www.pudn.com > SnifferPro.rar > MainFrm.cpp
// MainFrm.cpp : implementation of the CMainFrame class
//
#include "stdafx.h"
#include "SnifferPro.h"
#include "MainFrm.h"
#include "StcView.h"
#include "DlgAdp.h"
#include "DlgFlt.h"
#include "DlgDet.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
extern pcap_if_t *dev;
extern pcap_if_t *alldevs;
extern CString mt1,mt2,mt3,mt4;
/////////////////////////////////////////////////////////////////////////////
// CMainFrame
IMPLEMENT_DYNCREATE(CMainFrame, CFrameWnd)
BEGIN_MESSAGE_MAP(CMainFrame, CFrameWnd)
//{{AFX_MSG_MAP(CMainFrame)
ON_WM_CREATE()
ON_WM_TIMER()
ON_COMMAND(ID_OPT_ADPATER, OnOptAdpater)
ON_COMMAND(ID_FILE_START, OnFileStart)
ON_COMMAND(ID_FILE_STOP, OnFileStop)
ON_UPDATE_COMMAND_UI(ID_FILE_START, OnUpdateFileStart)
ON_UPDATE_COMMAND_UI(ID_FILE_STOP, OnUpdateFileStop)
ON_COMMAND(ID_OPT_FILTER, OnOptFilter)
ON_WM_CLOSE()
ON_UPDATE_COMMAND_UI(ID_OPT_ADPATER, OnUpdateOptAdpater)
ON_UPDATE_COMMAND_UI(ID_OPT_FILTER, OnUpdateOptFilter)
ON_UPDATE_COMMAND_UI(ID_FILE_STARTA, OnUpdateFileStarta)
ON_COMMAND(ID_FILE_STARTA, OnFileStarta)
ON_COMMAND(ID_FILE_SAVEAS, OnFileSaveas)
ON_COMMAND(ID_FILE_REASSEMBLY, OnFileReassembly)
ON_UPDATE_COMMAND_UI(ID_FILE_REASSEMBLY, OnUpdateFileReassembly)
//}}AFX_MSG_MAP
END_MESSAGE_MAP()
static UINT indicators[] =
{
ID_SEPARATOR, // status line indicator
ID_INDICATOR_CAPS,
ID_INDICATOR_NUM,
ID_INDICATOR_SCRL,
};
/////////////////////////////////////////////////////////////////////////////
// CMainFrame construction/destruction
CMainFrame::CMainFrame()
{
// TODO: add member initialization code here
alldevs=NULL;
dev=NULL;
isStart=false;
isStop=true;
isStartA=false;
isStopA=true;
isAddrA=false;
isAddrB=false;
//addrA=0xc0a80003;//192.168.0.3
//addrB=0xca7802b4;//202.120.2.180
//addrB=0xca780201;//202.120.2.1
timelast=0;
dirmode=0;
filtertype[0]=TRUE;//tcp
filtertype[1]=TRUE;//udp
filtertype[2]=TRUE;//icmp
filtertype[3]=TRUE;//ospf
filtertype[4]=TRUE;//arp
filtertype[5]=TRUE;//rarp
}
CMainFrame::~CMainFrame()
{
}
int CMainFrame::OnCreate(LPCREATESTRUCT lpCreateStruct)
{
if (CFrameWnd::OnCreate(lpCreateStruct) == -1)
return -1;
if (!m_wndToolBar.CreateEx(this, TBSTYLE_FLAT, WS_CHILD | WS_VISIBLE | CBRS_TOP
| CBRS_GRIPPER | CBRS_TOOLTIPS | CBRS_FLYBY | CBRS_SIZE_DYNAMIC) ||
!m_wndToolBar.LoadToolBar(IDR_MAINFRAME))
{
TRACE0("Failed to create toolbar\n");
return -1; // fail to create
}
if (!m_wndStatusBar.Create(this) ||
!m_wndStatusBar.SetIndicators(indicators,
sizeof(indicators)/sizeof(UINT)))
{
TRACE0("Failed to create status bar\n");
return -1; // fail to create
}
// TODO: Delete these three lines if you don't want the toolbar to
// be dockable
m_wndToolBar.EnableDocking(CBRS_ALIGN_ANY);
EnableDocking(CBRS_ALIGN_ANY);
DockControlBar(&m_wndToolBar);
//全局变量
bmac="FF:FF:FF:FF:FF:FE";
sec=30;
check=false;
frequency=0;
type=0;
m1[0]=172;
m1[1]=29;
m1[2]=5;
