTER AdapterObject,ULONG Filter); 00244 BOOLEAN PacketGetAdapterNames(PTSTR pStr,PULONG BufferSize); 00245 BOOLEAN PacketGetNetInfo(LPTSTR AdapterName, PULONG netp, PULONG maskp); 00246 BOOLEAN PacketGetNetInfoEx(LPTSTR AdapterName, npf_if_addr* buffer, PLONG NEntries); 00247 BOOLEAN PacketRequest(LPADAPTER AdapterObject,BOOLEAN Set,PPACKET_OID_DATA OidData); 00248 HANDLE PacketGetReadEvent(LPADAPTER AdapterObject); 00249 BOOLEAN PacketSetDumpName(LPADAPTER AdapterObject, void *name, int len); 00250 BOOL PacketStopDriver(); 00251 VOID PacketCloseAdapter(LPADAPTER lpAdapter); 00252 00253 #ifdef __cplusplus 00254 } 00255 #endif 00256 00257 #endif //__PACKET32
1.4.2