www.pudn.com > IpFilter.rar > iphook.h
///////////////////////////////////////////////////////////////////////////////
//
// (C) Copyright 1999 - 2000 Mark Roddy
// All Rights Reserved
//
// Hollis Technology Solutions
// 94 Dow Road
// Hollis, NH 03049
// info@hollistech.com
//
// Synopsis:
//
//
// Version Information:
//
// $Header: /iphook/inc/iphook.h 3 1/27/00 10:35p Markr $
//
///////////////////////////////////////////////////////////////////////////////
#pragma once
//
// this is functionally equivalent to the _T() macro
// but could somebody tell me why we need two defines?
//
#ifdef UNICODE
#define String(x) L##x
#else
#ifdef _UNICODE
#define String(x) L##x
#else
#define String(x) x
#endif
#endif
#define IPHOOK_NAME String("IpHook")
#define IPHOOK_DEV_NAME String("\\Device\\IpHook")
#define IPHOOK_USER_DEV_NAME String("\\DosDevices\\IpHook")
#define IPHOOK_DEVICE_TYPE (32768 + 5020)
//
// great, so lets define a simple API
//
// IOCTLs start here
//
#define IP_HOOK_API_BASE (0x800 + 37)
#define CODE_N(n) (n + IP_HOOK_API_BASE)
//
// 1. start hooking
//
#define START_IP_HOOK CTL_CODE(IPHOOK_DEVICE_TYPE, CODE_N(0), \
METHOD_BUFFERED, FILE_ANY_ACCESS)
//
// 2. stop hooking - only the thread that starts a hook can stop it
//
#define STOP_IP_HOOK CTL_CODE(IPHOOK_DEVICE_TYPE, CODE_N(1), \
METHOD_BUFFERED, FILE_ANY_ACCESS)
typedef struct IPHeader {
UCHAR iph_verlen; // Version and length
UCHAR iph_tos; // Type of service
USHORT iph_length; // Total datagram length
USHORT iph_id; // Identification
USHORT iph_offset; // Flags, fragment offset
UCHAR iph_ttl; // Time to live
UCHAR iph_protocol; // Protocol
USHORT iph_xsum; // Header checksum
ULONG iph_src; // Source address
ULONG iph_dest; // Destination address
} IPHeader;
typedef ULONG IPAddr;
#pragma pack(push, default1)
#pragma pack(4)
typedef struct {
ULONG tag;
ULONG sequence;
ULONGLONG timestamp;
ULONG direction;
ULONG ifIndex;
IPHeader header;
ULONG dataLength;
IPAddr nextHop;
} IPHOOK_DATA, *PIPHOOK_DATA;
typedef struct {
ULONG tag;
ULONG entries; // how many are there?
ULONG valid; // how many contain data?
IPHOOK_DATA buffer[1];
} IPHOOK_BUFFER, *PIPHOOK_BUFFER;
#pragma pack(pop, default1)
#define IPHOOK_BUFFER_TAG 0x9038
#define IPHOOK_DATA_TAG 0x9039
//
// 3. Hook this - only the thread that starts a hook can stop it
//
#define HOOK_THIS CTL_CODE(IPHOOK_DEVICE_TYPE, CODE_N(2), \
METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
//
// input Buffer: null, output Buffer: an IPHOOK_BUFFER
//
// The caller supplies the output buffer, the driver fills it with
// as much data as is available.
//
BOOLEAN inline validIpHookData(PIPHOOK_DATA iphook)
{
if (iphook && (iphook->tag == IPHOOK_DATA_TAG)) {
return TRUE;
}
return FALSE;
}
BOOLEAN inline validIpHookBuffer(IPHOOK_BUFFER * iphookbuffer)
{
if (iphookbuffer && (iphookbuffer->tag == IPHOOK_BUFFER_TAG)) {
return TRUE;
}
return FALSE;
}
///////////////////////////////////////////////////////////////////////////////
//
// Change History Log
//
// $Log: /iphook/inc/iphook.h $
//
// 3 1/27/00 10:35p Markr
// Prepare to release!
//
//////////////////////////////////////////////////////////////////////////////