使用VB截獲WIN98系列下的IP數(shù)據(jù)包
因廣大VB愛好者開發(fā)捕獲IP數(shù)據(jù)包的需要����,我花了一個下午的工夫��,終于把它整里出來了���,由于時間關(guān)系��,以下的數(shù)據(jù)分析部分寫的不是很詳細(xì)����。以下代碼在WIN98+VB6.0上測試通過�����,主函數(shù)部分比較簡單��,1�。打開設(shè)備驅(qū)動程序,2���。綁定網(wǎng)卡�,3���。設(shè)置捕獲數(shù)據(jù)���,4。循環(huán)截獲IP包�����。
由于在WIN98下捕獲IP數(shù)據(jù)包,必須要使用VXD技術(shù)�,它不像WIN2000(可以參照前二天寫的,“使用VB捕獲WIN2000下的IP數(shù)據(jù)包”)��,捕獲IP數(shù)據(jù)包不需要VXD文件�����,單單只要使用VB就可以了��。因?yàn)榫帉慥XD的步驟比較麻煩���,在以下的源代碼中����,直接使用IPMAN中的VPACKET.VXD這個驅(qū)動程序�������?梢栽诰W(wǎng)上比較容易得到,需要的朋友也可以跟我聯(lián)系����。以下包含了截獲數(shù)據(jù)包的所有源代碼,只要把下面的代碼放到一個模塊(.BAS)文件中就可以了��,里面信息截獲到以后�,并沒有對數(shù)據(jù)做太多的處理����,所有的數(shù)據(jù)都放在OutBuff數(shù)組中,只是簡單的分離出了以太網(wǎng)頭部m_EtherPacketHead���,IP包頭部m_IPPacketHead���,其中程序中只是簡單的輸出了源IP地址,目的IP地址���,需要更進(jìn)一不分析里面的內(nèi)容��,可以參照別的資料�。在這里為了程序盡量的簡單���,所以不過多的牽涉�����。進(jìn)一步分析的內(nèi)容可以添加到輸出內(nèi)容的附近代碼就可以了��。
'--------源代碼開始����,放到.bas中即可以測試----------
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Long, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
Private Declare Function CreateEvent Lib "kernel32" Alias "CreateEventA" (ByVal lpEventAttributes As Long, ByVal bManualReset As Long, ByVal bInitialState As Long, ByVal lpName As String) As Long
Private Declare Function WaitForMultipleObjectsEx Lib "kernel32" (ByVal nCount As Long, lpHandles As Long, ByVal bWaitAll As Long, ByVal dwMilliseconds As Long, ByVal bAlertable As Long) As Long
Private Const INFINITE = &HFFFF
Private Const GENERIC_WRITE = &H40000000
Private Const GENERIC_READ = &H80000000
Private Const OPEN_EXISTING = 3
Private Const FILE_ATTRIBUTE_NORMAL = &H80
Private Const FILE_FLAG_OVERLAPPED = &H40000000
Private Const FILE_FLAG_DELETE_ON_CLOSE = &H4000000
Private Const ERROR_IO_INCOMPLETE = 996&
Private Const NDIS_PACKET_TYPE_DIRECTED = &H1
Private Const IOCTL_PROTOCOL_SET_OID = &H80000004
Private Const IOCTL_PROTOCOL_READ = &H80000010
Private Const OID_GEN_CURRENT_PACKET_FILTER = &H1010E
Private Const WAIT_FAILED = -1
Private Type OVERLAPPED
Internal As Long
InternalHigh As Long
offset As Long
OffsetHigh As Long
hEvent As Long
End Type
Type EtherAddr
AddrByte1 As Byte
AddrByte2 As Byte
AddrByte3 As Byte
AddrByte4 As Byte
AddrByte5 As Byte
AddrByte6 As Byte
End Type
Type EtherPacketHead
DestEther As EtherAddr
SourEther As EtherAddr
ServType As Integer
End Type
相關(guān)推薦:
2011年上半年計(jì)算機(jī)等級考試報名時間匯總
2011計(jì)算機(jī)等級考試二級VB考點(diǎn)及習(xí)題匯總
2011年計(jì)算機(jī)等級考試二級VB基礎(chǔ)教程匯總
2011計(jì)算機(jī)等考二級VB輔導(dǎo)知識技巧匯總