m1[3]=21;
m_progStatusBar.Create(this);//m_progStatusBar.m_wndProgBar.SetRange(0,100);
return 0;
}
BOOL CMainFrame::PreCreateWindow(CREATESTRUCT& cs)
{
if( !CFrameWnd::PreCreateWindow(cs) )
return FALSE;
// TODO: Modify the Window class or styles here by modifying
// the CREATESTRUCT cs
return TRUE;
}
/////////////////////////////////////////////////////////////////////////////
// CMainFrame diagnostics
#ifdef _DEBUG
void CMainFrame::AssertValid() const
{
CFrameWnd::AssertValid();
}
void CMainFrame::Dump(CDumpContext& dc) const
{
CFrameWnd::Dump(dc);
}
#endif //_DEBUG
/////////////////////////////////////////////////////////////////////////////
// CMainFrame message handlers
BOOL CMainFrame::OnCreateClient(LPCREATESTRUCT lpcs, CCreateContext* pContext)
{
// TODO: Add your specialized code here and/or call the base class
//将用户区分成3各视图
if (m_wndSplitter1.CreateStatic(this,1,2)==NULL)
return FALSE;
if (m_wndSplitter2.CreateStatic(&m_wndSplitter1,2,1,WS_CHILD | WS_VISIBLE,m_wndSplitter1.IdFromRowCol(0,0))==NULL)
return FALSE;
m_wndSplitter1.CreateView(0,1,RUNTIME_CLASS(CSinPackView),CSize(100,100),pContext);
m_wndSplitter2.CreateView(0,0,RUNTIME_CLASS(CMulPackView),CSize(100,100),pContext);
m_wndSplitter2.CreateView(1,0,RUNTIME_CLASS(CStcView),CSize(100,100),pContext);
SetTimer(1,10,NULL);
return TRUE;
}
void CMainFrame::OnTimer(UINT nIDEvent)
{
// TODO: Add your message handler code here and/or call default
CRect rect;
switch(nIDEvent){
case 1:
//设置视图高和宽
GetClientRect(rect);
m_wndSplitter1.SetColumnInfo(0,rect.Width()/16*11,0);
m_wndSplitter1.SetColumnInfo(1,rect.Width()/16*5,0);
m_wndSplitter2.SetRowInfo(0,rect.Height()/16*10-20,0);
m_wndSplitter2.SetRowInfo(1,rect.Height()/16*6,0);
m_wndSplitter1.RecalcLayout();
m_wndSplitter2.RecalcLayout();
KillTimer(1);
break;
case 2:
::PostMessage(this->mulPackView->m_hWnd,WM_MESSAGE_ONTIMER,0,0);
break;
case 3:
CString from=mt1+":"+mt2+":"+"0";
CString to=mt3+":"+mt4+":"+"0";
CString t;
SYSTEMTIME st = {0};
GetLocalTime(&st);//获得当前本地时间
t.Format("%d:%d:%d",st.wHour,st.wMinute,st.wSecond);
char *ptime = (char*)((LPCTSTR)t);
char *pfrom = (char*)((LPCTSTR)from);
char *pto = (char*)((LPCTSTR)to);
if(!strcmp(pfrom,ptime))
{
SetTimer(2,1000,NULL);//设置时间,没过一秒统计包数量和总字节
AfxBeginThread(AFX_THREADPROC(ReceivePacket),(LPVOID)this);//启动收包线程
}
if(!strcmp(pto,ptime))
{ isStop=true;
isStart=false;
KillTimer(2);
this->m_progStatusBar.OnProgress(-1);
MessageBox("监听结束!");
KillTimer(3);
}
break;
}
CFrameWnd::OnTimer(nIDEvent);
}
void CMainFrame::OnOptAdpater()
{
// TODO: Add your command handler code here
CDlgAdp dlgAdp;//为Adpater对话框初始化值
// dlgAdp.mainFrm=this;
// dlgAdp.alldevs=this->alldevs;
// dlgAdp.dev=this->dev;
dlgAdp.DoModal();
// if(dlgAdp.DoModal()==IDOK){//返回Adpater对话框用户输入信息
// this->alldevs=dlgAdp.alldevs;
// this->dev=dlgAdp.dev;
// }
// return ;
}
void CMainFrame::OnFileStart()
{
// TODO: Add your command handler code here
