6227 lines
204 KiB
C
6227 lines
204 KiB
C
|
|
|
|
/* this ALWAYS GENERATED file contains the definitions for the interfaces */
|
|
|
|
|
|
/* File created by MIDL compiler version 6.00.0361 */
|
|
/* Compiler settings for netmon.idl:
|
|
Oicf, W1, Zp8, env=Win32 (32b run)
|
|
protocol : dce , ms_ext, c_ext, robust
|
|
error checks: allocation ref bounds_check enum stub_data
|
|
VC __declspec() decoration level:
|
|
__declspec(uuid()), __declspec(selectany), __declspec(novtable)
|
|
DECLSPEC_UUID(), MIDL_INTERFACE()
|
|
*/
|
|
//@@MIDL_FILE_HEADING( )
|
|
|
|
#pragma warning( disable: 4049 ) /* more than 64k source lines */
|
|
|
|
|
|
/* verify that the <rpcndr.h> version is high enough to compile this file*/
|
|
#ifndef __REQUIRED_RPCNDR_H_VERSION__
|
|
#define __REQUIRED_RPCNDR_H_VERSION__ 475
|
|
#endif
|
|
|
|
#include "rpc.h"
|
|
#include "rpcndr.h"
|
|
|
|
#ifndef __RPCNDR_H_VERSION__
|
|
#error this stub requires an updated version of <rpcndr.h>
|
|
#endif // __RPCNDR_H_VERSION__
|
|
|
|
#ifndef COM_NO_WINDOWS_H
|
|
#include "windows.h"
|
|
#include "ole2.h"
|
|
#endif /*COM_NO_WINDOWS_H*/
|
|
|
|
#ifndef __netmon_h__
|
|
#define __netmon_h__
|
|
|
|
#if defined(_MSC_VER) && (_MSC_VER >= 1020)
|
|
#pragma once
|
|
#endif
|
|
|
|
/* Forward Declarations */
|
|
|
|
#ifndef __IDelaydC_FWD_DEFINED__
|
|
#define __IDelaydC_FWD_DEFINED__
|
|
typedef interface IDelaydC IDelaydC;
|
|
#endif /* __IDelaydC_FWD_DEFINED__ */
|
|
|
|
|
|
#ifndef __IRTC_FWD_DEFINED__
|
|
#define __IRTC_FWD_DEFINED__
|
|
typedef interface IRTC IRTC;
|
|
#endif /* __IRTC_FWD_DEFINED__ */
|
|
|
|
|
|
#ifndef __IStats_FWD_DEFINED__
|
|
#define __IStats_FWD_DEFINED__
|
|
typedef interface IStats IStats;
|
|
#endif /* __IStats_FWD_DEFINED__ */
|
|
|
|
|
|
/* header files for imported files */
|
|
#include "unknwn.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C"{
|
|
#endif
|
|
|
|
void * __RPC_USER MIDL_user_allocate(size_t);
|
|
void __RPC_USER MIDL_user_free( void * );
|
|
|
|
/* interface __MIDL_itf_netmon_0000 */
|
|
/* [local] */
|
|
|
|
//=============================================================================
|
|
// Microsoft (R) Network Monitor (tm).
|
|
// Copyright (C) Microsoft Corporation. All rights reserved.
|
|
//
|
|
// MODULE: netmon.h
|
|
//
|
|
// This is the consolidated include file for all Network Monitor components.
|
|
//
|
|
// It contains the contents of these files from previous SDKs:
|
|
//
|
|
// NPPTypes.h
|
|
// Finder.h
|
|
// NMSupp.h
|
|
// BHTypes.h
|
|
// NMErr.h
|
|
// BHFilter.h
|
|
// Frame.h
|
|
// Parser.h
|
|
// IniLib.h
|
|
// NMExpert.h (previously Expert.h)
|
|
// Netmon.h (previously bh.h)
|
|
// NMBlob.h (previously blob.h)
|
|
// NMRegHelp.h (previously reghelp.h)
|
|
// NMIpStructs.h (previously IpStructs.h)
|
|
// NMIcmpStructs.h (previously IcmpStructs.h)
|
|
// NMIpxStructs.h (previously IpxStructs.h)
|
|
// NMTcpStructs.h (previously TcpStructs.h)
|
|
//
|
|
// IDelaydC.idl
|
|
// IRTC.idl
|
|
// IStats.idl
|
|
//
|
|
//=============================================================================
|
|
#include <winerror.h>
|
|
#include <winerror.h>
|
|
|
|
#pragma pack(1)
|
|
// For backward compatability with old SDK versions, all structures within this header
|
|
// file will be byte packed on x86 platforms. All other platforms will only have those
|
|
// structures that will be used to decode network data packed.
|
|
#ifdef _X86_
|
|
#pragma pack(1)
|
|
#else
|
|
#pragma pack()
|
|
#endif
|
|
|
|
// yes we know that many of our structures have:
|
|
// warning C4200: nonstandard extension used : zero-sized array in struct/union
|
|
// this is OK and intended
|
|
#pragma warning(disable:4200)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NPPTypes.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
typedef BYTE *LPBYTE;
|
|
|
|
typedef const void *HBLOB;
|
|
|
|
//=============================================================================
|
|
// General constants.
|
|
//=============================================================================
|
|
#define MAC_TYPE_UNKNOWN ( 0 )
|
|
|
|
#define MAC_TYPE_ETHERNET ( 1 )
|
|
|
|
#define MAC_TYPE_TOKENRING ( 2 )
|
|
|
|
#define MAC_TYPE_FDDI ( 3 )
|
|
|
|
#define MAC_TYPE_ATM ( 4 )
|
|
|
|
#define MAC_TYPE_1394 ( 5 )
|
|
|
|
#define MACHINE_NAME_LENGTH ( 16 )
|
|
|
|
#define USER_NAME_LENGTH ( 32 )
|
|
|
|
#define ADAPTER_COMMENT_LENGTH ( 32 )
|
|
|
|
#define CONNECTION_FLAGS_WANT_CONVERSATION_STATS ( 0x1 )
|
|
|
|
//=============================================================================
|
|
// Transmit statistics structure.
|
|
//=============================================================================
|
|
typedef struct _TRANSMITSTATS
|
|
{
|
|
DWORD TotalFramesSent;
|
|
DWORD TotalBytesSent;
|
|
DWORD TotalTransmitErrors;
|
|
} TRANSMITSTATS;
|
|
|
|
typedef TRANSMITSTATS *LPTRANSMITSTATS;
|
|
|
|
#define TRANSMITSTATS_SIZE ( sizeof( TRANSMITSTATS ) )
|
|
|
|
//=============================================================================
|
|
// Statistics structure.
|
|
//=============================================================================
|
|
typedef struct _STATISTICS
|
|
{
|
|
__int64 TimeElapsed;
|
|
DWORD TotalFramesCaptured;
|
|
DWORD TotalBytesCaptured;
|
|
DWORD TotalFramesFiltered;
|
|
DWORD TotalBytesFiltered;
|
|
DWORD TotalMulticastsFiltered;
|
|
DWORD TotalBroadcastsFiltered;
|
|
DWORD TotalFramesSeen;
|
|
DWORD TotalBytesSeen;
|
|
DWORD TotalMulticastsReceived;
|
|
DWORD TotalBroadcastsReceived;
|
|
DWORD TotalFramesDropped;
|
|
DWORD TotalFramesDroppedFromBuffer;
|
|
DWORD MacFramesReceived;
|
|
DWORD MacCRCErrors;
|
|
__int64 MacBytesReceivedEx;
|
|
DWORD MacFramesDropped_NoBuffers;
|
|
DWORD MacMulticastsReceived;
|
|
DWORD MacBroadcastsReceived;
|
|
DWORD MacFramesDropped_HwError;
|
|
} STATISTICS;
|
|
|
|
typedef STATISTICS *LPSTATISTICS;
|
|
|
|
#define STATISTICS_SIZE ( sizeof( STATISTICS ) )
|
|
|
|
//=============================================================================
|
|
// Address structures
|
|
//=============================================================================
|
|
|
|
// These structures are used to decode network data and so need to be packed
|
|
|
|
#pragma pack(push, 1)
|
|
#define MAX_NAME_SIZE ( 32 )
|
|
|
|
#define IP_ADDRESS_SIZE ( 4 )
|
|
|
|
#define MAC_ADDRESS_SIZE ( 6 )
|
|
|
|
#define IP6_ADDRESS_SIZE ( 16 )
|
|
|
|
// Q: What is the maximum address size that we could have to copy?
|
|
// A: IP6
|
|
#define MAX_ADDRESS_SIZE ( 16 )
|
|
|
|
#define ADDRESS_TYPE_ETHERNET ( 0 )
|
|
|
|
#define ADDRESS_TYPE_IP ( 1 )
|
|
|
|
#define ADDRESS_TYPE_IPX ( 2 )
|
|
|
|
#define ADDRESS_TYPE_TOKENRING ( 3 )
|
|
|
|
#define ADDRESS_TYPE_FDDI ( 4 )
|
|
|
|
#define ADDRESS_TYPE_XNS ( 5 )
|
|
|
|
#define ADDRESS_TYPE_ANY ( 6 )
|
|
|
|
#define ADDRESS_TYPE_ANY_GROUP ( 7 )
|
|
|
|
#define ADDRESS_TYPE_FIND_HIGHEST ( 8 )
|
|
|
|
#define ADDRESS_TYPE_VINES_IP ( 9 )
|
|
|
|
#define ADDRESS_TYPE_LOCAL_ONLY ( 10 )
|
|
|
|
#define ADDRESS_TYPE_ATM ( 11 )
|
|
|
|
#define ADDRESS_TYPE_1394 ( 12 )
|
|
|
|
#define ADDRESS_TYPE_IP6 ( 13 )
|
|
|
|
#define ADDRESSTYPE_FLAGS_NORMALIZE ( 0x1 )
|
|
|
|
#define ADDRESSTYPE_FLAGS_BIT_REVERSE ( 0x2 )
|
|
|
|
// Vines IP Address Structure
|
|
typedef struct _VINES_IP_ADDRESS
|
|
{
|
|
DWORD NetID;
|
|
WORD SubnetID;
|
|
} VINES_IP_ADDRESS;
|
|
|
|
typedef VINES_IP_ADDRESS *LPVINES_IP_ADDRESS;
|
|
|
|
#define VINES_IP_ADDRESS_SIZE ( sizeof( VINES_IP_ADDRESS ) )
|
|
|
|
// IPX Address Structure
|
|
typedef struct _IPX_ADDR
|
|
{
|
|
BYTE Subnet[ 4 ];
|
|
BYTE Address[ 6 ];
|
|
} IPX_ADDR;
|
|
|
|
typedef IPX_ADDR *LPIPX_ADDR;
|
|
|
|
#define IPX_ADDR_SIZE ( sizeof( IPX_ADDR ) )
|
|
|
|
// XNS Address Structure
|
|
typedef IPX_ADDR XNS_ADDRESS;
|
|
|
|
typedef IPX_ADDR *LPXNS_ADDRESS;
|
|
|
|
// ETHERNET SOURCE ADDRESS
|
|
typedef struct _ETHERNET_SRC_ADDRESS
|
|
{
|
|
BYTE RoutingBit: 1;
|
|
BYTE LocalBit: 1;
|
|
BYTE Byte0: 6;
|
|
BYTE Reserved[5];
|
|
|
|
} ETHERNET_SRC_ADDRESS;
|
|
typedef ETHERNET_SRC_ADDRESS *LPETHERNET_SRC_ADDRESS;
|
|
// ETHERNET DESTINATION ADDRESS
|
|
typedef struct _ETHERNET_DST_ADDRESS
|
|
{
|
|
BYTE GroupBit: 1;
|
|
BYTE AdminBit: 1;
|
|
BYTE Byte0: 6;
|
|
BYTE Reserved[5];
|
|
} ETHERNET_DST_ADDRESS;
|
|
typedef ETHERNET_DST_ADDRESS *LPETHERNET_DST_ADDRESS;
|
|
|
|
// FDDI addresses
|
|
typedef ETHERNET_SRC_ADDRESS FDDI_SRC_ADDRESS;
|
|
typedef ETHERNET_DST_ADDRESS FDDI_DST_ADDRESS;
|
|
|
|
typedef FDDI_SRC_ADDRESS *LPFDDI_SRC_ADDRESS;
|
|
typedef FDDI_DST_ADDRESS *LPFDDI_DST_ADDRESS;
|
|
|
|
// TOKENRING Source Address
|
|
typedef struct _TOKENRING_SRC_ADDRESS
|
|
{
|
|
BYTE Byte0: 6;
|
|
BYTE LocalBit: 1;
|
|
BYTE RoutingBit: 1;
|
|
BYTE Byte1;
|
|
BYTE Byte2: 7;
|
|
BYTE Functional: 1;
|
|
BYTE Reserved[3];
|
|
} TOKENRING_SRC_ADDRESS;
|
|
typedef TOKENRING_SRC_ADDRESS *LPTOKENRING_SRC_ADDRESS;
|
|
|
|
// TOKENRING Destination Address
|
|
typedef struct _TOKENRING_DST_ADDRESS
|
|
{
|
|
BYTE Byte0: 6;
|
|
BYTE AdminBit: 1;
|
|
BYTE GroupBit: 1;
|
|
BYTE Reserved[5];
|
|
} TOKENRING_DST_ADDRESS;
|
|
typedef TOKENRING_DST_ADDRESS *LPTOKENRING_DST_ADDRESS;
|
|
// Address Structure
|
|
typedef struct _ADDRESS2
|
|
{
|
|
DWORD Type;
|
|
|
|
union
|
|
{
|
|
// ADDRESS_TYPE_ETHERNET
|
|
// ADDRESS_TYPE_TOKENRING
|
|
// ADDRESS_TYPE_FDDI
|
|
BYTE MACAddress[MAC_ADDRESS_SIZE];
|
|
|
|
// IP
|
|
BYTE IPAddress[IP_ADDRESS_SIZE];
|
|
|
|
// IP6
|
|
BYTE IP6Address[IP6_ADDRESS_SIZE];
|
|
|
|
// raw IPX
|
|
BYTE IPXRawAddress[IPX_ADDR_SIZE];
|
|
|
|
// real IPX
|
|
IPX_ADDR IPXAddress;
|
|
|
|
// raw Vines IP
|
|
BYTE VinesIPRawAddress[VINES_IP_ADDRESS_SIZE];
|
|
|
|
// real Vines IP
|
|
VINES_IP_ADDRESS VinesIPAddress;
|
|
|
|
// ethernet with bits defined
|
|
ETHERNET_SRC_ADDRESS EthernetSrcAddress;
|
|
|
|
// ethernet with bits defined
|
|
ETHERNET_DST_ADDRESS EthernetDstAddress;
|
|
|
|
// tokenring with bits defined
|
|
TOKENRING_SRC_ADDRESS TokenringSrcAddress;
|
|
|
|
// tokenring with bits defined
|
|
TOKENRING_DST_ADDRESS TokenringDstAddress;
|
|
|
|
// fddi with bits defined
|
|
FDDI_SRC_ADDRESS FddiSrcAddress;
|
|
|
|
// fddi with bits defined
|
|
FDDI_DST_ADDRESS FddiDstAddress;
|
|
};
|
|
|
|
WORD Flags;
|
|
} ADDRESS2;
|
|
typedef ADDRESS2 *LPADDRESS2;
|
|
#define ADDRESS2_SIZE sizeof(ADDRESS2)
|
|
|
|
|
|
#pragma pack(pop)
|
|
//=============================================================================
|
|
// Address Pair Structure
|
|
//=============================================================================
|
|
#define ADDRESS_FLAGS_MATCH_DST ( 0x1 )
|
|
|
|
#define ADDRESS_FLAGS_MATCH_SRC ( 0x2 )
|
|
|
|
#define ADDRESS_FLAGS_EXCLUDE ( 0x4 )
|
|
|
|
#define ADDRESS_FLAGS_DST_GROUP_ADDR ( 0x8 )
|
|
|
|
#define ADDRESS_FLAGS_MATCH_BOTH ( 0x3 )
|
|
|
|
typedef struct _ADDRESSPAIR2
|
|
{
|
|
WORD AddressFlags;
|
|
WORD NalReserved;
|
|
ADDRESS2 DstAddress;
|
|
ADDRESS2 SrcAddress;
|
|
|
|
} ADDRESSPAIR2;
|
|
typedef ADDRESSPAIR2 *LPADDRESSPAIR2;
|
|
#define ADDRESSPAIR2_SIZE sizeof(ADDRESSPAIR2)
|
|
//=============================================================================
|
|
// Address table.
