- This topic has 3 replies, 3 voices, and was last updated 18 years, 5 months ago by
.
-
Posts
-
Hi there,
I have a bug promlem with lhmon. I have compiled the sources from example with c++bilder 6 and when I am tring to run the app sometimes it works (shows me the captured packed ) sometimes it doesn’t work. It remain at the
WaitForSingleObject (hEvent, INFINITE);and wait. I have a lot of activity on the net on TCP but the event dos not fire anymore
I have tried on another computer and I make the same.
Could you please tell em what is happening?
First of all the trial version on site is limited to capture 100 packets per boot.
If you are using full registered version then have you tried to run Local Host Monitor application on that system? If it works fine then the problem is relative to your code (and to advise anything I have to see more than one line), if it also does not intercept packets then it is probably driver relative. Please clarify.
The driver is not the miteded one. and the code is exactly the code from the package cbuilder
#include
#include
#include
#include
#include "includecommon.h"
#include "includelhmonapi.h"
//
#pragma hdrstop
//
#pragma argsused
int main(int argc, char* argv[])
{
LOG_INFO LogInfo;
FILTER_INFO FilterInfo;
memset (&LogInfo, 0, sizeof (LOG_INFO));
memset (&FilterInfo, 0, sizeof (FILTER_INFO));
CLhmonApi api;
if (!api.IsDriverLoaded())
return 0;
DWORD dwVersion = api.GetVersion();
api.SetLoggingState(1);
api.SetMaximumLogSize (100);
HANDLE hEvent = OpenEvent (EVENT_ALL_ACCESS, FALSE, "LhmonEvent");
FilterInfo.m_Address.m_Ip = 0x00000000; // 127.0.0.1
FilterInfo.m_Address.m_Mask = 0x00000000; // 255.0.0.0
FilterInfo.m_PortRange.m_StartRange = 0x0; // 0
FilterInfo.m_PortRange.m_EndRange = 0xFFFF; // 65535
FilterInfo.m_LocalPortRange.m_StartRange = 0x0;
FilterInfo.m_LocalPortRange.m_EndRange = 0xFFFF;
FilterInfo.m_Protocol = TCP;
api.AddFilter (&FilterInfo);
unsigned int k, m, i = 0;
while (i < 100)
{
memset (&LogInfo, 2 , sizeof (LOG_INFO));
if ( api.ReadLog ( &LogInfo ) )
{
++i;
printf ("i=%un", i);
printf ("LogInfo.m_ID = %dn", LogInfo.m_ID);
printf ("LogInfo.m_LocalAddress.m_Ip = 0x%Xn", LogInfo.m_LocalAddress.m_Ip);
printf ("LogInfo.m_LocalAddress.m_Port = %dn", LogInfo.m_LocalAddress.m_Port);
printf ("LogInfo.m_RemoteAddress.m_Ip = 0x%Xn", LogInfo.m_RemoteAddress.m_Ip);
printf ("LogInfo.m_RemoteAddress.m_Port = %dn", LogInfo.m_RemoteAddress.m_Port);
printf ("LogInfo.m_Protocol = %dn", LogInfo.m_Protocol);
printf ("LogInfo.m_Offset = %dn", LogInfo.m_Offset);
printf ("LogInfo.m_Flags = 0x%.8Xn", LogInfo.m_Flags);
printf ("LogInfo.m_DataLength = %dn", LogInfo.m_DataLength);
printf ("LogInfo.m_ProcessID = %dn", LogInfo.m_ProcessID);
printf ("nn");
}
else
{
if (hEvent && (hEvent != INVALID_HANDLE_VALUE))
{
WaitForSingleObject (hEvent, INFINITE);
ResetEvent (hEvent);
}
}
}
api.SetLoggingState(0);
api.PurgeLog();
api.RemoveAllFilters();
CloseHandle (hEvent);
return 0;
}
- You must be logged in to reply to this topic.