if(dev==NULL){
MessageBox("Please choose the adapter!!");
return ;
}
isStart=true;//设置状态
isStop=false;
//以下为清空上次抓取内容,进行初始化
for(int i=0;imulPackView->pkt_datas.GetSize();i++){
delete[] (unsigned char *)this->mulPackView->pkt_datas.GetAt(i);//释放所捕获得包
delete (struct pcap_pkthdr *)this->mulPackView->pkt_headers.GetAt(i);//释放每个包的pcap头信息
}
this->founders.RemoveAll();//清空定位器
//以下为清空上次抓取内容
this->mulPackView->pkt_headers.RemoveAll();
this->mulPackView->pkt_datas.RemoveAll();
this->mulPackView->time=0;
this->mulPackView->totalmem=0;
this->mulPackView->delta=0;
this->mulPackView->GetListCtrl().DeleteAllItems();
this->sinPackView->GetTreeCtrl().DeleteAllItems();
this->stcView->m_list.DeleteAllItems();
this->stcView->isReassembly=FALSE;
if(timelast==0){
SetTimer(2,1000,NULL);//设置时间,没过一秒统计包数量和总字节
AfxBeginThread(AFX_THREADPROC(ReceivePacket),(LPVOID)this);}//启动收包线程
else if(timelast==1)
{
SetTimer(3,1000,NULL);
}
}
void CMainFrame::OnFileStop()
{
// TODO: Add your command handler code here
isStop=true;
isStart=false;
KillTimer(2);
if(timelast==1)
KillTimer(3);
this->m_progStatusBar.OnProgress(-1);
/*if(isDown){
if(fclose(fp)==0){
fp=NULL;
}
else
MessageBox("File Close Failed!");
}*/
}
void CMainFrame::OnUpdateFileStart(CCmdUI* pCmdUI)
{
// TODO: Add your command update UI handler code here
if(isStart)
pCmdUI->Enable(false);
}
void CMainFrame::OnUpdateFileStop(CCmdUI* pCmdUI)
{
// TODO: Add your command update UI handler code here
if(isStop)
pCmdUI->Enable(false);
}
void CMainFrame::OnUpdateFileStarta(CCmdUI* pCmdUI)
{
// TODO: Add your command update UI handler code here
if(isStartA)
pCmdUI->Enable(false);
}
void pcap_handle(u_char *user, const struct pcap_pkthdr *pkt_header, const u_char *pkt_data)
{
if(((CMainFrame *)AfxGetApp()->GetMainWnd())->isStart==true){
if(((CMainFrame *)AfxGetApp()->GetMainWnd())->Filter(pkt_data)==TRUE)//若过滤成功
::PostMessage(*(((CMainFrame *)AfxGetApp()->GetMainWnd())->mulPackView),WM_MESSAGE_PACKET_RECEIVE,(WPARAM)pkt_header,(LPARAM)pkt_data);//通知CMulView处理收到的包
((CMainFrame *)AfxGetApp()->GetMainWnd())->mulPackView->delta+=pkt_header->caplen;//统计当前网络状况,不考虑过滤
}
}
UINT ReceivePacket(LPVOID param)
{
CMainFrame *mainFrm=(CMainFrame*)param;
pcap_t *p;
char errbuf[PCAP_ERRBUF_SIZE];
if((p=pcap_open_live(dev->name,65536,1,1000,errbuf))==NULL){//若网卡无法绑定
AfxMessageBox("Open the adapter failed!");
return -1;
}
do{//进行抓包,每抓一个,调用pcap_handle函数
pcap_loop(p,1,pcap_handle,NULL);
}while(mainFrm->isStop==false);
pcap_close(p);//关闭网卡
return 0;
}
void CMainFrame::OnOptFilter()
{
// TODO: Add your command handler code here
CDlgFlt dlgFlt;
dlgFlt.mainFrm=this;//初始化Filter的筛选信息
dlgFlt.m_checkA=this->isAddrA;
dlgFlt.m_checkB=this->isAddrB;
dlgFlt.ipA=this->addrA;
dlgFlt.ipB=this->addrB;
dlgFlt.m_dirmode=this->dirmode;
for(int i=0;ifiltertype[i];
}
if(dlgFlt.DoModal()==IDOK){//从Filter对话框中获取输入筛选信息
this->isAddrA=dlgFlt.m_checkA;
