/*
Name: PacketFilter.cpp
Copyright: Jes�s Oliva
Author: Jes�s Oliva (jeoliva@telefonica.net)
Date: 25/09/03 20:19
*/
#include "stdafx.h"
#include "PacketFilter.h"
#include <stdlib.h>
#include <stdio.h>
/***********************************************
Class CPacketFilter.
***********************************************/
CPacketFilter::CPacketFilter()
{
defaultAction = PF_ACTION_FORWARD;
}
CPacketFilter::~CPacketFilter()
{
RemoveAll();
}
void CPacketFilter::RemoveAll()
{
POSITION pos = interfacesTable.GetStartPosition();
CPacketFilterInterface pckInt;
unsigned long ip;
while( pos != NULL )
{
interfacesTable.GetNextAssoc(pos, ip, pckInt);
PfDeleteInterface(pckInt.hInterface);
}
interfacesTable.RemoveAll();
}
int CPacketFilter::AddFilter(char *localInterfaceIp,
int direction,
char *srcIp,
char *srcMask,
char *dstIp,
char *dstMask,
int srcPort,
int dstPort,
int protocol)
{
CPacketFilterInterface interfaceHandle;
// If the interface isn't created, then I create it.
if(!interfacesTable.Lookup(CharToIp(localInterfaceIp), interfaceHandle))
{
interfaceHandle.Create(CharToIp(localInterfaceIp), defaultAction);
interfacesTable[CharToIp(localInterfaceIp)] = interfaceHandle;
}
// Fill the real filter struct
PF_FILTER_DESCRIPTOR ipFlt;
ipFlt.dwFilterFlags = FD_FLAGS_NOSYN;
ipFlt.dwRule = 0;
ipFlt.pfatType = PF_IPV4;
ipFlt.dwProtocol = protocol;
ipFlt.fLateBound = 0;
ipFlt.wSrcPort = srcPort;
ipFlt.wSrcPortHighRange = srcPort;
ipFlt.wDstPort = dstPort;
ipFlt.wDstPortHighRange = dstPort;
unsigned long lIpSrc = CharToIp(srcIp);
unsigned long lIpDst = CharToIp(dstIp);
unsigned long lMaskSrc = CharToIp(srcMask);
unsigned long lMaskDst = CharToIp(dstMask);
ipFlt.SrcAddr = (PBYTE) &lIpSrc;
ipFlt.SrcMask = (PBYTE) &lMaskSrc;
ipFlt.DstAddr = (PBYTE) &lIpDst;
ipFlt.DstMask = (PBYTE) &lMaskDst;
DWORD errorCode;
// I add the filter
if(direction == IN_DIRECTION || direction == ANY_DIRECTION)
errorCode = PfAddFiltersToInterface(interfaceHandle.hInterface,
1,
&ipFlt,
0,
NULL,
NULL);
if(direction == OUT_DIRECTION || direction == ANY_DIRECTION)
errorCode = PfAddFiltersToInterface(interfaceHandle.hInterface,
0,
NULL,
1,
&ipFlt,
NULL);
else
return -2;
if(errorCode != NO_ERROR)
return -1;
return 0;
}
int CPacketFilter::AddFilter(unsigned long localInterfaceIp,
int direction,
unsigned long srcIp,
unsigned long srcMask,
unsigned long dstIp,
unsigned long dstMask,
int srcPort,
int dstPort,
int protocol)
{
CPacketFilterInterface interfaceHandle;
// If the interface isn't created, then I create it.
if(!interfacesTable.Lookup(localInterfaceIp, interfaceHandle))
{
interfaceHandle.Create(localInterfaceIp, defaultAction);
interfacesTable[localInterfaceIp] = interfaceHandle;
}
// Fill the real filter struct
PF_FILTER_DESCRIPTOR ipFlt;
ipFlt.dwFilterFlags = 0;
ipFlt.dwRule = 0;
ipFlt.pfatType = PF_IPV4;
ipFlt.dwProtocol = protocol;
ipFlt.fLateBound = 0;
ipFlt.wSrcPort = srcPort;
ipFlt.wSrcPortHighRange = srcPort;
ipFlt.wDstPort = dstPort;
ipFlt.wDstPortHighRange = dstPort;
ipFlt.SrcAddr = (PBYTE) &srcIp;
ipFlt.SrcMask = (PBYTE) &srcMask;
ipFlt.DstAddr = (PBYTE) &dstIp;
ipFlt.DstMask = (PBYTE) &dstMask;
DWORD errorCode;
// I add the filter
if(direction == IN_DIRECTION || direction == ANY_DIRECTION)
errorCode = PfAddFiltersToInterface(interfaceHandle.hInterface,
1,
&ipFlt,
0,
NULL,
NULL);
if(direction == OUT_DIRECTION || direction == ANY_DIRECTION)
errorCode = PfAddFiltersToInterface(interfaceHandle.hInterface,
0,
NULL,
1,
&ipFlt,
NULL);
else
return -2;
if(errorCode != NO_ERROR)
return -1;
return 0;
}
int CPacketFilter::RemoveFilter(char *localInterfaceIp,
int direction,
char *srcIp,
char *srcMask,
char *dstIp,
char *dstMask,
int srcPort,
int dstPort,
int protocol)
{
CPacketFilterInterface interfaceHandle;
// If the interface isn't created, then I create it.