|
|
//=============================================================================
|
|
#define MAX_ADDRESS_PAIRS ( 8 )
|
|
|
|
typedef struct _ADDRESSTABLE2
|
|
{
|
|
DWORD nAddressPairs;
|
|
DWORD nNonMacAddressPairs;
|
|
ADDRESSPAIR2 AddressPair[MAX_ADDRESS_PAIRS];
|
|
|
|
} ADDRESSTABLE2;
|
|
|
|
typedef ADDRESSTABLE2 *LPADDRESSTABLE2;
|
|
#define ADDRESSTABLE2_SIZE sizeof(ADDRESSTABLE2)
|
|
//=============================================================================
|
|
// Network information.
|
|
//=============================================================================
|
|
#define NETWORKINFO_FLAGS_PMODE_NOT_SUPPORTED ( 0x1 )
|
|
|
|
#define NETWORKINFO_FLAGS_REMOTE_NAL ( 0x4 )
|
|
|
|
#define NETWORKINFO_FLAGS_REMOTE_NAL_CONNECTED ( 0x8 )
|
|
|
|
#define NETWORKINFO_FLAGS_REMOTE_CARD ( 0x10 )
|
|
|
|
#define NETWORKINFO_FLAGS_RAS ( 0x20 )
|
|
|
|
#define NETWORKINFO_RESERVED_FIELD_SIZE (FIELD_OFFSET(ADDRESS2,IPXAddress) + sizeof(IPX_ADDR))
|
|
typedef struct _NETWORKINFO
|
|
{
|
|
BYTE PermanentAddr[6]; //... Permanent MAC address
|
|
BYTE CurrentAddr[6]; //... Current MAC address
|
|
BYTE Reserved[NETWORKINFO_RESERVED_FIELD_SIZE];
|
|
DWORD LinkSpeed; //... Link speed in Mbits.
|
|
DWORD MacType; //... Media type.
|
|
DWORD MaxFrameSize; //... Max frame size allowed.
|
|
DWORD Flags; //... Informational flags.
|
|
DWORD TimestampScaleFactor; //... 1 = 1/1 ms, 10 = 1/10 ms, 100 = 1/100 ms, etc.
|
|
BYTE NodeName[32]; //... Name of remote workstation.
|
|
BOOL PModeSupported; //... Card claims to support P-Mode
|
|
BYTE Comment[ADAPTER_COMMENT_LENGTH]; // Adapter comment field.
|
|
|
|
} NETWORKINFO;
|
|
typedef NETWORKINFO *LPNETWORKINFO;
|
|
#define NETWORKINFO_SIZE sizeof(NETWORKINFO)
|
|
#define MINIMUM_FRAME_SIZE ( 32 )
|
|
|
|
//=============================================================================
|
|
// Pattern structure.
|
|
//=============================================================================
|
|
#define MAX_PATTERN_LENGTH ( 16 )
|
|
|
|
// When set this flag will cause those frames which do NOT have the specified pattern
|
|
// in the proper stop to be kept.
|
|
#define PATTERN_MATCH_FLAGS_NOT ( 0x1 )
|
|
|
|
#define PATTERN_MATCH_FLAGS_RESERVED_1 ( 0x2 )
|
|
|
|
// When set this flag indicates that the user is not interested in a pattern match within
|
|
// IP or IPX, but in the protocol that follows. The driver will ensure that the protocol
|
|
// given in OffsetBasis is there and then that the port in the fram matches the port given.
|
|
// It will then calculate the offset from the beginning of the protocol that follows IP or IPX.
|
|
// NOTE: This flag is ignored if it is used with any OffsetBasis other than
|
|
// OFFSET_BASIS_RELATIVE_TO_IPX or OFFSET_BASIS_RELATIVE_TO_IP
|
|
#define PATTERN_MATCH_FLAGS_PORT_SPECIFIED ( 0x8 )
|
|
|
|
// The offset given is relative to the beginning of the frame. The
|
|
// PATTERN_MATCH_FLAGS_PORT_SPECIFIED flag is ignored.
|
|
#define OFFSET_BASIS_RELATIVE_TO_FRAME ( 0 )
|
|
|
|
// The offset given is relative to the beginning of the Effective Protocol.
|
|
// The Effective Protocol is defined as the protocol that follows
|
|
// the last protocol that determines Etype/SAP. In normal terms this means
|
|
// that the Effective Protocol will be IP, IPX, XNS, or any of their ilk.
|
|
// The PATTERN_MATCH_FLAGS_PORT_SPECIFIED flag is ignored.
|
|
#define OFFSET_BASIS_RELATIVE_TO_EFFECTIVE_PROTOCOL ( 1 )
|
|
|
|
// The offset given is relative to the beginning of IPX. If IPX is not present
|
|
// then the frame does not match. If the PATTERN_MATCH_FLAGS_PORT_SPECIFIED
|
|
// flag is set then the offset is relative to the beginning of the protocol
|
|
// which follows IPX.
|
|
#define OFFSET_BASIS_RELATIVE_TO_IPX ( 2 )
|
|
|
|
// The offset given is relative to the beginning of IP. If IP is not present
|
|
// then the frame does not match. If the PATTERN_MATCH_FLAGS_PORT_SPECIFIED
|
|
// flag is set then the offset is relative to the beginning of the protocol
|
|
// which follows IP.
|
|
#define OFFSET_BASIS_RELATIVE_TO_IP ( 3 )
|
|
|
|
// The offset given is relative to the beginning of IP6. If IP6 is not present
|
|
// then the frame does not match. If the PATTERN_MATCH_FLAGS_PORT_SPECIFIED
|
|
// flag is set then the offset is relative to the beginning of the protocol
|
|
// which follows IP6.
|
|
#define OFFSET_BASIS_RELATIVE_TO_IP6 ( 4 )
|
|
|
|
typedef /* [public][public][public][public][public][public][public][public][public] */ union __MIDL___MIDL_itf_netmon_0000_0001
|
|
{
|
|
BYTE NextHeader;
|
|
BYTE IPPort;
|
|
WORD ByteSwappedIPXPort;
|
|
} GENERIC_PORT;
|
|
|
|
typedef struct _PATTERNMATCH
|
|
{
|
|
DWORD Flags;
|
|
BYTE OffsetBasis;
|
|
GENERIC_PORT Port;
|
|
WORD Offset;
|
|
WORD Length;
|
|
BYTE PatternToMatch[ 16 ];
|
|
} PATTERNMATCH;
|
|
|
|
typedef PATTERNMATCH *LPPATTERNMATCH;
|
|
|
|
#define PATTERNMATCH_SIZE ( sizeof( PATTERNMATCH ) )
|
|
|
|
//=============================================================================
|
|
// Expression structure.
|
|
//=============================================================================
|
|
#define MAX_PATTERNS ( 4 )
|
|
|
|
typedef struct _ANDEXP
|
|
{
|
|
DWORD nPatternMatches;
|
|
PATTERNMATCH PatternMatch[ 4 ];
|
|
} ANDEXP;
|
|
|
|
typedef ANDEXP *LPANDEXP;
|
|
|
|
#define ANDEXP_SIZE ( sizeof( ANDEXP ) )
|
|
|
|
typedef struct _EXPRESSION
|
|
{
|
|
DWORD nAndExps;
|
|
ANDEXP AndExp[ 4 ];
|
|
} EXPRESSION;
|
|
|
|
typedef EXPRESSION *LPEXPRESSION;
|
|
|
|
#define EXPRESSION_SIZE ( sizeof( EXPRESSION ) )
|
|
|
|
//=============================================================================
|
|
// Trigger.
|
|
//=============================================================================
|
|
#define TRIGGER_TYPE_PATTERN_MATCH ( 1 )
|
|
|
|
#define TRIGGER_TYPE_BUFFER_CONTENT ( 2 )
|
|
|
|
#define TRIGGER_TYPE_PATTERN_MATCH_THEN_BUFFER_CONTENT ( 3 )
|
|
|
|
#define TRIGGER_TYPE_BUFFER_CONTENT_THEN_PATTERN_MATCH ( 4 )
|
|
|
|
#define TRIGGER_FLAGS_FRAME_RELATIVE ( 0 )
|
|
|
|
#define TRIGGER_FLAGS_DATA_RELATIVE ( 0x1 )
|
|
|
|
#define TRIGGER_ACTION_NOTIFY ( 0 )
|
|
|
|
#define TRIGGER_ACTION_STOP ( 0x2 )
|
|
|
|
#define TRIGGER_ACTION_PAUSE ( 0x3 )
|
|
|
|
#define TRIGGER_BUFFER_FULL_25_PERCENT ( 0 )
|
|
|
|
#define TRIGGER_BUFFER_FULL_50_PERCENT ( 1 )
|
|
|
|
#define TRIGGER_BUFFER_FULL_75_PERCENT ( 2 )
|
|
|
|
#define TRIGGER_BUFFER_FULL_100_PERCENT ( 3 )
|
|
|
|
typedef struct _TRIGGER
|
|
{
|
|
BOOL TriggerActive;
|
|
BYTE TriggerType;
|
|
BYTE TriggerAction;
|
|
DWORD TriggerFlags;
|
|
PATTERNMATCH TriggerPatternMatch;
|
|
DWORD TriggerBufferSize;
|
|
DWORD TriggerReserved;
|
|
char TriggerCommandLine[ 260 ];
|
|
} TRIGGER;
|
|
|
|
typedef TRIGGER *LPTRIGGER;
|
|
|
|
#define TRIGGER_SIZE ( sizeof( TRIGGER ) )
|
|
|
|
//=============================================================================
|
|
// Capture filter.
|
|
//=============================================================================
|
|
// Capture filter flags. By default all frames are rejected and
|
|
// Network Monitor enables them based on the CAPTUREFILTER flags
|
|
// defined below.
|
|
#define CAPTUREFILTER_FLAGS_INCLUDE_ALL_SAPS ( 0x1 )
|
|
|
|
#define CAPTUREFILTER_FLAGS_INCLUDE_ALL_ETYPES ( 0x2 )
|
|
|
|
#define CAPTUREFILTER_FLAGS_TRIGGER ( 0x4 )
|
|
|
|
#define CAPTUREFILTER_FLAGS_LOCAL_ONLY ( 0x8 )
|
|
|
|
// throw away our internal comment frames
|
|
#define CAPTUREFILTER_FLAGS_DISCARD_COMMENTS ( 0x10 )
|
|
|
|
// Keep SMT and Token Ring MAC frames
|
|
#define CAPTUREFILTER_FLAGS_KEEP_RAW ( 0x20 )
|
|
|
|
#define CAPTUREFILTER_FLAGS_INCLUDE_ALL ( 0x3 )
|
|
|
|
#define BUFFER_FULL_25_PERCENT ( 0 )
|
|
|
|
#define BUFFER_FULL_50_PERCENT ( 1 )
|
|
|
|
#define BUFFER_FULL_75_PERCENT ( 2 )
|
|
|
|
#define BUFFER_FULL_100_PERCENT ( 3 )
|
|
|
|
typedef struct _CAPTUREFILTER
|
|
{
|
|
DWORD FilterFlags;
|
|
LPBYTE lpSapTable;
|
|
LPWORD lpEtypeTable;
|
|
WORD nSaps;
|
|
WORD nEtypes;
|
|
LPADDRESSTABLE2 AddressTable;
|
|
EXPRESSION FilterExpression;
|
|
TRIGGER Trigger;
|
|
DWORD nFrameBytesToCopy;
|
|
DWORD Reserved;
|
|
|
|
} CAPTUREFILTER;
|
|
typedef CAPTUREFILTER *LPCAPTUREFILTER;
|
|
#define CAPTUREFILTER_SIZE sizeof(CAPTUREFILTER)
|
|
//=============================================================================
|
|
// Frame type.
|
|
//=============================================================================
|
|
// TimeStamp is in 1/1,000,000th seconds.
|
|
typedef struct _FRAME
|
|
{
|
|
__int64 TimeStamp;
|
|
DWORD FrameLength;
|
|
DWORD nBytesAvail;
|
|
/* [size_is] */ BYTE MacFrame[ 1 ];
|
|
} FRAME;
|
|
|
|
typedef FRAME *LPFRAME;
|
|
|
|
typedef FRAME UNALIGNED *ULPFRAME;
|
|
#define FRAME_SIZE ( sizeof( FRAME ) )
|
|
|
|
//=============================================================================
|
|
// Frame descriptor type.
|
|
//=============================================================================
|
|
#define LOW_PROTOCOL_IPX ( OFFSET_BASIS_RELATIVE_TO_IPX )
|
|
|
|
#define LOW_PROTOCOL_IP ( OFFSET_BASIS_RELATIVE_TO_IP )
|
|
|
|
#define LOW_PROTOCOL_IP6 ( OFFSET_BASIS_RELATIVE_TO_IP6 )
|
|
|
|
#define LOW_PROTOCOL_UNKNOWN ( ( BYTE )-1 )
|
|
|
|
typedef struct _FRAME_DESCRIPTOR
|
|
{
|
|
/* [size_is] */ LPBYTE FramePointer;
|
|
__int64 TimeStamp;
|
|
DWORD FrameLength;
|
|
DWORD nBytesAvail;
|
|
WORD Etype;
|
|
BYTE Sap;
|
|
BYTE LowProtocol;
|
|
WORD LowProtocolOffset;
|
|
/* [switch_is] */ /* [switch_type] */ union
|
|
{
|
|
/* [default] */ WORD Reserved;
|
|
/* [case()] */ BYTE IPPort;
|
|
/* [case()] */ WORD ByteSwappedIPXPort;
|
|
} HighPort;
|
|
WORD HighProtocolOffset;
|
|
} FRAME_DESCRIPTOR;
|
|
|
|
typedef FRAME_DESCRIPTOR *LPFRAME_DESCRIPTOR;
|
|
|
|
#define FRAME_DESCRIPTOR_SIZE ( sizeof( FRAME_DESCRIPTOR ) )
|
|
|
|
//=============================================================================
|
|
// Frame descriptor table.
