www.pudn.com > isniffer.zip > Unit1.pas
{* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Author: Jagad (don@indo.net.id)
Description: Packet Sniffer for Windows 95
Uses Snowing sofware (PACKET32.DLL and ZPACKET.VXD) made by
Sang-Eun Han (seh@brabo1.korea.ac.kr). His source code available
from http://widecomm.korea.ac.kr/~seh).
Some updates by francois.piette@pophost.eunet.be (see history)
History:
May 17, 1999 FPiette Selected first adapter on startup
Adapted for MacAddr as PChar
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *}
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs,
StdCtrls, Ingusclass, Protohdr, IngusPacket;
type
TForm1 = class(TForm)
ComboBox1: TComboBox;
Memo1: TMemo;
Button1: TButton;
Button2: TButton;
procedure FormCreate(Sender: TObject);
procedure FormDestroy(Sender: TObject);
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
private
{ Private declarations }
sIngus: TIngusSniffer;
public
{ Public declarations }
procedure OnParsePacketHandle( nPacketSeq: Longint; uBuffer: PChar;
nRecvBytes: integer; sPacket: TIngusPacketBase );
procedure OnAfterGetAdapterDesc(bStatus: Boolean; sAdapterDesc: string);
procedure OnAfterGetMacAddress(bStatus: Boolean; pMacAddr: PChar);
end;
var
Form1: TForm1;
implementation
{$R *.DFM}
procedure TForm1.FormCreate(Sender: TObject);
begin
sIngus := TIngusSniffer.Create;
sIngus.OnParsePacket := OnParsePacketHandle;
sIngus.OnAfterGetAdapterDesc := OnAfterGetAdapterDesc;
sIngus.OnAfterGetMacAddress := OnAfterGetMacAddress;
ComboBox1.Items.Assign(sIngus.AdapterNameList);
ComboBox1.ItemIndex := 0; // Fp May 17, 1999
end;
procedure TForm1.FormDestroy(Sender: TObject);
begin
sIngus.Free;
end;
procedure TForm1.OnParsePacketHandle( nPacketSeq: Longint; uBuffer: PChar;
nRecvBytes: integer; sPacket:
TIngusPacketBase );
var
sMacAddr: string;
//pIPHdr: PIP_RHDR;
sIpPacket: TIngusIPPacket;
sIcmpPacket: TIngusICMPPacket;
sTCPPacket: TIngusTCPPacket;
nSrcPort, nDestPort: integer;
begin
if sPacket.EthernetProtocol <> PROTO_IP then exit;
sIPPacket := TIngusIPPacket(sPacket);
// FPiette May 17, 1999
sMacAddr := Format( '**Mac address: %.2X:%.2X:%.2X:%.2X:%.2X:%.2X',
[ UCHAR(sIngus.MacAddr[0]), UCHAR(sIngus.MacAddr[1]),
UCHAR(sIngus.MacAddr[2]), UCHAR(sIngus.MacAddr[3]),
UCHAR(sIngus.MacAddr[4]), UCHAR(sIngus.MacAddr[5]) ] );
Memo1.Lines.Add('');
Memo1.Lines.Add(IntToStr(nPacketSeq));
Memo1.Lines.Add(sMacAddr);
Memo1.Lines.Add(Format('Source: %u.%u.%u.%u', [ UCHAR(sIPPacket.IPSourceAddr^),
UCHAR((sIPPacket.IPSourceAddr+1)^),
UCHAR((sIPPacket.IPSourceAddr+2)^),
UCHAR((sIPPacket.IPSourceAddr+3)^) ]));
Memo1.Lines.Add(Format('Destination: %u.%u.%u.%u', [ UCHAR((sIPPacket.IPDestAddr)^),
UCHAR((sIPPacket.IPDestAddr+1)^),
UCHAR((sIPPacket.IPDestAddr+2)^),
UCHAR((sIPPacket.IPDestAddr+3)^) ]));
//pIPHdr := PIP_RHDR(sPacket.Data);
//case pIPHdr^.Protocol of
case sIPPacket.IPProtocol of
1: begin
//ICMP
sIcmpPacket := TIngusICMPPacket(sPacket);
Memo1.Lines.Add('ICMP');
end;
6: begin
//TCP
sTCPPacket := TIngusTCPPacket(sPacket);
Memo1.Lines.Add('TCP');
nSrcPort := sTCPPacket.SourcePort;
nDestPort := sTCPPacket.DestPort;
Memo1.Lines.Add('PS: '+IntToStr(nSrcPort));
Memo1.Lines.Add('DS: '+IntToStr(nDestPort));
end;
end;
case sPacket.PacketDirection of
pdInput:
begin
Memo1.Lines.Add('Input');
end;
pdOutput:
begin
Memo1.Lines.Add('Output');
end;
end;
end;
procedure TForm1.OnAfterGetAdapterDesc(bStatus: Boolean; sAdapterDesc: string);
begin
Memo1.Lines.Add('***Adapter Desc: '+sAdapterDesc);
end;
procedure TForm1.OnAfterGetMacAddress(bStatus: Boolean; pMacAddr: PChar);
begin
Memo1.Lines.Add(Format( '***MAC Address: %.2X:%.2X:%.2X:%.2X:%.2X:%.2X',
[ UCHAR(pMacAddr^), UCHAR((pMacAddr+1)^), UCHAR((pMacAddr+2)^),
UCHAR((pMacAddr+3)^), UCHAR((pMacAddr+4)^), UCHAR((pMacAddr+5)^) ] ));
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
//Start
Memo1.Lines.Clear;
sIngus.StartSnoop(ComboBox1.ItemIndex);
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
//Stop
sIngus.StopSnoop;
end;
end.