this->isAddrB=dlgFlt.m_checkB;
if(this->isAddrA)
this->addrA=dlgFlt.ipA;
if(this->isAddrB)
this->addrB=dlgFlt.ipB;
this->dirmode=dlgFlt.m_dirmode;
for(i=0;ifiltertype[i]=dlgFlt.type[i];
this->timelast=dlgFlt.m_timelast;
}
}
BOOL CMainFrame::Filter(const unsigned char *pkt_data)
{
unsigned char *pos=(unsigned char *)pkt_data;
int type;
int protocol;
int srcaddr;
int destaddr;
pos+=12;
type=(*pos)*0x100+(*(pos+1));//获取Mac层帧所载的报文类型
if(type==0x0806){//ARP
if(this->filtertype[TYPE_ARP]==FALSE)
return FALSE;
else
return TRUE;
}
if(type==0x8035){//RARP
if(this->filtertype[TYPE_RARP]==FALSE)
return FALSE;
else
return TRUE;
}
if(type==0x0800){//IP
pos=(unsigned char *)pkt_data;
pos+=14+9;
protocol=(*pos);//获取IP包所提供的传输层协议
if(this->filtertype[TYPE_TCP]==FALSE && protocol==6)//对报文类型进行判断
return FALSE;
if(this->filtertype[TYPE_UDP]==FALSE && protocol==17)//对报文类型进行判断
return FALSE;
if(this->filtertype[TYPE_ICMP]==FALSE && protocol==1)//对报文类型进行判断
return FALSE;
if(this->filtertype[TYPE_OSPF]==FALSE && protocol==89)//对报文类型进行判断
return FALSE;
//获取源目的地址
pos=(unsigned char *)pkt_data;
pos+=14+12;
srcaddr=(*pos)*0x1000000+(*(pos+1))*0x10000+(*(pos+2))*0x100+(*(pos+3));
pos+=4;
destaddr=(*pos)*0x1000000+(*(pos+1))*0x10000+(*(pos+2))*0x100+(*(pos+3));
switch(this->dirmode){//按传输方向分类筛选
case DIR_AB:
if(this->isAddrA && srcaddr!=this->addrA)//对地址进行判断
return FALSE;
if(this->isAddrB && destaddr!=this->addrB)//对地址进行判断
return FALSE;
else
return TRUE;
break;
case DIR_BA:
if(this->isAddrB && srcaddr!=this->addrB)//对地址进行判断
return FALSE;
if(this->isAddrA && destaddr!=this->addrA)//对地址进行判断
return FALSE;
else
return TRUE;
break;
case DIR_BOTH:
if(this->isAddrA && srcaddr!=this->addrA && destaddr!=this->addrA)//对地址进行判断
return FALSE;
if(this->isAddrB && srcaddr!=this->addrB && destaddr!=this->addrB)//对地址进行判断
return FALSE;
else
return TRUE;
break;
}
}//IP
return FALSE;//其余包都过滤掉
}
void CMainFrame::OnClose()
{
// TODO: Add your message handler code here and/or call default
for(int i=0;imulPackView->pkt_headers.GetSize();i++){//关闭时释放所以抓到的包
// delete (struct pacp_pkthdr*)this->mulPackView->pkt_headers.GetAt(i);
delete[] (unsigned char *)this->mulPackView->pkt_datas.GetAt(i);
}
this->mulPackView->pkt_headers.RemoveAll();
this->mulPackView->pkt_datas.RemoveAll();
CFrameWnd::OnClose();
}
void CMainFrame::OnFileDown()
{
// TODO: Add your command handler code here
}
void CMainFrame::OnUpdateFileDown(CCmdUI* pCmdUI)
{
// TODO: Add your command update UI handler code here
}
void CMainFrame::OnUpdateOptAdpater(CCmdUI* pCmdUI)
{
// TODO: Add your command update UI handler code here
if(this->isStart){//如果开始抓包,则disable网卡选项功能
pCmdUI->Enable(FALSE);
}
else
pCmdUI->Enable(TRUE);
}
void CMainFrame::OnUpdateOptFilter(CCmdUI* pCmdUI)
{
// TODO: Add your command update UI handler code here
if(this->isStart){//如果开始抓包,则disable过滤选项功能
pCmdUI->Enable(FALSE);
}
else
pCmdUI->Enable(TRUE);
}
void CMainFrame::OnFileStarta()