|
|
//=============================================================================
|
|
typedef struct _FRAMETABLE
|
|
{
|
|
DWORD FrameTableLength;
|
|
DWORD StartIndex;
|
|
DWORD EndIndex;
|
|
DWORD FrameCount;
|
|
/* [size_is] */ FRAME_DESCRIPTOR Frames[ 1 ];
|
|
} FRAMETABLE;
|
|
|
|
typedef FRAMETABLE *LPFRAMETABLE;
|
|
|
|
//=============================================================================
|
|
// Station statistics.
|
|
//=============================================================================
|
|
#define STATIONSTATS_FLAGS_INITIALIZED ( 0x1 )
|
|
|
|
#define STATIONSTATS_FLAGS_EVENTPOSTED ( 0x2 )
|
|
|
|
#define STATIONSTATS_POOL_SIZE ( 100 )
|
|
|
|
typedef struct _STATIONSTATS
|
|
{
|
|
DWORD NextStationStats;
|
|
DWORD SessionPartnerList;
|
|
DWORD Flags;
|
|
BYTE StationAddress[ 6 ];
|
|
WORD Pad;
|
|
DWORD TotalPacketsReceived;
|
|
DWORD TotalDirectedPacketsSent;
|
|
DWORD TotalBroadcastPacketsSent;
|
|
DWORD TotalMulticastPacketsSent;
|
|
DWORD TotalBytesReceived;
|
|
DWORD TotalBytesSent;
|
|
} STATIONSTATS;
|
|
|
|
typedef STATIONSTATS *LPSTATIONSTATS;
|
|
|
|
#define STATIONSTATS_SIZE ( sizeof( STATIONSTATS ) )
|
|
|
|
//=============================================================================
|
|
// Session statistics.
|
|
//=============================================================================
|
|
#define SESSION_FLAGS_INITIALIZED ( 0x1 )
|
|
|
|
#define SESSION_FLAGS_EVENTPOSTED ( 0x2 )
|
|
|
|
#define SESSION_POOL_SIZE ( 100 )
|
|
|
|
typedef struct _SESSIONSTATS
|
|
{
|
|
DWORD NextSession;
|
|
DWORD StationOwner;
|
|
DWORD StationPartner;
|
|
DWORD Flags;
|
|
DWORD TotalPacketsSent;
|
|
} SESSIONSTATS;
|
|
|
|
typedef SESSIONSTATS *LPSESSIONSTATS;
|
|
|
|
#define SESSIONSTATS_SIZE ( sizeof( SESSIONSTATS ) )
|
|
|
|
//=============================================================================
|
|
// Station Query
|
|
//=============================================================================
|
|
|
|
// These structures are obsolete and should not be used
|
|
// They are included so that our interfaces need not change
|
|
|
|
#pragma pack(push, 1)
|
|
typedef struct _STATIONQUERY
|
|
{
|
|
DWORD Flags;
|
|
BYTE BCDVerMinor;
|
|
BYTE BCDVerMajor;
|
|
DWORD LicenseNumber;
|
|
BYTE MachineName[ 16 ];
|
|
BYTE UserName[ 32 ];
|
|
BYTE Reserved[ 32 ];
|
|
BYTE AdapterAddress[ 6 ];
|
|
WCHAR WMachineName[ 16 ];
|
|
WCHAR WUserName[ 32 ];
|
|
} STATIONQUERY;
|
|
|
|
typedef STATIONQUERY *LPSTATIONQUERY;
|
|
|
|
#define STATIONQUERY_SIZE ( sizeof( STATIONQUERY ) )
|
|
|
|
|
|
#pragma pack(pop)
|
|
//=============================================================================
|
|
// structure.
|
|
//=============================================================================
|
|
typedef struct _QUERYTABLE
|
|
{
|
|
DWORD nStationQueries;
|
|
/* [size_is] */ STATIONQUERY StationQuery[ 1 ];
|
|
} QUERYTABLE;
|
|
|
|
typedef QUERYTABLE *LPQUERYTABLE;
|
|
|
|
#define QUERYTABLE_SIZE ( sizeof( QUERYTABLE ) )
|
|
|
|
//=============================================================================
|
|
// The LINK structure is used to chain structures together into a list.
|
|
//=============================================================================
|
|
typedef struct _LINK *LPLINK;
|
|
|
|
typedef struct _LINK
|
|
{
|
|
LPLINK PrevLink;
|
|
LPLINK NextLink;
|
|
} LINK;
|
|
|
|
//=============================================================================
|
|
// Security Response packet
|
|
//=============================================================================
|
|
|
|
// This structure is used to decode network data and so needs to be packed
|
|
|
|
#pragma pack(push, 1)
|
|
#define MAX_SECURITY_BREACH_REASON_SIZE ( 100 )
|
|
|
|
#define MAX_SIGNATURE_LENGTH ( 128 )
|
|
|
|
#define MAX_USER_NAME_LENGTH ( 256 )
|
|
|
|
typedef struct _SECURITY_PERMISSION_RESPONSE
|
|
{
|
|
UINT Version;
|
|
DWORD RandomNumber;
|
|
BYTE MachineName[ 16 ];
|
|
BYTE Address[ 6 ];
|
|
BYTE UserName[ 256 ];
|
|
BYTE Reason[ 100 ];
|
|
DWORD SignatureLength;
|
|
BYTE Signature[ 128 ];
|
|
} SECURITY_PERMISSION_RESPONSE;
|
|
|
|
typedef SECURITY_PERMISSION_RESPONSE *LPSECURITY_PERMISSION_RESPONSE;
|
|
|
|
typedef SECURITY_PERMISSION_RESPONSE UNALIGNED * ULPSECURITY_PERMISSION_RESPONSE;
|
|
#define SECURITY_PERMISSION_RESPONSE_SIZE ( sizeof( SECURITY_PERMISSION_RESPONSE ) )
|
|
|
|
|
|
#pragma pack(pop)
|
|
//=============================================================================
|
|
// Callback type
|
|
//=============================================================================
|
|
// generic events
|
|
#define UPDATE_EVENT_TERMINATE_THREAD ( 0 )
|
|
|
|
#define UPDATE_EVENT_NETWORK_STATUS ( 0x1 )
|
|
|
|
// rtc events
|
|
#define UPDATE_EVENT_RTC_INTERVAL_ELAPSED ( 0x2 )
|
|
|
|
#define UPDATE_EVENT_RTC_FRAME_TABLE_FULL ( 0x3 )
|
|
|
|
#define UPDATE_EVENT_RTC_BUFFER_FULL ( 0x4 )
|
|
|
|
// delayed events
|
|
#define UPDATE_EVENT_TRIGGER_BUFFER_CONTENT ( 0x5 )
|
|
|
|
#define UPDATE_EVENT_TRIGGER_PATTERN_MATCH ( 0x6 )
|
|
|
|
#define UPDATE_EVENT_TRIGGER_BUFFER_PATTERN ( 0x7 )
|
|
|
|
#define UPDATE_EVENT_TRIGGER_PATTERN_BUFFER ( 0x8 )
|
|
|
|
// transmit events
|
|
#define UPDATE_EVENT_TRANSMIT_STATUS ( 0x9 )
|
|
|
|
// Security events
|
|
#define UPDATE_EVENT_SECURITY_BREACH ( 0xa )
|
|
|
|
// Remote failure event
|
|
#define UPDATE_EVENT_REMOTE_FAILURE ( 0xb )
|
|
|
|
// actions
|
|
#define UPDATE_ACTION_TERMINATE_THREAD ( 0 )
|
|
|
|
#define UPDATE_ACTION_NOTIFY ( 0x1 )
|
|
|
|
#define UPDATE_ACTION_STOP_CAPTURE ( 0x2 )
|
|
|
|
#define UPDATE_ACTION_PAUSE_CAPTURE ( 0x3 )
|
|
|
|
#define UPDATE_ACTION_RTC_BUFFER_SWITCH ( 0x4 )
|
|
|
|
typedef struct _UPDATE_EVENT
|
|
{
|
|
USHORT Event;
|
|
DWORD Action;
|
|
DWORD Status;
|
|
DWORD Value;
|
|
__int64 TimeStamp;
|
|
DWORD_PTR lpUserContext;
|
|
DWORD_PTR lpReserved;
|
|
UINT FramesDropped;
|
|
/* [switch_is] */ /* [switch_type] */ union
|
|
{
|
|
/* [default] */ DWORD Reserved;
|
|
/* [case()] */ LPFRAMETABLE lpFrameTable;
|
|
/* [case()] */ DWORD_PTR lpPacketQueue;
|
|
/* [case()] */ SECURITY_PERMISSION_RESPONSE SecurityResponse;
|
|
} ;
|
|
LPSTATISTICS lpFinalStats;
|
|
} UPDATE_EVENT;
|
|
|
|
typedef UPDATE_EVENT *PUPDATE_EVENT;
|
|
|
|
// note for c++ users:
|
|
// the declaration for this callback should be in the public part of the header file:
|
|
// static WINAPI DWORD NetworkCallback( UPDATE_EVENT events);
|
|
// and the implementation should be, in the protected section of the cpp file:
|
|
// DWORD WINAPI ClassName::NetworkCallback( UPDATE_EVENT events) {};
|
|
//typedef DWORD (WINAPI *LPNETWORKCALLBACKPROC)( UPDATE_EVENT);
|
|
typedef DWORD (WINAPI *LPNETWORKCALLBACKPROC)( UPDATE_EVENT);
|
|
//=============================================================================
|
|
// NETWORKSTATUS data structure.
|
|
//=============================================================================
|
|
typedef struct _NETWORKSTATUS
|
|
{
|
|
DWORD State;
|
|
DWORD Flags;
|
|
} NETWORKSTATUS;
|
|
|
|
typedef NETWORKSTATUS *LPNETWORKSTATUS;
|
|
|
|
#define NETWORKSTATUS_SIZE ( sizeof( NETWORKSTATUS ) )
|
|
|
|
#define NETWORKSTATUS_STATE_VOID ( 0 )
|
|
|
|
#define NETWORKSTATUS_STATE_INIT ( 1 )
|
|
|
|
#define NETWORKSTATUS_STATE_CAPTURING ( 2 )
|
|
|
|
#define NETWORKSTATUS_STATE_PAUSED ( 3 )
|
|
|
|
#define NETWORKSTATUS_FLAGS_TRIGGER_PENDING ( 0x1 )
|
|
|
|
#define MAKE_WORD(l, h) (((WORD) (l)) | (((WORD) (h)) << 8))
|
|
#define MAKE_LONG(l, h) (((DWORD) (l)) | (((DWORD) (h)) << 16L))
|
|
#define MAKE_SIG(a, b, c, d) MAKE_LONG(MAKE_WORD(a, b), MAKE_WORD(c, d))
|
|
//=============================================================================
|
|
// STATISTICS parameter structure.
|
|
//=============================================================================
|
|
#define MAX_SESSIONS ( 100 )
|
|
|
|
#define MAX_STATIONS ( 100 )
|
|
|
|
typedef struct _STATISTICSPARAM
|
|
{
|
|
DWORD StatisticsSize;
|
|
STATISTICS Statistics;
|
|
DWORD StatisticsTableEntries;
|
|
STATIONSTATS StatisticsTable[ 100 ];
|
|
DWORD SessionTableEntries;
|
|
SESSIONSTATS SessionTable[ 100 ];
|
|
} STATISTICSPARAM;
|
|
|
|
typedef STATISTICSPARAM *LPSTATISTICSPARAM;
|
|
|
|
#define STATISTICSPARAM_SIZE ( sizeof( STATISTICSPARAM ) )
|
|
|
|
//=============================================================================
|
|
// Capture file header.
|
|
//=============================================================================
|
|
|
|
// This structure is used to decode file data and so needs to be packed
|
|
|
|
#pragma pack(push, 1)
|
|
#define CAPTUREFILE_VERSION_MAJOR ( 2 )
|
|
|
|
#define CAPTUREFILE_VERSION_MINOR ( 0 )
|
|
|
|
#define MakeVersion(Major, Minor) ((DWORD) MAKEWORD(Minor, Major))
|
|
#define GetCurrentVersion() MakeVersion(CAPTUREFILE_VERSION_MAJOR, CAPTUREFILE_VERSION_MINOR)
|
|
#define NETMON_1_0_CAPTUREFILE_SIGNATURE MAKE_IDENTIFIER('R', 'T', 'S', 'S')
|
|
#define NETMON_2_0_CAPTUREFILE_SIGNATURE MAKE_IDENTIFIER('G', 'M', 'B', 'U')
|
|
typedef struct _CAPTUREFILE_HEADER_VALUES
|
|
{
|
|
DWORD Signature;
|
|
BYTE BCDVerMinor;
|
|
BYTE BCDVerMajor;
|
|
WORD MacType;
|
|
SYSTEMTIME TimeStamp;
|
|
DWORD FrameTableOffset;
|
|
DWORD FrameTableLength;
|
|
DWORD UserDataOffset;
|
|
DWORD UserDataLength;
|
|
DWORD CommentDataOffset;
|
|
DWORD CommentDataLength;
|
|
DWORD StatisticsOffset;
|
|
DWORD StatisticsLength;
|
|
DWORD NetworkInfoOffset;
|
|
DWORD NetworkInfoLength;
|
|
DWORD ConversationStatsOffset;
|
|
DWORD ConversationStatsLength;
|
|
} CAPTUREFILE_HEADER_VALUES;
|
|
|
|
typedef CAPTUREFILE_HEADER_VALUES *LPCAPTUREFILE_HEADER_VALUES;
|
|
|
|
#define CAPTUREFILE_HEADER_VALUES_SIZE ( sizeof( CAPTUREFILE_HEADER_VALUES ) )
|
|
|
|
|
|
#pragma pack(pop)
|
|
//=============================================================================
|
|
// Capture file.
|
|
//=============================================================================
|
|
|
|
// This structure is used to decode file data and so needs to be packed
|
|
|
|
#pragma pack(push, 1)
|
|
typedef struct _CAPTUREFILE_HEADER
|
|
{
|
|
union
|
|
{
|
|
CAPTUREFILE_HEADER_VALUES ActualHeader;
|
|
BYTE Buffer[ 72 ];
|
|
} ;
|
|
BYTE Reserved[ 56 ];
|
|
} CAPTUREFILE_HEADER;
|
|
|
|
typedef CAPTUREFILE_HEADER *LPCAPTUREFILE_HEADER;
|
|
|
|
#define CAPTUREFILE_HEADER_SIZE ( sizeof( CAPTUREFILE_HEADER ) )
|
|
|
|
|
|
#pragma pack(pop)
|
|
//=============================================================================
|
|
// Stats Frame definitions.