if(!interfacesTable.Lookup(CharToIp(localInterfaceIp), interfaceHandle))
{
return -1;
}
// Fill the real filter struct
PF_FILTER_DESCRIPTOR ipFlt;
ipFlt.dwFilterFlags = FD_FLAGS_NOSYN;
ipFlt.dwRule = 0;
ipFlt.pfatType = PF_IPV4;
ipFlt.dwProtocol = protocol;
ipFlt.fLateBound = 0;
ipFlt.wSrcPort = srcPort;
ipFlt.wSrcPortHighRange = srcPort;
ipFlt.wDstPort = dstPort;
ipFlt.wDstPortHighRange = dstPort;
unsigned long lIpSrc = CharToIp(srcIp);
unsigned long lIpDst = CharToIp(dstIp);
unsigned long lMaskSrc = CharToIp(srcMask);
unsigned long lMaskDst = CharToIp(dstMask);
ipFlt.SrcAddr = (PBYTE) &lIpSrc;
ipFlt.SrcMask = (PBYTE) &lMaskSrc;
ipFlt.DstAddr = (PBYTE) &lIpDst;
ipFlt.DstMask = (PBYTE) &lMaskDst;
DWORD errorCode;
// I add the filter
if(direction == IN_DIRECTION || direction == ANY_DIRECTION)
errorCode = PfRemoveFiltersFromInterface(interfaceHandle.hInterface,
1,
&ipFlt,
0,
NULL);
if(direction == OUT_DIRECTION || direction == ANY_DIRECTION)
errorCode = PfRemoveFiltersFromInterface(interfaceHandle.hInterface,
0,
NULL,
1,
&ipFlt);
else
return -2;
if(errorCode != NO_ERROR)
return -1;
return 0;
}
int CPacketFilter::RemoveFilter(unsigned long localInterfaceIp,
int direction,
unsigned long srcIp,
unsigned long srcMask,
unsigned long dstIp,
unsigned long dstMask,
int srcPort,
int dstPort,
int protocol)
{
CPacketFilterInterface interfaceHandle;
// If the interface isn't created, then I create it.
if(!interfacesTable.Lookup(localInterfaceIp, interfaceHandle))
{
return -1;
}
// Fill the real filter struct
PF_FILTER_DESCRIPTOR ipFlt;
ipFlt.dwFilterFlags = FD_FLAGS_NOSYN;
ipFlt.dwRule = 0;
ipFlt.pfatType = PF_IPV4;
ipFlt.dwProtocol = protocol;
ipFlt.fLateBound = 0;
ipFlt.wSrcPort = srcPort;
ipFlt.wSrcPortHighRange = srcPort;
ipFlt.wDstPort = dstPort;
ipFlt.wDstPortHighRange = dstPort;
ipFlt.SrcAddr = (PBYTE) &srcIp;
ipFlt.SrcMask = (PBYTE) &srcMask;
ipFlt.DstAddr = (PBYTE) &dstIp;
ipFlt.DstMask = (PBYTE) &dstMask;
DWORD errorCode;
// I add the filter
if(direction == IN_DIRECTION || direction == ANY_DIRECTION)
errorCode = PfRemoveFiltersFromInterface(interfaceHandle.hInterface,
1,
&ipFlt,
0,
NULL);
if(direction == OUT_DIRECTION || direction == ANY_DIRECTION)
errorCode = PfRemoveFiltersFromInterface(interfaceHandle.hInterface,
0,
NULL,
1,
&ipFlt);
else
return -2;
if(errorCode != NO_ERROR)
return -1;
return 0;
}
int CPacketFilter::AddGlobalFilter(char *localInterfaceIp,
int globalFilter)
{
CPacketFilterInterface interfaceHandle;
// If the interface isn't created, then I create it.
if(!interfacesTable.Lookup(CharToIp(localInterfaceIp), interfaceHandle))
{
interfaceHandle.Create(CharToIp(localInterfaceIp), defaultAction);
interfacesTable[CharToIp(localInterfaceIp)] = interfaceHandle;
}
DWORD errorCode;
// Add the global filter
errorCode = PfAddGlobalFilterToInterface(interfaceHandle.hInterface, (GLOBAL_FILTER)globalFilter);
if(errorCode != NO_ERROR)
return -1;
return 0;
}
int CPacke
firewall papi 的源码
5星 · 超过95%的资源 需积分: 9 45 浏览量
2013-11-06
12:03:58
上传
评论
收藏 35KB GZ 举报 
firewallpapi-firewallpapiV11.tar.gz (29个子文件) 
firewallpapiV11 
RuleDlg.cpp 3KB
FirewallPApi.exe 52KB FirewallApp.rc 15KB DefaultActionDlg.h 1KB res FirewallAppDoc.ico 1KB
Toolbar.bmp 1KB FirewallApp.ico 1KB newtoolbar.bmp 6KB FirewallApp.rc2 390B FirewallAppDoc.cpp 3KB FirewallAppView.h 2KB FirewallAppDoc.h 2KB FirewallApp.h 1KB FirewallAppView.cpp 6KB FirewallApp.dsp 5KB StdAfx.cpp 205B MainFrm.cpp 9KB resource.h 2KB RuleDlg.h 2KB PacketFilter.h 3KB MainFrm.h 2KB FirewallApp.cpp 4KB StdAfx.h 1KB sockUtil.cpp 2KB rules.h 431B PacketFilter.cpp 10KB FirewallApp.dsw 518B sockutil.h 319B DefaultActionDlg.cpp 2KB资源评论
zl199209272014-03-26还不可以吧,应该可以
zhangzhihong2014-07-08正在做网络拦截的客户端,可以借鉴
