aureliuh

Forum Replies Created

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • June 5, 2006 at 11:10 am in reply to: LHmon problems #6061
    aureliuh
    Participant

      The driver is not the miteded one. and the code is exactly the code from the package cbuilder


      
#include 
      
#include 
      
#include 
      
#include 
      
#include "includecommon.h"
      
#include "includelhmonapi.h"
      

      
//

      

      
#pragma hdrstop
      

      
//

      

      
#pragma argsused
      

      
int main(int argc, char* argv[])
      
{
      
LOG_INFO LogInfo;
      
FILTER_INFO FilterInfo;
      

      
memset (&LogInfo, 0, sizeof (LOG_INFO));
      
memset (&FilterInfo, 0, sizeof (FILTER_INFO));
      

      
CLhmonApi api;
      

      
if (!api.IsDriverLoaded())
      
return 0;
      

      
DWORD dwVersion = api.GetVersion();
      

      
api.SetLoggingState(1);
      
api.SetMaximumLogSize (100);
      

      
HANDLE hEvent = OpenEvent (EVENT_ALL_ACCESS, FALSE, "LhmonEvent");
      

      
FilterInfo.m_Address.m_Ip = 0x00000000; // 127.0.0.1
      
FilterInfo.m_Address.m_Mask = 0x00000000; // 255.0.0.0
      
FilterInfo.m_PortRange.m_StartRange = 0x0; // 0
      
FilterInfo.m_PortRange.m_EndRange = 0xFFFF; // 65535
      
FilterInfo.m_LocalPortRange.m_StartRange = 0x0;
      
FilterInfo.m_LocalPortRange.m_EndRange = 0xFFFF;
      
FilterInfo.m_Protocol = TCP;
      

      
api.AddFilter (&FilterInfo);
      

      
unsigned int k, m, i = 0;
      

      
while (i < 100)
      
{
      
memset (&LogInfo, 2 , sizeof (LOG_INFO));
      
if ( api.ReadLog ( &LogInfo ) )
      
{
      
++i;
      
printf ("i=%un", i);
      
printf ("LogInfo.m_ID = %dn", LogInfo.m_ID);
      
printf ("LogInfo.m_LocalAddress.m_Ip = 0x%Xn", LogInfo.m_LocalAddress.m_Ip);
      
printf ("LogInfo.m_LocalAddress.m_Port = %dn", LogInfo.m_LocalAddress.m_Port);
      
printf ("LogInfo.m_RemoteAddress.m_Ip = 0x%Xn", LogInfo.m_RemoteAddress.m_Ip);
      
printf ("LogInfo.m_RemoteAddress.m_Port = %dn", LogInfo.m_RemoteAddress.m_Port);
      
printf ("LogInfo.m_Protocol = %dn", LogInfo.m_Protocol);
      
printf ("LogInfo.m_Offset = %dn", LogInfo.m_Offset);
      
printf ("LogInfo.m_Flags = 0x%.8Xn", LogInfo.m_Flags);
      
printf ("LogInfo.m_DataLength = %dn", LogInfo.m_DataLength);
      
printf ("LogInfo.m_ProcessID = %dn", LogInfo.m_ProcessID);
      

      
printf ("nn");
      
}
      
else
      
{
      
if (hEvent && (hEvent != INVALID_HANDLE_VALUE))
      
{
      
WaitForSingleObject (hEvent, INFINITE);
      
ResetEvent (hEvent);
      
}
      
}
      
}
      

      
api.SetLoggingState(0);
      
api.PurgeLog();
      
api.RemoveAllFilters();
      

      
CloseHandle (hEvent);
      

      
return 0;
      
}
      March 5, 2006 at 9:47 am in reply to: Modify TTL of the packets #5994
      aureliuh
      Participant

        My problem is that the incoming packets have TTL=1 and beacause of this I can not get the packets behind a router.
        The only solution is to modify the packet’s ttl=5 so I can get the packets over the router

      • Author
        Posts
      Viewing 2 posts - 1 through 2 (of 2 total)