|
|
//=============================================================================
|
|
|
|
// These structures are used to create network data and so need to be packed
|
|
|
|
#pragma pack(push, 1)
|
|
typedef struct _EFRAMEHDR
|
|
{
|
|
BYTE SrcAddress[ 6 ];
|
|
BYTE DstAddress[ 6 ];
|
|
WORD Length;
|
|
BYTE DSAP;
|
|
BYTE SSAP;
|
|
BYTE Control;
|
|
BYTE ProtocolID[ 3 ];
|
|
WORD EtherType;
|
|
} EFRAMEHDR;
|
|
|
|
typedef struct _TRFRAMEHDR
|
|
{
|
|
BYTE AC;
|
|
BYTE FC;
|
|
BYTE SrcAddress[ 6 ];
|
|
BYTE DstAddress[ 6 ];
|
|
BYTE DSAP;
|
|
BYTE SSAP;
|
|
BYTE Control;
|
|
BYTE ProtocolID[ 3 ];
|
|
WORD EtherType;
|
|
} TRFRAMEHDR;
|
|
|
|
#define DEFAULT_TR_AC ( 0 )
|
|
|
|
#define DEFAULT_TR_FC ( 0x40 )
|
|
|
|
#define DEFAULT_SAP ( 0xaa )
|
|
|
|
#define DEFAULT_CONTROL ( 0x3 )
|
|
|
|
#define DEFAULT_ETHERTYPE ( 0x8419 )
|
|
|
|
typedef struct _FDDIFRAMEHDR
|
|
{
|
|
BYTE FC;
|
|
BYTE SrcAddress[ 6 ];
|
|
BYTE DstAddress[ 6 ];
|
|
BYTE DSAP;
|
|
BYTE SSAP;
|
|
BYTE Control;
|
|
BYTE ProtocolID[ 3 ];
|
|
WORD EtherType;
|
|
} FDDIFRAMEHDR;
|
|
|
|
#define DEFAULT_FDDI_FC ( 0x10 )
|
|
|
|
typedef struct _FDDISTATFRAME
|
|
{
|
|
__int64 TimeStamp;
|
|
DWORD FrameLength;
|
|
DWORD nBytesAvail;
|
|
FDDIFRAMEHDR FrameHeader;
|
|
BYTE FrameID[ 4 ];
|
|
DWORD Flags;
|
|
DWORD FrameType;
|
|
WORD StatsDataLen;
|
|
DWORD StatsVersion;
|
|
STATISTICS Statistics;
|
|
} FDDISTATFRAME;
|
|
|
|
typedef FDDISTATFRAME *LPFDDISTATFRAME;
|
|
|
|
typedef FDDISTATFRAME UNALIGNED *ULPFDDISTATFRAME;
|
|
#define FDDISTATFRAME_SIZE ( sizeof( FDDISTATFRAME ) )
|
|
|
|
typedef struct _ATMFRAMEHDR
|
|
{
|
|
BYTE SrcAddress[ 6 ];
|
|
BYTE DstAddress[ 6 ];
|
|
WORD Vpi;
|
|
WORD Vci;
|
|
} ATMFRAMEHDR;
|
|
|
|
typedef struct _ATMSTATFRAME
|
|
{
|
|
__int64 TimeStamp;
|
|
DWORD FrameLength;
|
|
DWORD nBytesAvail;
|
|
ATMFRAMEHDR FrameHeader;
|
|
BYTE FrameID[ 4 ];
|
|
DWORD Flags;
|
|
DWORD FrameType;
|
|
WORD StatsDataLen;
|
|
DWORD StatsVersion;
|
|
STATISTICS Statistics;
|
|
} ATMSTATFRAME;
|
|
|
|
typedef ATMSTATFRAME *LPATMSTATFRAME;
|
|
|
|
typedef ATMSTATFRAME UNALIGNED *ULPATMSTATFRAME;
|
|
#define ATMSTATFRAME_SIZE ( sizeof( ATMSTATFRAME ) )
|
|
|
|
typedef struct _TRSTATFRAME
|
|
{
|
|
__int64 TimeStamp;
|
|
DWORD FrameLength;
|
|
DWORD nBytesAvail;
|
|
TRFRAMEHDR FrameHeader;
|
|
BYTE FrameID[ 4 ];
|
|
DWORD Flags;
|
|
DWORD FrameType;
|
|
WORD StatsDataLen;
|
|
DWORD StatsVersion;
|
|
STATISTICS Statistics;
|
|
} TRSTATFRAME;
|
|
|
|
typedef TRSTATFRAME *LPTRSTATFRAME;
|
|
|
|
typedef TRSTATFRAME UNALIGNED *ULPTRSTATFRAME;
|
|
#define TRSTATFRAME_SIZE ( sizeof( TRSTATFRAME ) )
|
|
|
|
typedef struct _ESTATFRAME
|
|
{
|
|
__int64 TimeStamp;
|
|
DWORD FrameLength;
|
|
DWORD nBytesAvail;
|
|
EFRAMEHDR FrameHeader;
|
|
BYTE FrameID[ 4 ];
|
|
DWORD Flags;
|
|
DWORD FrameType;
|
|
WORD StatsDataLen;
|
|
DWORD StatsVersion;
|
|
STATISTICS Statistics;
|
|
} ESTATFRAME;
|
|
|
|
typedef ESTATFRAME *LPESTATFRAME;
|
|
|
|
typedef ESTATFRAME UNALIGNED *ULPESTATFRAME;
|
|
#define ESTATFRAME_SIZE ( sizeof( ESTATFRAME ) )
|
|
|
|
#define STATISTICS_VERSION_1_0 ( 0 )
|
|
|
|
#define STATISTICS_VERSION_2_0 ( 0x20 )
|
|
|
|
#define MAX_STATSFRAME_SIZE ( sizeof( TRSTATFRAME ) )
|
|
|
|
#define STATS_FRAME_TYPE ( 103 )
|
|
|
|
|
|
#pragma pack(pop)
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
// Obsolete structures
|
|
// The newer structures (named with a 2 appended) should be used
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
|
|
#pragma pack(push, 1)
|
|
// Address Structure
|
|
// Obsolete, ADDRESS2 should be used
|
|
typedef struct _ADDRESS
|
|
{
|
|
DWORD Type;
|
|
|
|
union
|
|
{
|
|
// ADDRESS_TYPE_ETHERNET
|
|
// ADDRESS_TYPE_TOKENRING
|
|
// ADDRESS_TYPE_FDDI
|
|
BYTE MACAddress[MAC_ADDRESS_SIZE];
|
|
|
|
// IP
|
|
BYTE IPAddress[IP_ADDRESS_SIZE];
|
|
|
|
// raw IPX
|
|
BYTE IPXRawAddress[IPX_ADDR_SIZE];
|
|
|
|
// real IPX
|
|
IPX_ADDR IPXAddress;
|
|
|
|
// raw Vines IP
|
|
BYTE VinesIPRawAddress[VINES_IP_ADDRESS_SIZE];
|
|
|
|
// real Vines IP
|
|
VINES_IP_ADDRESS VinesIPAddress;
|
|
|
|
// ethernet with bits defined
|
|
ETHERNET_SRC_ADDRESS EthernetSrcAddress;
|
|
|
|
// ethernet with bits defined
|
|
ETHERNET_DST_ADDRESS EthernetDstAddress;
|
|
|
|
// tokenring with bits defined
|
|
TOKENRING_SRC_ADDRESS TokenringSrcAddress;
|
|
|
|
// tokenring with bits defined
|
|
TOKENRING_DST_ADDRESS TokenringDstAddress;
|
|
|
|
// fddi with bits defined
|
|
FDDI_SRC_ADDRESS FddiSrcAddress;
|
|
|
|
// fddi with bits defined
|
|
FDDI_DST_ADDRESS FddiDstAddress;
|
|
};
|
|
|
|
WORD Flags;
|
|
} ADDRESS;
|
|
typedef ADDRESS *LPADDRESS;
|
|
#define ADDRESS_SIZE sizeof(ADDRESS)
|
|
|
|
|
|
#pragma pack(pop)
|
|
// Obsolete, ADDRESSPAIR2 should be used
|
|
typedef struct _ADDRESSPAIR
|
|
{
|
|
WORD AddressFlags;
|
|
WORD NalReserved;
|
|
ADDRESS DstAddress;
|
|
ADDRESS SrcAddress;
|
|
|
|
} ADDRESSPAIR;
|
|
typedef ADDRESSPAIR *LPADDRESSPAIR;
|
|
#define ADDRESSPAIR_SIZE sizeof(ADDRESSPAIR)
|
|
// Obsolete, ADDRESSTABLE2 should be used
|
|
typedef struct _ADDRESSTABLE
|
|
{
|
|
DWORD nAddressPairs;
|
|
DWORD nNonMacAddressPairs;
|
|
ADDRESSPAIR AddressPair[MAX_ADDRESS_PAIRS];
|
|
|
|
} ADDRESSTABLE;
|
|
|
|
typedef ADDRESSTABLE *LPADDRESSTABLE;
|
|
#define ADDRESSTABLE_SIZE sizeof(ADDRESSTABLE)
|
|
// Obsolete, ADDRESSINFO2 should be used
|
|
typedef struct _ADDRESSINFO
|
|
{
|
|
ADDRESS Address;
|
|
WCHAR Name[MAX_NAME_SIZE];
|
|
DWORD Flags;
|
|
LPVOID lpAddressInstData;
|
|
|
|
} ADDRESSINFO;
|
|
typedef struct _ADDRESSINFO *LPADDRESSINFO;
|
|
#define ADDRESSINFO_SIZE sizeof(ADDRESSINFO)
|
|
// Obsolete, ADDRESSINFOTABLE2 should be used
|
|
typedef struct _ADDRESSINFOTABLE
|
|
{
|
|
DWORD nAddressInfos;
|
|
LPADDRESSINFO lpAddressInfo[0];
|
|
|
|
} ADDRESSINFOTABLE;
|
|
typedef ADDRESSINFOTABLE *LPADDRESSINFOTABLE;
|
|
#define ADDRESSINFOTABLE_SIZE sizeof(ADDRESSINFOTABLE)
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
// Obsolete functions
|
|
// The newer functions should be used
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
// Obsolete, SetNPPAddress2FilterInBlob should be used
|
|
DWORD _cdecl SetNPPAddressFilterInBlob( HBLOB hBlob,
|
|
LPADDRESSTABLE pAddressTable);
|
|
// Obsolete, GetNPPAddress2FilterFromBlob should be used
|
|
DWORD _cdecl GetNPPAddressFilterFromBlob( HBLOB hBlob,
|
|
LPADDRESSTABLE pAddressTable,
|
|
HBLOB hErrorBlob);
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMEvent.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
|
|
#pragma pack(push, 8)
|
|
// NMCOLUMNTYPE
|
|
typedef /* [public][public][public][public][public][public] */
|
|
enum __MIDL___MIDL_itf_netmon_0000_0005
|
|
{ NMCOLUMNTYPE_UINT8 = 0,
|
|
NMCOLUMNTYPE_SINT8 = NMCOLUMNTYPE_UINT8 + 1,
|
|
NMCOLUMNTYPE_UINT16 = NMCOLUMNTYPE_SINT8 + 1,
|
|
NMCOLUMNTYPE_SINT16 = NMCOLUMNTYPE_UINT16 + 1,
|
|
NMCOLUMNTYPE_UINT32 = NMCOLUMNTYPE_SINT16 + 1,
|
|
NMCOLUMNTYPE_SINT32 = NMCOLUMNTYPE_UINT32 + 1,
|
|
NMCOLUMNTYPE_FLOAT64 = NMCOLUMNTYPE_SINT32 + 1,
|
|
NMCOLUMNTYPE_FRAME = NMCOLUMNTYPE_FLOAT64 + 1,
|
|
NMCOLUMNTYPE_YESNO = NMCOLUMNTYPE_FRAME + 1,
|
|
NMCOLUMNTYPE_ONOFF = NMCOLUMNTYPE_YESNO + 1,
|
|
NMCOLUMNTYPE_TRUEFALSE = NMCOLUMNTYPE_ONOFF + 1,
|
|
NMCOLUMNTYPE_MACADDR = NMCOLUMNTYPE_TRUEFALSE + 1,
|
|
NMCOLUMNTYPE_IPXADDR = NMCOLUMNTYPE_MACADDR + 1,
|
|
NMCOLUMNTYPE_IPADDR = NMCOLUMNTYPE_IPXADDR + 1,
|
|
NMCOLUMNTYPE_VARTIME = NMCOLUMNTYPE_IPADDR + 1,
|
|
NMCOLUMNTYPE_STRING = NMCOLUMNTYPE_VARTIME + 1
|
|
} NMCOLUMNTYPE;
|
|
|
|
// NMCOLUMNVARIANT
|
|
typedef struct _NMCOLUMNVARIANT
|
|
{
|
|
NMCOLUMNTYPE Type;
|
|
union
|
|
{
|
|
BYTE Uint8Val;
|
|
char Sint8Val;
|
|
WORD Uint16Val;
|
|
short Sint16Val;
|
|
DWORD Uint32Val;
|
|
long Sint32Val;
|
|
DOUBLE Float64Val;
|
|
DWORD FrameVal;
|
|
BOOL YesNoVal;
|
|
BOOL OnOffVal;
|
|
BOOL TrueFalseVal;
|
|
BYTE MACAddrVal[ 6 ];
|
|
IPX_ADDR IPXAddrVal;
|
|
DWORD IPAddrVal;
|
|
DOUBLE VarTimeVal;
|
|
LPCSTR pStringVal;
|
|
} Value;
|
|
} NMCOLUMNVARIANT;
|
|
|
|
// COLUMNINFO
|
|
typedef struct _NMCOLUMNINFO
|
|
{
|
|
LPSTR szColumnName;
|
|
NMCOLUMNVARIANT VariantData;
|
|
} NMCOLUMNINFO;
|
|
|
|
typedef NMCOLUMNINFO *PNMCOLUMNINFO;
|
|
|
|
// JTYPE
|
|
typedef LPSTR JTYPE;
|
|
|
|
// EVENTDATA
|
|
#ifdef MIDL_PASS
|
|
typedef struct _NMEVENTDATA
|
|
{
|
|
LPSTR pszReserved;
|
|
BYTE Version;
|
|
DWORD EventIdent;
|
|
DWORD Flags;
|
|
DWORD Severity;
|
|
BYTE NumColumns;
|
|
LPSTR szSourceName;
|
|
LPSTR szEventName;
|
|
LPSTR szDescription;
|
|
LPSTR szMachine;
|
|
JTYPE Justification;
|
|
PVOID pvReserved;
|
|
SYSTEMTIME SysTime;
|
|
/* [size_is] */ NMCOLUMNINFO Column[ 1 ];
|
|
} NMEVENTDATA;
|
|
|
|
#else // MIDL_PASS
|
|
typedef struct _NMEVENTDATA
|
|
{
|
|
LPSTR pszReserved; // Reserved
|
|
BYTE Version; // Version for this structure (must be 0)
|
|
DWORD EventIdent; // ID for this event
|
|
DWORD Flags; // Flags for Expert generated and others
|
|
DWORD Severity; // Severity level
|
|
BYTE NumColumns; // Number of optional columns for this event
|
|
LPSTR szSourceName; // Name of Expert
|
|
LPSTR szEventName; // Name of event
|
|
LPSTR szDescription;// Description of event
|
|
LPSTR szMachine; // Name (or IPADDRESS?) of the machine supplying the event (NULL for Experts usually)
|
|
JTYPE Justification;// Justification pane info (currently a string, but possible structure)
|
|
PVOID pvReserved; // Reserved
|
|
SYSTEMTIME SysTime; // Systemtime of the event
|
|
NMCOLUMNINFO Column[0];
|
|
} NMEVENTDATA;
|
|
#endif // MIDL_PASS
|
|
typedef NMEVENTDATA *PNMEVENTDATA;
|
|
|
|
|
|
#pragma pack(pop)
|
|
// EVENT FLAGS
|
|
#define NMEVENTFLAG_EXPERT ( 0x1 )
|
|
|
|
#define NMEVENTFLAG_DO_NOT_DISPLAY_SEVERITY ( 0x80000000 )
|
|
|
|
#define NMEVENTFLAG_DO_NOT_DISPLAY_SOURCE ( 0x40000000 )
|
|
|
|
#define NMEVENTFLAG_DO_NOT_DISPLAY_EVENT_NAME ( 0x20000000 )
|
|
|
|
#define NMEVENTFLAG_DO_NOT_DISPLAY_DESCRIPTION ( 0x10000000 )
|
|
|
|
#define NMEVENTFLAG_DO_NOT_DISPLAY_MACHINE ( 0x8000000 )
|
|
|
|
#define NMEVENTFLAG_DO_NOT_DISPLAY_TIME ( 0x4000000 )
|
|
|
|
#define NMEVENTFLAG_DO_NOT_DISPLAY_DATE ( 0x2000000 )
|
|
|
|
//#define NMEVENTFLAG_DO_NOT_DISPLAY_FIXED_COLUMNS (NMEVENTFLAG_DO_NOT_DISPLAY_SEVERITY | \
|
|
// NMEVENTFLAG_DO_NOT_DISPLAY_SOURCE | \
|
|
// NMEVENTFLAG_DO_NOT_DISPLAY_EVENT_NAME | \
|
|
// NMEVENTFLAG_DO_NOT_DISPLAY_DESCRIPTION| \
|
|
// NMEVENTFLAG_DO_NOT_DISPLAY_MACHINE | \
|
|
// NMEVENTFLAG_DO_NOT_DISPLAY_TIME | \
|
|
// NMEVENTFLAG_DO_NOT_DISPLAY_DATE )
|
|
#define NMEVENTFLAG_DO_NOT_DISPLAY_FIXED_COLUMNS ( 0xfe000000 )
|
|
|
|
|
|
enum _NMEVENT_SEVERITIES
|
|
{ NMEVENT_SEVERITY_INFORMATIONAL = 0,
|
|
NMEVENT_SEVERITY_WARNING = NMEVENT_SEVERITY_INFORMATIONAL + 1,
|
|
NMEVENT_SEVERITY_STRONG_WARNING = NMEVENT_SEVERITY_WARNING + 1,
|
|
NMEVENT_SEVERITY_ERROR = NMEVENT_SEVERITY_STRONG_WARNING + 1,
|
|
NMEVENT_SEVERITY_SEVERE_ERROR = NMEVENT_SEVERITY_ERROR + 1,
|
|
NMEVENT_SEVERITY_CRITICAL_ERROR = NMEVENT_SEVERITY_SEVERE_ERROR + 1