{
// TODO: Add your command handler code here
if(dev==NULL){
MessageBox("Please choose the adapter!");
return ;
}
if(this->isStart)
{
MessageBox("Please stop the sniffer first!");
return ;
}
CDlgDet dlgDet;//为Adpater对话框初始化值
dlgDet.DoModal();
}
void CMainFrame::OnFileSaveas()
{
// TODO: Add your command handler code here
CListCtrl &ctrl=mulPackView->GetListCtrl();
int Count=ctrl.GetItemCount();
CFile f;
CFileException e;
CString strFileName;
CTime t=CTime::GetCurrentTime();
CString strTime = t.Format( "%d-%H-%M-%S" );
strTime="SNIFFER_LOG-"+strTime;
CFileDialog fileDlg(FALSE,"txt",strTime,OFN_HIDEREADONLY | OFN_OVERWRITEPROMPT,"txt",NULL); //TRUE 为打开对话框
if(fileDlg.DoModal()==IDOK)
{
UpdateData(true);
strFileName=fileDlg.GetFileName();
UpdateData(false);
if( f.Open(strFileName, CFile::modeCreate | CFile::modeWrite, &e ) )
{
CString str;
str="Order IP SRC DST IPLEN TYPE \r\n\r\n\r\n";
f.Write( str, str.GetLength() );
for(int i=0;imulPackView->pkt_datas.GetSize();
int index=this->mulPackView->index;
int i;
//int type;
//unsigned char *pos;
char type[5];
if(count<=0)//没有包被捕获
return;
this->mulPackView->GetListCtrl().GetItemText(index,5,type,5);
if(strcmp(type,"TCP")!=0){
MessageBox("请选择TCP报文!");
return;
}
if(MessageBox("TCP重组后,各报文头信息将不被显示,并且对于重组后大于100K的报文,为节省内存将不予显示内容,但可以用Save As 将其保存至文件.是否继续?",NULL,MB_OKCANCEL)==IDCANCEL)
return;
this->mulPackView->GetListCtrl().DeleteColumn(6);
this->mulPackView->GetListCtrl().InsertColumn(6," ",LVCFMT_LEFT,100);
//为所选中的报文生IP和TCP包
ip=new IPGram(this->mulPackView->pkt_datas.GetAt(index)+14,this->mulPackView->pkt_headers.GetAt(index)->len-14);
tcp=new TCPGram(ip->data,ip->datalen);
founders.RemoveAll();
int tcptotallen=0;
for(i=0;imulPackView->pkt_datas.GetAt(i)+23)==6){//指向protocol字段,为6表示TCP
tempip=new IPGram(this->mulPackView->pkt_datas.GetAt(i)+14,this->mulPackView->pkt_headers.GetAt(i)->len-14);//对每个TCP包生成对象,进行筛选
temptcp=new TCPGram(tempip->data,tempip->datalen);
if(tempip->srcaddr==ip->srcaddr && tempip->destaddr==ip->destaddr
&& temptcp->srcport==tcp->srcport && temptcp->destport==tcp->destport
&& temptcp->datalen>0){//源目的地址相同,源目的端口相同,数据不为空
//为每个需要的包生成一个定位器,指出这个包在队列中的位置,tcp数据离开首址的偏移量,和tcp数据长度
founder.index=i;
founder.start=14+tempip->IHL*4+temptcp->headlen*4;
founder.len=temptcp->datalen;
founders.Add(founder);//加入定位器队列
tcptotallen+=temptcp->datalen;//tcp总数据长度递增
delete tempip;//释放内存
delete temptcp;//释放内存
this->mulPackView->GetListCtrl().SetItemText(i,6,"Reassemblied");//将被组装的包进行标识
}
else{
delete temptcp;//释放内存
delete tempip;//释放内存
}
}//TCP
}
delete tcp;//释放内存
delete ip;//释放内存
if(tcptotallen<=102400)//总长小于100K才显示,发消息给CStcView,令其显示
::PostMessage(*this->stcView,WM_MESSAGE_PACKET_REASSEMBLY,0,0);
}
void CMainFrame::OnUpdateFileReassembly(CCmdUI* pCmdUI)
{
// TODO: Add your command update UI handler code here
if(this->isStart){//如果开始抓包,则disable重组功能
pCmdUI->Enable(FALSE);
}
else
pCmdUI->Enable(TRUE);
}