|
|
} ;
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (Finder.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// Structures use by NPPs & the Finder
|
|
//=============================================================================
|
|
typedef /* [public][public] */ struct __MIDL___MIDL_itf_netmon_0000_0007
|
|
{
|
|
DWORD dwNumBlobs;
|
|
/* [size_is] */ HBLOB hBlobs[ 1 ];
|
|
} BLOB_TABLE;
|
|
|
|
typedef BLOB_TABLE *PBLOB_TABLE;
|
|
|
|
typedef /* [public][public][public] */ struct __MIDL___MIDL_itf_netmon_0000_0008
|
|
{
|
|
DWORD size;
|
|
/* [size_is] */ BYTE *pBytes;
|
|
} MBLOB;
|
|
|
|
typedef /* [public][public] */ struct __MIDL___MIDL_itf_netmon_0000_0009
|
|
{
|
|
DWORD dwNumBlobs;
|
|
/* [size_is] */ MBLOB mBlobs[ 1 ];
|
|
} MBLOB_TABLE;
|
|
|
|
typedef MBLOB_TABLE *PMBLOB_TABLE;
|
|
|
|
//=============================================================================
|
|
// Functions called by monitors, tools, netmon
|
|
//=============================================================================
|
|
DWORD _cdecl GetNPPBlobTable(HBLOB hFilterBlob,
|
|
PBLOB_TABLE* ppBlobTable);
|
|
|
|
DWORD _cdecl GetNPPBlobFromUI(HWND hwnd,
|
|
HBLOB hFilterBlob,
|
|
HBLOB* phBlob);
|
|
|
|
DWORD _cdecl GetNPPBlobFromUIExU(HWND hwnd,
|
|
HBLOB hFilterBlob,
|
|
HBLOB* phBlob,
|
|
char* szHelpFileName);
|
|
|
|
DWORD _cdecl SelectNPPBlobFromTable( HWND hwnd,
|
|
PBLOB_TABLE pBlobTable,
|
|
HBLOB* hBlob);
|
|
|
|
DWORD _cdecl SelectNPPBlobFromTableExU( HWND hwnd,
|
|
PBLOB_TABLE pBlobTable,
|
|
HBLOB* hBlob,
|
|
char* szHelpFileName);
|
|
|
|
//=============================================================================
|
|
// Helper functions provided by the Finder
|
|
//=============================================================================
|
|
|
|
__inline DWORD BLOB_TABLE_SIZE(DWORD dwNumBlobs)
|
|
{
|
|
return (DWORD) (sizeof(BLOB_TABLE)+dwNumBlobs*sizeof(HBLOB));
|
|
}
|
|
|
|
__inline PBLOB_TABLE AllocBlobTable(DWORD dwNumBlobs)
|
|
{
|
|
DWORD size = BLOB_TABLE_SIZE(dwNumBlobs);
|
|
|
|
return (PBLOB_TABLE)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, size);
|
|
}
|
|
|
|
__inline DWORD MBLOB_TABLE_SIZE(DWORD dwNumBlobs)
|
|
{
|
|
return (DWORD) (sizeof(MBLOB_TABLE)+dwNumBlobs*sizeof(MBLOB));
|
|
}
|
|
|
|
__inline PMBLOB_TABLE AllocMBlobTable(DWORD dwNumBlobs)
|
|
{
|
|
DWORD size = MBLOB_TABLE_SIZE(dwNumBlobs);
|
|
|
|
return (PMBLOB_TABLE)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, size);
|
|
}
|
|
|
|
//=============================================================================
|
|
// Functions provided by NPPs, called by the Finder
|
|
//=============================================================================
|
|
|
|
// For NPP's that can return a Blob table without additional configuration.
|
|
DWORD _cdecl GetNPPBlobs(PBLOB_TABLE* ppBlobTable);
|
|
typedef DWORD (_cdecl FAR* BLOBSPROC) (PBLOB_TABLE* ppBlobTable);
|
|
|
|
// For NPP's that need additional information to return a Blob table.
|
|
DWORD _cdecl GetConfigBlob(HBLOB* phBlob);
|
|
typedef DWORD (_cdecl FAR* GETCFGBLOB) (HBLOB, HBLOB*);
|
|
typedef DWORD (_cdecl FAR* CFGPROC) (HWND hwnd,
|
|
HBLOB SpecialBlob,
|
|
PBLOB_TABLE* ppBlobTable);
|
|
|
|
//=============================================================================
|
|
// Handy functions
|
|
//=============================================================================
|
|
BOOL _cdecl FilterNPPBlob(HBLOB hBlob, HBLOB FilterBlob);
|
|
|
|
BOOL _cdecl RaiseNMEvent(HINSTANCE hInstance,
|
|
WORD EventType,
|
|
DWORD EventID,
|
|
WORD nStrings,
|
|
const char** aInsertStrs,
|
|
LPVOID lpvData,
|
|
DWORD dwDataSize);
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMmonitor.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMSupp.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
|
|
#ifndef __cplusplus
|
|
#ifndef try
|
|
#define try __try
|
|
#endif // try
|
|
|
|
#ifndef except
|
|
#define except __except
|
|
#endif // except
|
|
#endif // __cplusplus
|
|
//=============================================================================
|
|
// Windows version constants.
|
|
//=============================================================================
|
|
#define WINDOWS_VERSION_UNKNOWN ( 0 )
|
|
|
|
#define WINDOWS_VERSION_WIN32S ( 1 )
|
|
|
|
#define WINDOWS_VERSION_WIN32C ( 2 )
|
|
|
|
#define WINDOWS_VERSION_WIN32 ( 3 )
|
|
|
|
//=============================================================================
|
|
// Frame masks.
|
|
//=============================================================================
|
|
#define FRAME_MASK_ETHERNET ( ( BYTE )~0x1 )
|
|
|
|
#define FRAME_MASK_TOKENRING ( ( BYTE )~0x80 )
|
|
|
|
#define FRAME_MASK_FDDI ( ( BYTE )~0x1 )
|
|
|
|
//=============================================================================
|
|
// Object heap type.
|
|
//=============================================================================
|
|
typedef LPVOID HOBJECTHEAP;
|
|
|
|
//=============================================================================
|
|
// Object cleanup procedure.
|
|
//=============================================================================
|
|
|
|
typedef VOID (WINAPI *OBJECTPROC)(HOBJECTHEAP, LPVOID);
|
|
|
|
//=============================================================================
|
|
// Network Monitor timers.
|
|
//=============================================================================
|
|
typedef struct _TIMER *HTIMER;
|
|
|
|
typedef VOID (WINAPI *BHTIMERPROC)(LPVOID);
|
|
|
|
HTIMER WINAPI BhSetTimer(BHTIMERPROC TimerProc, LPVOID InstData, DWORD TimeOut);
|
|
|
|
VOID WINAPI BhKillTimer(HTIMER hTimer);
|
|
|
|
//=============================================================================
|
|
// Network Monitor global error API.
|
|
//=============================================================================
|
|
|
|
DWORD WINAPI BhGetLastError(VOID);
|
|
|
|
DWORD WINAPI BhSetLastError(DWORD Error);
|
|
|
|
//=============================================================================
|
|
// Object manager function prototypes.
|
|
//=============================================================================
|
|
|
|
HOBJECTHEAP WINAPI CreateObjectHeap(DWORD ObjectSize, OBJECTPROC ObjectProc);
|
|
|
|
HOBJECTHEAP WINAPI DestroyObjectHeap(HOBJECTHEAP hObjectHeap);
|
|
|
|
LPVOID WINAPI AllocObject(HOBJECTHEAP hObjectHeap);
|
|
|
|
LPVOID WINAPI FreeObject(HOBJECTHEAP hObjectHeap, LPVOID ObjectMemory);
|
|
|
|
DWORD WINAPI GrowObjectHeap(HOBJECTHEAP hObjectHeap, DWORD nObjects);
|
|
|
|
DWORD WINAPI GetObjectHeapSize(HOBJECTHEAP hObjectHeap);
|
|
|
|
VOID WINAPI PurgeObjectHeap(HOBJECTHEAP hObjectHeap);
|
|
|
|
//=============================================================================
|
|
// Memory functions.
|
|
//=============================================================================
|
|
|
|
LPVOID WINAPI AllocMemory(SIZE_T size);
|
|
|
|
LPVOID WINAPI ReallocMemory(LPVOID ptr, SIZE_T NewSize);
|
|
|
|
VOID WINAPI FreeMemory(LPVOID ptr);
|
|
|
|
VOID WINAPI TestMemory(LPVOID ptr);
|
|
|
|
SIZE_T WINAPI MemorySize(LPVOID ptr);
|
|
|
|
HANDLE WINAPI MemoryHandle(LPBYTE ptr);
|
|
|
|
//=============================================================================
|
|
// EXPRESSION API's
|
|
//=============================================================================
|
|
|
|
LPEXPRESSION WINAPI InitializeExpression(LPEXPRESSION Expression);
|
|
|
|
LPPATTERNMATCH WINAPI InitializePattern(LPPATTERNMATCH Pattern, LPVOID ptr, DWORD offset, DWORD length);
|
|
|
|
LPEXPRESSION WINAPI AndExpression(LPEXPRESSION Expression, LPPATTERNMATCH Pattern);
|
|
|
|
LPEXPRESSION WINAPI OrExpression(LPEXPRESSION Expression, LPPATTERNMATCH Pattern);
|
|
|
|
LPPATTERNMATCH WINAPI NegatePattern(LPPATTERNMATCH Pattern);
|
|
|
|
LPADDRESSTABLE2 WINAPI AdjustOperatorPrecedence(LPADDRESSTABLE2 AddressTable);
|
|
|
|
LPADDRESS2 WINAPI NormalizeAddress(LPADDRESS2 Address);
|
|
|
|
LPADDRESSTABLE2 WINAPI NormalizeAddressTable(LPADDRESSTABLE2 AddressTable);
|
|
|
|
//=============================================================================
|
|
// MISC. API's
|
|
//=============================================================================
|
|
|
|
DWORD WINAPI BhGetWindowsVersion(VOID);
|
|
|
|
BOOL WINAPI IsDaytona(VOID);
|
|
|
|
VOID _cdecl dprintf(LPSTR format, ...);
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (BHTypes.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// Unaligned base type definitions.
|
|
//=============================================================================
|
|
typedef VOID UNALIGNED *ULPVOID;
|
|
typedef BYTE UNALIGNED *ULPBYTE;
|
|
typedef WORD UNALIGNED *ULPWORD;
|
|
typedef DWORD UNALIGNED *ULPDWORD;
|
|
typedef CHAR UNALIGNED *ULPSTR;
|
|
typedef SYSTEMTIME UNALIGNED *ULPSYSTEMTIME;
|
|
//=============================================================================
|
|
// Handle definitions.
|
|
//=============================================================================
|
|
typedef struct _PARSER *HPARSER;
|
|
|
|
typedef struct _CAPFRAMEDESC *HFRAME;
|
|
|
|
typedef struct _CAPTURE *HCAPTURE;
|
|
|
|
typedef struct _FILTER *HFILTER;
|
|
|
|
typedef struct _ADDRESSDB *HADDRESSDB;
|
|
|
|
typedef struct _PROTOCOL *HPROTOCOL;
|
|
|
|
typedef DWORD_PTR HPROPERTY;
|
|
|
|
typedef HPROTOCOL *LPHPROTOCOL;
|
|
|
|
//=============================================================================
|
|
// GetTableSize() -- The following macro is used to calculate the actual
|
|
// length of Network Monitor variable-length table structures.
|
|
//
|
|
// EXAMPLE:
|
|
//
|
|
// GetTableSize(PROTOCOLTABLESIZE,
|
|
// ProtocolTable->nProtocols,
|
|
// sizeof(HPROTOCOL))
|
|
//=============================================================================
|
|
#define GetTableSize(TableBaseSize, nElements, ElementSize) ((TableBaseSize) + ((nElements) * (ElementSize)))
|
|
//=============================================================================
|
|
// Object type identifiers.
|
|
//=============================================================================
|
|
typedef DWORD OBJECTTYPE;
|
|
|
|
#ifndef MAKE_IDENTIFIER
|
|
#define MAKE_IDENTIFIER(a, b, c, d) ((DWORD) MAKELONG(MAKEWORD(a, b), MAKEWORD(c, d)))
|
|
#endif // MAKE_IDENTIFIER
|
|
#define HANDLE_TYPE_INVALID MAKE_IDENTIFIER(-1, -1, -1, -1)
|
|
#define HANDLE_TYPE_CAPTURE MAKE_IDENTIFIER('C', 'A', 'P', '$')
|
|
#define HANDLE_TYPE_PARSER MAKE_IDENTIFIER('P', 'S', 'R', '$')
|
|
#define HANDLE_TYPE_ADDRESSDB MAKE_IDENTIFIER('A', 'D', 'R', '$')
|
|
#define HANDLE_TYPE_PROTOCOL MAKE_IDENTIFIER('P', 'R', 'T', '$')
|
|
#define HANDLE_TYPE_BUFFER MAKE_IDENTIFIER('B', 'U', 'F', '$')
|
|
//=============================================================================
|
|
// Network Monitor constant definitions.
|
|
//=============================================================================
|
|
#define INLINE __inline
|
|
#define BHAPI WINAPI
|
|
#define MAX_NAME_LENGTH ( 16 )
|
|
|
|
#define MAX_ADDR_LENGTH ( 6 )
|
|
|
|
//=============================================================================
|
|
// Ethernet type (ETYPE) constant definitions.
|
|
//=============================================================================
|
|
#define ETYPE_LOOP ( 0x9000 )
|
|
|
|
#define ETYPE_3COM_NETMAP1 ( 0x9001 )
|
|
|
|
#define ETYPE_3COM_NETMAP2 ( 0x9002 )
|
|
|
|
#define ETYPE_IBM_RT ( 0x80d5 )
|
|
|
|
#define ETYPE_NETWARE ( 0x8137 )
|
|
|
|
#define ETYPE_XNS1 ( 0x600 )
|
|
|
|
#define ETYPE_XNS2 ( 0x807 )
|
|
|
|
#define ETYPE_3COM_NBP0 ( 0x3c00 )
|
|
|
|
#define ETYPE_3COM_NBP1 ( 0x3c01 )
|
|
|
|
#define ETYPE_3COM_NBP2 ( 0x3c02 )
|
|
|
|
#define ETYPE_3COM_NBP3 ( 0x3c03 )
|
|
|
|
#define ETYPE_3COM_NBP4 ( 0x3c04 )
|
|
|
|
#define ETYPE_3COM_NBP5 ( 0x3c05 )
|
|
|
|
#define ETYPE_3COM_NBP6 ( 0x3c06 )
|
|
|
|
#define ETYPE_3COM_NBP7 ( 0x3c07 )
|
|
|
|
#define ETYPE_3COM_NBP8 ( 0x3c08 )
|
|
|
|
#define ETYPE_3COM_NBP9 ( 0x3c09 )
|
|
|
|
#define ETYPE_3COM_NBP10 ( 0x3c0a )
|
|
|
|
#define ETYPE_IP ( 0x800 )
|
|
|
|
#define ETYPE_ARP1 ( 0x806 )
|
|
|
|
#define ETYPE_ARP2 ( 0x807 )
|
|
|
|
#define ETYPE_RARP ( 0x8035 )
|
|
|
|
#define ETYPE_TRLR0 ( 0x1000 )
|
|
|
|
#define ETYPE_TRLR1 ( 0x1001 )
|
|
|
|
#define ETYPE_TRLR2 ( 0x1002 )
|
|
|
|
#define ETYPE_TRLR3 ( 0x1003 )
|
|
|
|
#define ETYPE_TRLR4 ( 0x1004 )
|
|
|
|
#define ETYPE_TRLR5 ( 0x1005 )
|
|
|
|
#define ETYPE_PUP ( 0x200 )
|
|
|
|
#define ETYPE_PUP_ARP ( 0x201 )
|
|
|
|
#define ETYPE_APPLETALK_ARP ( 0x80f3 )
|
|
|
|
#define ETYPE_APPLETALK_LAP ( 0x809b )
|
|
|
|
#define ETYPE_SNMP ( 0x814c )
|
|
|
|
//=============================================================================
|
|
// LLC (802.2) SAP constant definitions.
|
|
//=============================================================================
|
|
#define SAP_SNAP ( 0xaa )
|
|
|
|
#define SAP_BPDU ( 0x42 )
|
|
|
|
#define SAP_IBM_NM ( 0xf4 )
|
|
|
|
#define SAP_IBM_NETBIOS ( 0xf0 )
|
|
|
|
#define SAP_SNA1 ( 0x4 )
|
|
|
|
#define SAP_SNA2 ( 0x5 )
|
|
|
|
#define SAP_SNA3 ( 0x8 )
|
|
|
|
#define SAP_SNA4 ( 0xc )
|
|
|
|
#define SAP_NETWARE1 ( 0x10 )
|
|
|
|
#define SAP_NETWARE2 ( 0xe0 )
|
|
|
|
#define SAP_NETWARE3 ( 0xfe )
|
|
|
|
#define SAP_IP ( 0x6 )
|
|
|
|
#define SAP_X25 ( 0x7e )
|
|
|
|
#define SAP_RPL1 ( 0xf8 )
|
|
|
|
#define SAP_RPL2 ( 0xfc )
|
|
|
|
#define SAP_UB ( 0xfa )
|
|
|
|
#define SAP_XNS ( 0x80 )
|
|
|
|
//=============================================================================
|
|
// Property constants
|
|
//=============================================================================
|
|
// data types
|
|
#define PROP_TYPE_VOID ( 0 )
|
|
|
|
#define PROP_TYPE_SUMMARY ( 0x1 )
|
|
|
|
#define PROP_TYPE_BYTE ( 0x2 )
|
|
|
|
#define PROP_TYPE_WORD ( 0x3 )
|
|
|
|
#define PROP_TYPE_DWORD ( 0x4 )
|
|
|
|
#define PROP_TYPE_LARGEINT ( 0x5 )
|
|
|
|
#define PROP_TYPE_ADDR ( 0x6 )
|
|
|
|
#define PROP_TYPE_TIME ( 0x7 )
|
|
|
|
#define PROP_TYPE_STRING ( 0x8 )
|
|
|
|
#define PROP_TYPE_IP_ADDRESS ( 0x9 )
|
|
|
|
#define PROP_TYPE_IPX_ADDRESS ( 0xa )
|
|
|
|
#define PROP_TYPE_BYTESWAPPED_WORD ( 0xb )
|
|
|
|
#define PROP_TYPE_BYTESWAPPED_DWORD ( 0xc )
|
|
|
|
#define PROP_TYPE_TYPED_STRING ( 0xd )
|
|
|
|
#define PROP_TYPE_RAW_DATA ( 0xe )
|
|
|
|
#define PROP_TYPE_COMMENT ( 0xf )
|
|
|
|
#define PROP_TYPE_SRCFRIENDLYNAME ( 0x10 )
|
|
|
|
#define PROP_TYPE_DSTFRIENDLYNAME ( 0x11 )
|
|
|
|
#define PROP_TYPE_TOKENRING_ADDRESS ( 0x12 )
|
|
|
|
#define PROP_TYPE_FDDI_ADDRESS ( 0x13 )
|
|
|
|
#define PROP_TYPE_ETHERNET_ADDRESS ( 0x14 )
|
|
|
|
#define PROP_TYPE_OBJECT_IDENTIFIER ( 0x15 )
|
|
|
|
#define PROP_TYPE_VINES_IP_ADDRESS ( 0x16 )
|
|
|
|
#define PROP_TYPE_VAR_LEN_SMALL_INT ( 0x17 )
|
|
|
|
#define PROP_TYPE_ATM_ADDRESS ( 0x18 )
|
|
|
|
#define PROP_TYPE_1394_ADDRESS ( 0x19 )
|
|
|
|
#define PROP_TYPE_IP6_ADDRESS ( 0x1a )
|
|
|
|
// data qualifiers
|
|
#define PROP_QUAL_NONE ( 0 )
|
|
|
|
#define PROP_QUAL_RANGE ( 0x1 )
|
|
|
|
#define PROP_QUAL_SET ( 0x2 )
|
|
|
|
#define PROP_QUAL_BITFIELD ( 0x3 )
|
|
|
|
#define PROP_QUAL_LABELED_SET ( 0x4 )
|
|
|
|
#define PROP_QUAL_LABELED_BITFIELD ( 0x8 )
|
|
|
|
#define PROP_QUAL_CONST ( 0x9 )
|
|
|
|
#define PROP_QUAL_FLAGS ( 0xa )
|
|
|
|
#define PROP_QUAL_ARRAY ( 0xb )
|
|
|
|
//=============================================================================
|
|
// LARGEINT structure defined in winnt.h
|
|
//=============================================================================
|
|
typedef LARGE_INTEGER *LPLARGEINT;
|
|
|
|
typedef LARGE_INTEGER UNALIGNED *ULPLARGEINT;
|
|
//=============================================================================
|
|
// Range structure.
|
|
//=============================================================================
|
|
typedef struct _RANGE
|
|
{
|
|
DWORD MinValue;
|
|
DWORD MaxValue;
|
|
} RANGE;
|
|
|
|
typedef RANGE *LPRANGE;
|
|
|
|
//=============================================================================
|
|
// LABELED_BYTE structure
|
|
//=============================================================================
|
|
typedef struct _LABELED_BYTE
|
|
{
|
|
BYTE Value;
|
|
LPSTR Label;
|
|
} LABELED_BYTE;
|
|
|
|
typedef LABELED_BYTE *LPLABELED_BYTE;
|
|
|
|
//=============================================================================
|
|
// LABELED_WORD structure
|
|
//=============================================================================
|
|
typedef struct _LABELED_WORD
|
|
{
|
|
WORD Value;
|
|
LPSTR Label;
|
|
} LABELED_WORD;
|
|
|
|
typedef LABELED_WORD *LPLABELED_WORD;
|
|
|
|
//=============================================================================
|
|
// LABELED_DWORD structure
|
|
//=============================================================================
|
|
typedef struct _LABELED_DWORD
|
|
{
|
|
DWORD Value;
|
|
LPSTR Label;
|
|
} LABELED_DWORD;
|
|
|
|
typedef LABELED_DWORD *LPLABELED_DWORD;
|
|
|
|
//=============================================================================
|
|
// LABELED_LARGEINT structure
|
|
//=============================================================================
|
|
typedef struct _LABELED_LARGEINT
|
|
{
|
|
LARGE_INTEGER Value;
|
|
LPSTR Label;
|
|
} LABELED_LARGEINT;
|
|
|
|
typedef LABELED_LARGEINT *LPLABELED_LARGEINT;
|
|
|
|
//=============================================================================
|
|
// LABELED_SYSTEMTIME structure
|
|
//=============================================================================
|
|
typedef struct _LABELED_SYSTEMTIME
|
|
{
|
|
SYSTEMTIME Value;
|
|
LPSTR Label;
|
|
} LABELED_SYSTEMTIME;
|
|
|
|
typedef LABELED_SYSTEMTIME *LPLABELED_SYSTEMTIME;
|
|
|
|
//=============================================================================
|
|
// LABELED_BIT structure
|
|
//=============================================================================
|
|
// BitNumber starts at 0, up to 256 bits.
|
|
typedef struct _LABELED_BIT
|
|
{
|
|
BYTE BitNumber;
|
|
LPSTR LabelOff;
|
|
LPSTR LabelOn;
|
|
} LABELED_BIT;
|
|
|
|
typedef LABELED_BIT *LPLABELED_BIT;
|
|
|
|
//=============================================================================
|
|
// TYPED_STRING structure
|
|
//=============================================================================
|
|
#define TYPED_STRING_NORMAL ( 1 )
|
|
|
|
#define TYPED_STRING_UNICODE ( 2 )
|
|
|
|
#define TYPED_STRING_EXFLAG ( 1 )
|
|
|
|
// Typed Strings are always Ex, so to actually Ex we set fStringEx and put the Ex data in Byte
|
|
typedef struct _TYPED_STRING
|
|
{
|
|
BYTE StringType:7;
|
|
BYTE fStringEx:1;
|
|
LPSTR lpString;
|
|
BYTE Byte[0];
|
|
} TYPED_STRING;
|
|
|
|
typedef TYPED_STRING *LPTYPED_STRING;
|
|
//=============================================================================
|
|
// OBJECT_IDENTIFIER structure
|
|
//=============================================================================
|
|
typedef struct _OBJECT_IDENTIFIER
|
|
{
|
|
DWORD Length;
|
|
LPDWORD lpIdentifier;
|
|
} OBJECT_IDENTIFIER;
|
|
|
|
typedef OBJECT_IDENTIFIER *LPOBJECT_IDENTIFIER;
|
|
|
|
//=============================================================================
|
|
// Set structure.
|
|
//=============================================================================
|
|
typedef struct _SET
|
|
{
|
|
DWORD nEntries;
|
|
union
|
|
{
|
|
LPVOID lpVoidTable;
|
|
LPBYTE lpByteTable;
|
|
LPWORD lpWordTable;
|
|
LPDWORD lpDwordTable;
|
|
LPLARGEINT lpLargeIntTable;
|
|
LPSYSTEMTIME lpSystemTimeTable;
|
|
LPLABELED_BYTE lpLabeledByteTable;
|
|
LPLABELED_WORD lpLabeledWordTable;
|
|
LPLABELED_DWORD lpLabeledDwordTable;
|
|
LPLABELED_LARGEINT lpLabeledLargeIntTable;
|
|
LPLABELED_SYSTEMTIME lpLabeledSystemTimeTable;
|
|
LPLABELED_BIT lpLabeledBit;
|
|
} ;
|
|
} SET;
|
|
|
|
typedef SET *LPSET;
|
|
|
|
//=============================================================================
|
|
// String table.
|
|
//=============================================================================
|
|
typedef struct _STRINGTABLE
|
|
{
|
|
DWORD nStrings;
|
|
LPSTR String[0];
|
|
|
|
} STRINGTABLE;
|
|
|
|
typedef STRINGTABLE *LPSTRINGTABLE;
|
|
#define STRINGTABLE_SIZE sizeof(STRINGTABLE)
|
|
|
|
//=============================================================================
|
|
// RECOGNIZEDATA structure.
|
|
//
|
|
// This structure to keep track of the start of each recognized protocol.
|
|
//=============================================================================
|
|
typedef struct _RECOGNIZEDATA
|
|
{
|
|
WORD ProtocolID;
|
|
WORD nProtocolOffset;
|
|
LPVOID InstData;
|
|
} RECOGNIZEDATA;
|
|
|
|
typedef RECOGNIZEDATA *LPRECOGNIZEDATA;
|
|
|
|
//=============================================================================
|
|
// RECOGNIZEDATATABLE structure.
|
|
//
|
|
// This structure to keep track of the start of each RECOGNIZEDATA structure
|
|
//=============================================================================
|
|
typedef struct _RECOGNIZEDATATABLE
|
|
{
|
|
WORD nRecognizeDatas; //... number of RECOGNIZEDATA structures
|
|
RECOGNIZEDATA RecognizeData[0]; //... array of RECOGNIZEDATA structures follows
|
|
|
|
} RECOGNIZEDATATABLE;
|
|
|
|
typedef RECOGNIZEDATATABLE * LPRECOGNIZEDATATABLE;
|
|
|
|
//=============================================================================
|
|
// Property information structure.
|
|
//=============================================================================
|
|
typedef struct _PROPERTYINFO
|
|
{
|
|
HPROPERTY hProperty;
|
|
DWORD Version;
|
|
LPSTR Label;
|
|
LPSTR Comment;
|
|
BYTE DataType;
|
|
BYTE DataQualifier;
|
|
union
|
|
{
|
|
LPVOID lpExtendedInfo;
|
|
LPRANGE lpRange;
|
|
LPSET lpSet;
|
|
DWORD Bitmask;
|
|
DWORD Value;
|
|
} ;
|
|
WORD FormatStringSize;
|
|
LPVOID InstanceData;
|
|
} PROPERTYINFO;
|
|
|
|
typedef PROPERTYINFO *LPPROPERTYINFO;
|
|
|
|
#define PROPERTYINFO_SIZE ( sizeof( PROPERTYINFO ) )
|
|
|
|
//=============================================================================
|
|
// Property instance Extended structure.
|
|
//=============================================================================
|
|
typedef struct _PROPERTYINSTEX
|
|
{
|
|
WORD Length; //... length of raw data in frame
|
|
WORD LengthEx; //... number of bytes following
|
|
ULPVOID lpData; //... pointer to raw data in frame
|
|
|
|
union
|
|
{
|
|
BYTE Byte[]; //... table of bytes follows
|
|
WORD Word[]; //... table of words follows
|
|
DWORD Dword[]; //... table of Dwords follows
|
|
LARGE_INTEGER LargeInt[]; //... table of LARGEINT structures to follow
|
|
SYSTEMTIME SysTime[]; //... table of SYSTEMTIME structures follows
|
|
TYPED_STRING TypedString;//... a typed_string that may have extended data
|
|
};
|
|
} PROPERTYINSTEX;
|
|
typedef PROPERTYINSTEX *LPPROPERTYINSTEX;
|
|
typedef PROPERTYINSTEX UNALIGNED *ULPPROPERTYINSTEX;
|
|
#define PROPERTYINSTEX_SIZE sizeof(PROPERTYINSTEX)
|
|
//=============================================================================
|
|
// Property instance structure.
|
|
//=============================================================================
|
|
typedef struct _PROPERTYINST
|
|
{
|
|
LPPROPERTYINFO lpPropertyInfo; // pointer to property info
|
|
LPSTR szPropertyText; // pointer to string description
|
|
|
|
union
|
|
{
|
|
LPVOID lpData; // pointer to data
|
|
ULPBYTE lpByte; // bytes
|
|
ULPWORD lpWord; // words
|
|
ULPDWORD lpDword; // dwords
|
|
|
|
ULPLARGEINT lpLargeInt; // LargeInt
|
|
ULPSYSTEMTIME lpSysTime; // pointer to SYSTEMTIME structures
|
|
LPPROPERTYINSTEX lpPropertyInstEx; // pointer to propertyinstex (if DataLength = -1)
|
|
};
|
|
|
|
WORD DataLength; // length of data, or flag for propertyinstex struct
|
|
WORD Level : 4 ; // level information ............1111
|
|
WORD HelpID : 12 ; // context ID for helpfile 111111111111....
|
|
// ---------------
|
|
// total of 16 bits == 1 WORD == DWORD ALIGNED structure
|
|
// Interpretation Flags: Flags that define attach time information to the
|
|
// interpretation of the property. For example, in RPC, the client can be
|
|
// Intel format and the server can be non-Intel format... thus the property
|
|
// database cannot describe the property at database creation time.
|
|
DWORD IFlags;
|
|
|
|
} PROPERTYINST;
|
|
typedef PROPERTYINST *LPPROPERTYINST;
|
|
#define PROPERTYINST_SIZE sizeof(PROPERTYINST)
|
|
|
|
// Flags passed at AttachPropertyInstance and AttachPropertyInstanceEx time in the IFlags field:
|
|
// flag for error condition ...............1
|
|
#define IFLAG_ERROR ( 0x1 )
|
|
|
|
// is the WORD or DWORD byte non-Intel format at attach time?
|
|
#define IFLAG_SWAPPED ( 0x2 )
|
|
|
|
// is the STRING UNICODE at attach time?
|
|
#define IFLAG_UNICODE ( 0x4 )
|
|
|
|
//=============================================================================
|
|
// Property instance table structure.
|
|
//=============================================================================
|
|
typedef struct _PROPERTYINSTTABLE
|
|
{
|
|
WORD nPropertyInsts;
|
|
WORD nPropertyInstIndex;
|
|
} PROPERTYINSTTABLE;
|
|
|
|
typedef PROPERTYINSTTABLE *LPPROPERTYINSTTABLE;
|
|
|
|
#define PROPERTYINSTTABLE_SIZE ( sizeof( PROPERTYINSTTABLE ) )
|
|
|
|
//=============================================================================
|
|
// Property table structure.
|
|
//=============================================================================
|
|
typedef struct _PROPERTYTABLE
|
|
{
|
|
LPVOID lpFormatBuffer; //... Opaque. (PRIVATE)
|
|
DWORD FormatBufferLength; //... Opaque. (PRIVATE)
|
|
DWORD nTotalPropertyInsts; //... total number of propertyinstances in array
|
|
LPPROPERTYINST lpFirstPropertyInst; //... array of property instances
|
|
BYTE nPropertyInstTables; //... total PropertyIndexTables following
|
|
PROPERTYINSTTABLE PropertyInstTable[0]; //... array of propertyinstance index table structures
|
|
|
|
} PROPERTYTABLE;
|
|
|
|
typedef PROPERTYTABLE *LPPROPERTYTABLE;
|
|
|
|
#define PROPERTYTABLE_SIZE sizeof(PROPERTYTABLE)
|
|
//=============================================================================
|
|
// Protocol entry points.
|
|
//=============================================================================
|
|
|
|
typedef VOID (WINAPI *REGISTER)(HPROTOCOL);
|
|
|
|
typedef VOID (WINAPI *DEREGISTER)(HPROTOCOL);
|
|
|
|
typedef LPBYTE (WINAPI *RECOGNIZEFRAME)(HFRAME, ULPBYTE, ULPBYTE, DWORD, DWORD, HPROTOCOL, DWORD, LPDWORD, LPHPROTOCOL, PDWORD_PTR);
|
|
|
|
typedef LPBYTE (WINAPI *ATTACHPROPERTIES)(HFRAME, ULPBYTE, ULPBYTE, DWORD, DWORD, HPROTOCOL, DWORD, DWORD_PTR);
|
|
|
|
typedef DWORD (WINAPI *FORMATPROPERTIES)(HFRAME, ULPBYTE, ULPBYTE, DWORD, LPPROPERTYINST);
|
|
|
|
//=============================================================================
|
|
// Protocol entry point structure.
|
|
//=============================================================================
|
|
|
|
typedef struct _ENTRYPOINTS
|
|
{
|
|
REGISTER Register; //... Protocol Register() entry point.
|
|
DEREGISTER Deregister; //... Protocol Deregister() entry point.
|
|
RECOGNIZEFRAME RecognizeFrame; //... Protocol RecognizeFrame() entry point.
|
|
ATTACHPROPERTIES AttachProperties; //... Protocol AttachProperties() entry point.
|
|
FORMATPROPERTIES FormatProperties; //... Protocol FormatProperties() entry point.
|
|
|
|
} ENTRYPOINTS;
|
|
|
|
typedef ENTRYPOINTS *LPENTRYPOINTS;
|
|
|
|
#define ENTRYPOINTS_SIZE sizeof(ENTRYPOINTS)
|
|
|
|
//=============================================================================
|
|
// Property database structure.
|
|
//=============================================================================
|
|
typedef struct _PROPERTYDATABASE
|
|
{
|
|
DWORD nProperties; //... Number of properties in database.
|
|
LPPROPERTYINFO PropertyInfo[0]; //... Array of property info pointers.
|
|
|
|
} PROPERTYDATABASE;
|
|
#define PROPERTYDATABASE_SIZE sizeof(PROPERTYDATABASE)
|
|
typedef PROPERTYDATABASE *LPPROPERTYDATABASE;
|
|
|
|
//=============================================================================
|
|
// Protocol info structure (PUBLIC portion of HPROTOCOL).
|
|
//=============================================================================
|
|
typedef struct _PROTOCOLINFO
|
|
{
|
|
DWORD ProtocolID; //... Prootocol ID of owning protocol.
|
|
LPPROPERTYDATABASE PropertyDatabase; //... Property database.
|
|
BYTE ProtocolName[16]; //... Protocol name.
|
|
BYTE HelpFile[16]; //... Optional helpfile name.
|
|
BYTE Comment[128]; //... Comment describing protocol.
|
|
} PROTOCOLINFO;
|
|
typedef PROTOCOLINFO *LPPROTOCOLINFO;
|
|
#define PROTOCOLINFO_SIZE sizeof(PROTOCOLINFO)
|
|
|
|
//=============================================================================
|
|
// Protocol Table.
|
|
//=============================================================================
|
|
typedef struct _PROTOCOLTABLE
|
|
{
|
|
DWORD nProtocols;
|
|
HPROTOCOL hProtocol[ 1 ];
|
|
} PROTOCOLTABLE;
|
|
|
|
typedef PROTOCOLTABLE *LPPROTOCOLTABLE;
|
|
|
|
#define PROTOCOLTABLE_SIZE ( sizeof( PROTOCOLTABLE ) - sizeof( HPROTOCOL ) )
|
|
|
|
#define PROTOCOLTABLE_ACTUAL_SIZE(p) GetTableSize(PROTOCOLTABLE_SIZE, (p)->nProtocols, sizeof(HPROTOCOL))
|
|
//=============================================================================
|
|
// AddressInfo structure
|
|
//=============================================================================
|
|
#define SORT_BYADDRESS ( 0 )
|
|
|
|
#define SORT_BYNAME ( 1 )
|
|
|
|
#define PERMANENT_NAME ( 0x100 )
|
|
|
|
typedef struct _ADDRESSINFO2
|
|
{
|
|
ADDRESS2 Address;
|
|
WCHAR Name[MAX_NAME_SIZE];
|
|
DWORD Flags;
|
|
LPVOID lpAddressInstData;
|
|
|
|
} ADDRESSINFO2;
|
|
typedef struct _ADDRESSINFO2 *LPADDRESSINFO2;
|
|
#define ADDRESSINFO2_SIZE sizeof(ADDRESSINFO2)
|
|
//=============================================================================
|
|
// AddressInfoTable
|
|
//=============================================================================
|
|
typedef struct _ADDRESSINFOTABLE2
|
|
{
|
|
DWORD nAddressInfos;
|
|
LPADDRESSINFO2 lpAddressInfo[0];
|
|
|
|
} ADDRESSINFOTABLE2;
|
|
typedef ADDRESSINFOTABLE2 *LPADDRESSINFOTABLE2;
|
|
#define ADDRESSINFOTABLE2_SIZE sizeof(ADDRESSINFOTABLE2)
|
|
//=============================================================================
|
|
// callback procedures.
|
|
//=============================================================================
|
|
|
|
typedef DWORD (WINAPI *FILTERPROC)(HCAPTURE, HFRAME, LPVOID);
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMErr.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// The operation succeeded.
|
|
#define NMERR_SUCCESS ( 0 )
|
|
|
|
// An error occured creating a memory-mapped file.
|
|
#define NMERR_MEMORY_MAPPED_FILE_ERROR ( 1 )
|
|
|
|
// The handle to a filter is invalid.
|
|
#define NMERR_INVALID_HFILTER ( 2 )
|
|
|
|
// Capturing has already been started.
|
|
#define NMERR_CAPTURING ( 3 )
|
|
|
|
// Capturing has not been started.
|
|
#define NMERR_NOT_CAPTURING ( 4 )
|
|
|
|
// The are no frames available.
|
|
#define NMERR_NO_MORE_FRAMES ( 5 )
|
|
|
|
// The buffer is too small to complete the operation.
|
|
#define NMERR_BUFFER_TOO_SMALL ( 6 )
|
|
|
|
// No protocol was able to recognize the frame.
|
|
#define NMERR_FRAME_NOT_RECOGNIZED ( 7 )
|
|
|
|
// The file already exists.
|
|
#define NMERR_FILE_ALREADY_EXISTS ( 8 )
|
|
|
|
// A needed device driver was not found or is not loaded.
|
|
#define NMERR_DRIVER_NOT_FOUND ( 9 )
|
|
|
|
// This address aready exists in the database.
|
|
#define NMERR_ADDRESS_ALREADY_EXISTS ( 10 )
|
|
|
|
// The frame handle is invalid.
|
|
#define NMERR_INVALID_HFRAME ( 11 )
|
|
|
|
// The protocol handle is invalid.
|
|
#define NMERR_INVALID_HPROTOCOL ( 12 )
|
|
|
|
// The property handle is invalid.
|
|
#define NMERR_INVALID_HPROPERTY ( 13 )
|
|
|
|
// The the object has been locked.
|
|
#define NMERR_LOCKED ( 14 )
|
|
|
|
// A pop operation was attempted on an empty stack.
|
|
#define NMERR_STACK_EMPTY ( 15 )
|
|
|
|
// A push operation was attempted on an full stack.
|
|
#define NMERR_STACK_OVERFLOW ( 16 )
|
|
|
|
// There are too many protocols active.
|
|
#define NMERR_TOO_MANY_PROTOCOLS ( 17 )
|
|
|
|
// The file was not found.
|
|
#define NMERR_FILE_NOT_FOUND ( 18 )
|
|
|
|
// No memory was available. Shut down windows to free up resources.
|
|
#define NMERR_OUT_OF_MEMORY ( 19 )
|
|
|
|
// The capture is already in the paused state.
|
|
#define NMERR_CAPTURE_PAUSED ( 20 )
|
|
|
|
// There are no buffers available or present.
|
|
#define NMERR_NO_BUFFERS ( 21 )
|
|
|
|
// There are already buffers present.
|
|
#define NMERR_BUFFERS_ALREADY_EXIST ( 22 )
|
|
|
|
// The object is not locked.
|
|
#define NMERR_NOT_LOCKED ( 23 )
|
|
|
|
// A integer type was out of range.
|
|
#define NMERR_OUT_OF_RANGE ( 24 )
|
|
|
|
// An object was locked too many times.
|
|
#define NMERR_LOCK_NESTING_TOO_DEEP ( 25 )
|
|
|
|
// A parser failed to load.
|
|
#define NMERR_LOAD_PARSER_FAILED ( 26 )
|
|
|
|
// A parser failed to unload.
|
|
#define NMERR_UNLOAD_PARSER_FAILED ( 27 )
|
|
|
|
// The address database handle is invalid.
|
|
#define NMERR_INVALID_HADDRESSDB ( 28 )
|
|
|
|
// The MAC address was not found in the database.
|
|
#define NMERR_ADDRESS_NOT_FOUND ( 29 )
|
|
|
|
// The network software was not found in the system.
|
|
#define NMERR_NETWORK_NOT_PRESENT ( 30 )
|
|
|
|
// There is no property database for a protocol.
|
|
#define NMERR_NO_PROPERTY_DATABASE ( 31 )
|
|
|
|
// A property was not found in the database.
|
|
#define NMERR_PROPERTY_NOT_FOUND ( 32 )
|
|
|
|
// The property database handle is in valid.
|
|
#define NMERR_INVALID_HPROPERTYDB ( 33 )
|
|
|
|
// The protocol has not been enabled.
|
|
#define NMERR_PROTOCOL_NOT_ENABLED ( 34 )
|
|
|
|
// The protocol DLL could not be found.
|
|
#define NMERR_PROTOCOL_NOT_FOUND ( 35 )
|
|
|
|
// The parser DLL is not valid.
|
|
#define NMERR_INVALID_PARSER_DLL ( 36 )
|
|
|
|
// There are no properties attached.
|
|
#define NMERR_NO_ATTACHED_PROPERTIES ( 37 )
|
|
|
|
// There are no frames in the buffer.
|
|
#define NMERR_NO_FRAMES ( 38 )
|
|
|
|
// The capture file format is not valid.
|
|
#define NMERR_INVALID_FILE_FORMAT ( 39 )
|
|
|
|
// The OS could not create a temporary file.
|
|
#define NMERR_COULD_NOT_CREATE_TEMPFILE ( 40 )
|
|
|
|
// There is not enough MS-DOS memory available.
|
|
#define NMERR_OUT_OF_DOS_MEMORY ( 41 )
|
|
|
|
// There are no protocols enabled.
|
|
#define NMERR_NO_PROTOCOLS_ENABLED ( 42 )
|
|
|
|
// The MAC type is invalid or unsupported.
|
|
#define NMERR_UNKNOWN_MACTYPE ( 46 )
|
|
|
|
// There is no routing information present in the MAC frame.
|
|
#define NMERR_ROUTING_INFO_NOT_PRESENT ( 47 )
|
|
|
|
// The network handle is invalid.
|
|
#define NMERR_INVALID_HNETWORK ( 48 )
|
|
|
|
// The network is already open.
|
|
#define NMERR_NETWORK_ALREADY_OPENED ( 49 )
|
|
|
|
// The network is not open.
|
|
#define NMERR_NETWORK_NOT_OPENED ( 50 )
|
|
|
|
// The frame was not found in the buffer.
|
|
#define NMERR_FRAME_NOT_FOUND ( 51 )
|
|
|
|
// There are no handles available.
|
|
#define NMERR_NO_HANDLES ( 53 )
|
|
|
|
// The network ID is invalid.
|
|
#define NMERR_INVALID_NETWORK_ID ( 54 )
|
|
|
|
// The capture handle is invalid.
|
|
#define NMERR_INVALID_HCAPTURE ( 55 )
|
|
|
|
// The protocol has already been enabled.
|
|
#define NMERR_PROTOCOL_ALREADY_ENABLED ( 56 )
|
|
|
|
// The filter expression is invalid.
|
|
#define NMERR_FILTER_INVALID_EXPRESSION ( 57 )
|
|
|
|
// A transmit error occured.
|
|
#define NMERR_TRANSMIT_ERROR ( 58 )
|
|
|
|
// The buffer handle is invalid.
|
|
#define NMERR_INVALID_HBUFFER ( 59 )
|
|
|
|
// The specified data is unknown or invalid.
|
|
#define NMERR_INVALID_DATA ( 60 )
|
|
|
|
// The MS-DOS/NDIS 2.0 network driver is not loaded.
|
|
#define NMERR_MSDOS_DRIVER_NOT_LOADED ( 61 )
|
|
|
|
// The Windows VxD/NDIS 3.0 network driver is not loaded.
|
|
#define NMERR_WINDOWS_DRIVER_NOT_LOADED ( 62 )
|
|
|
|
// The MS-DOS/NDIS 2.0 driver had an init-time failure.
|
|
#define NMERR_MSDOS_DRIVER_INIT_FAILURE ( 63 )
|
|
|
|
// The Windows/NDIS 3.0 driver had an init-time failure.
|
|
#define NMERR_WINDOWS_DRIVER_INIT_FAILURE ( 64 )
|
|
|
|
// The network driver is busy and cannot handle requests.
|
|
#define NMERR_NETWORK_BUSY ( 65 )
|
|
|
|
// The capture is not paused.
|
|
#define NMERR_CAPTURE_NOT_PAUSED ( 66 )
|
|
|
|
// The frame/packet length is not valid.
|
|
#define NMERR_INVALID_PACKET_LENGTH ( 67 )
|
|
|
|
// An internal exception occured.
|
|
#define NMERR_INTERNAL_EXCEPTION ( 69 )
|
|
|
|
// The MAC driver does not support promiscious mode.
|
|
#define NMERR_PROMISCUOUS_MODE_NOT_SUPPORTED ( 70 )
|
|
|
|
// The MAC driver failed to open.
|
|
#define NMERR_MAC_DRIVER_OPEN_FAILURE ( 71 )
|
|
|
|
// The protocol went off the end of the frame.
|
|
#define NMERR_RUNAWAY_PROTOCOL ( 72 )
|
|
|
|
// An asynchronous operation is still pending.
|
|
#define NMERR_PENDING ( 73 )
|
|
|
|
// Access is denied.
|
|
#define NMERR_ACCESS_DENIED ( 74 )
|
|
|
|
// The password handle is invalid.
|
|
#define NMERR_INVALID_HPASSWORD ( 75 )
|
|
|
|
// A bad parameter was detected.
|
|
#define NMERR_INVALID_PARAMETER ( 76 )
|
|
|
|
// An error occured reading the file.
|
|
#define NMERR_FILE_READ_ERROR ( 77 )
|
|
|
|
// An error occured writing to the file.
|
|
#define NMERR_FILE_WRITE_ERROR ( 78 )
|
|
|
|
// The protocol has not been registered
|
|
#define NMERR_PROTOCOL_NOT_REGISTERED ( 79 )
|
|
|
|
// The frame does not contain an IP address.
|
|
#define NMERR_IP_ADDRESS_NOT_FOUND ( 80 )
|
|
|
|
// The transmit request was cancelled.
|
|
#define NMERR_TRANSMIT_CANCELLED ( 81 )
|
|
|
|
// The operation cannot be performed on a capture with 1 or more locked frames.
|
|
#define NMERR_LOCKED_FRAMES ( 82 )
|
|
|
|
// A cancel transmit request was submitted but there were no transmits pending.
|
|
#define NMERR_NO_TRANSMITS_PENDING ( 83 )
|
|
|
|
// Path not found.
|
|
#define NMERR_PATH_NOT_FOUND ( 84 )
|
|
|
|
// A windows error has occured.
|
|
#define NMERR_WINDOWS_ERROR ( 85 )
|
|
|
|
// The handle to the frame has no frame number.
|
|
#define NMERR_NO_FRAME_NUMBER ( 86 )
|
|
|
|
// The frame is not associated with any capture.
|
|
#define NMERR_FRAME_HAS_NO_CAPTURE ( 87 )
|
|
|
|
// The frame is already associated with a capture.
|
|
#define NMERR_FRAME_ALREADY_HAS_CAPTURE ( 88 )
|
|
|
|
// The NAL is not remotable.
|
|
#define NMERR_NAL_IS_NOT_REMOTE ( 89 )
|
|
|
|
// The API is not supported
|
|
#define NMERR_NOT_SUPPORTED ( 90 )
|
|
|
|
// Network Monitor should discard the current frame.
|
|
// This error code is only used during a filtered SaveCapture() API call.
|
|
#define NMERR_DISCARD_FRAME ( 91 )
|
|
|
|
// Network Monitor should cancel the current save.
|
|
// This error code is only used during a filtered SaveCapture() API call.
|
|
#define NMERR_CANCEL_SAVE_CAPTURE ( 92 )
|
|
|
|
// The connection to the remote machine has been lost
|
|
#define NMERR_LOST_CONNECTION ( 93 )
|
|
|
|
// The media/mac type is not valid.
|
|
#define NMERR_INVALID_MEDIA_TYPE ( 94 )
|
|
|
|
// The Remote Agent is currently in use
|
|
#define NMERR_AGENT_IN_USE ( 95 )
|
|
|
|
// The request has timed out
|
|
#define NMERR_TIMEOUT ( 96 )
|
|
|
|
// The remote agent has been disconnected
|
|
#define NMERR_DISCONNECTED ( 97 )
|
|
|
|
// A timer required for operation failed creation
|
|
#define NMERR_SETTIMER_FAILED ( 98 )
|
|
|
|
// A network error occured.
|
|
#define NMERR_NETWORK_ERROR ( 99 )
|
|
|
|
// Frame callback procedure is not valid
|
|
#define NMERR_INVALID_FRAMESPROC ( 100 )
|
|
|
|
// Capture type specified is unknown
|
|
#define NMERR_UNKNOWN_CAPTURETYPE ( 101 )
|
|
|
|
// The NPP is not connected to a network.
|
|
#define NMERR_NOT_CONNECTED ( 102 )
|
|
|
|
// The NPP is already connected to a network.
|
|
#define NMERR_ALREADY_CONNECTED ( 103 )
|
|
|
|
// The registry tag does not indicate a known configuration.
|
|
#define NMERR_INVALID_REGISTRY_CONFIGURATION ( 104 )
|
|
|
|
// The NPP is currently configured for delayed capturing.
|
|
#define NMERR_DELAYED ( 105 )
|
|
|
|
// The NPP is not currently configured for delayed capturing.
|
|
#define NMERR_NOT_DELAYED ( 106 )
|
|
|
|
// The NPP is currently configured for real time capturing.
|
|
#define NMERR_REALTIME ( 107 )
|
|
|
|
// The NPP is not currently configured for real time capturing.
|
|
#define NMERR_NOT_REALTIME ( 108 )
|
|
|
|
// The NPP is currently configured for stats only capturing.
|
|
#define NMERR_STATS_ONLY ( 109 )
|
|
|
|
// The NPP is not currently configured for stats only capturing.
|
|
#define NMERR_NOT_STATS_ONLY ( 110 )
|
|
|
|
// The NPP is currently configured for transmitting.
|
|
#define NMERR_TRANSMIT ( 111 )
|
|
|
|
// The NPP is not currently configured for transmitting.
|
|
#define NMERR_NOT_TRANSMIT ( 112 )
|
|
|
|
// The NPP is currently transmitting
|
|
#define NMERR_TRANSMITTING ( 113 )
|
|
|
|
// The specified capture file hard disk is not local
|
|
#define NMERR_DISK_NOT_LOCAL_FIXED ( 114 )
|
|
|
|
// Could not create the default capture directory on the given disk
|
|
#define NMERR_COULD_NOT_CREATE_DIRECTORY ( 115 )
|
|
|
|
// The default capture directory was not set in the registry:
|
|
// HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\nm\Parameters\CapturePath
|
|
#define NMERR_NO_DEFAULT_CAPTURE_DIRECTORY ( 116 )
|
|
|
|
// The capture file is an uplevel version that this netmon does not understand
|
|
#define NMERR_UPLEVEL_CAPTURE_FILE ( 117 )
|
|
|
|
// An expert failed to load.
|
|
#define NMERR_LOAD_EXPERT_FAILED ( 118 )
|
|
|
|
// An expert failed to report its EXPERT_INFO structs.
|
|
#define NMERR_EXPERT_REPORT_FAILED ( 119 )
|
|
|
|
// Registry API call failed.
|
|
#define NMERR_REG_OPERATION_FAILED ( 120 )
|
|
|
|
// Registry API call failed.
|
|
#define NMERR_NO_DLLS_FOUND ( 121 )
|
|
|
|
// There are no conversation stats, they were not asked for.
|
|
#define NMERR_NO_CONVERSATION_STATS ( 122 )
|
|
|
|
// We have received a security response packet from a security monitor.
|
|
#define NMERR_SECURITY_BREACH_CAPTURE_DELETED ( 123 )
|
|
|
|
// The given frame failed the display filter.
|
|
#define NMERR_FRAME_FAILED_FILTER ( 124 )
|
|
|
|
// Netmon wants the Expert to stop running.
|
|
#define NMERR_EXPERT_TERMINATE ( 125 )
|
|
|
|
// Netmon needs the remote machine to be a server.
|
|
#define NMERR_REMOTE_NOT_A_SERVER ( 126 )
|
|
|
|
// Netmon needs the remote machine to be a server.
|
|
#define NMERR_REMOTE_VERSION_OUTOFSYNC ( 127 )
|
|
|
|
// The supplied group is an invalid handle
|
|
#define NMERR_INVALID_EXPERT_GROUP ( 128 )
|
|
|
|
// The supplied expert name cannot be found
|
|
#define NMERR_INVALID_EXPERT_NAME ( 129 )
|
|
|
|
// The supplied expert name cannot be found
|
|
#define NMERR_INVALID_EXPERT_HANDLE ( 130 )
|
|
|
|
// The supplied group name already exists
|
|
#define NMERR_GROUP_NAME_ALREADY_EXISTS ( 131 )
|
|
|
|
// The supplied group name is invalid
|
|
#define NMERR_INVALID_GROUP_NAME ( 132 )
|
|
|
|
// The supplied Expert is already in the group.
|
|
#define NMERR_EXPERT_ALREADY_IN_GROUP ( 133 )
|
|
|
|
// The Expert cannot be deleted from the group because it is not in the group
|
|
#define NMERR_EXPERT_NOT_IN_GROUP ( 134 )
|
|
|
|
// The COM object has not been initialized
|
|
#define NMERR_NOT_INITIALIZED ( 135 )
|
|
|
|
// Cannot perform function to Root group
|
|
#define NMERR_INVALID_GROUP_ROOT ( 136 )
|
|
|
|
// Potential data structure mismatch between NdisNpp and Driver.
|
|
#define NMERR_BAD_VERSION ( 137 )
|
|
|
|
// The NPP is currently configured for ESP capturing.
|
|
#define NMERR_ESP ( 138 )
|
|
|
|
// The NPP is not currently configured for ESP capturing.
|
|
#define NMERR_NOT_ESP ( 139 )
|
|
|
|
//=============================================================================
|
|
// Blob Errors
|
|
//=============================================================================
|
|
#define NMERR_BLOB_NOT_INITIALIZED ( 1000 )
|
|
|
|
#define NMERR_INVALID_BLOB ( 1001 )
|
|
|
|
#define NMERR_UPLEVEL_BLOB ( 1002 )
|
|
|
|
#define NMERR_BLOB_ENTRY_ALREADY_EXISTS ( 1003 )
|
|
|
|
#define NMERR_BLOB_ENTRY_DOES_NOT_EXIST ( 1004 )
|
|
|
|
#define NMERR_AMBIGUOUS_SPECIFIER ( 1005 )
|
|
|
|
#define NMERR_BLOB_OWNER_NOT_FOUND ( 1006 )
|
|
|
|
#define NMERR_BLOB_CATEGORY_NOT_FOUND ( 1007 )
|
|
|
|
#define NMERR_UNKNOWN_CATEGORY ( 1008 )
|
|
|
|
#define NMERR_UNKNOWN_TAG ( 1009 )
|
|
|
|
#define NMERR_BLOB_CONVERSION_ERROR ( 1010 )
|
|
|
|
#define NMERR_ILLEGAL_TRIGGER ( 1011 )
|
|
|
|
#define NMERR_BLOB_STRING_INVALID ( 1012 )
|
|
|
|
//=============================================================================
|
|
// FINDER errors
|
|
//=============================================================================
|
|
#define NMERR_UNABLE_TO_LOAD_LIBRARY ( 1013 )
|
|
|
|
#define NMERR_UNABLE_TO_GET_PROCADDR ( 1014 )
|
|
|
|
#define NMERR_CLASS_NOT_REGISTERED ( 1015 )
|
|
|
|
#define NMERR_INVALID_REMOTE_COMPUTERNAME ( 1016 )
|
|
|
|
#define NMERR_RPC_REMOTE_FAILURE ( 1017 )
|
|
|
|
#define NMERR_NO_NPPS ( 3016 )
|
|
|
|
#define NMERR_NO_MATCHING_NPPS ( 3017 )
|
|
|
|
#define NMERR_NO_NPP_SELECTED ( 3018 )
|
|
|
|
#define NMERR_NO_INPUT_BLOBS ( 3019 )
|
|
|
|
#define NMERR_NO_NPP_DLLS ( 3020 )
|
|
|
|
#define NMERR_NO_VALID_NPP_DLLS ( 3021 )
|
|
|
|
//=============================================================================
|
|
// Error Macros
|
|
//=============================================================================
|
|
#ifndef INLINE
|
|
#define INLINE __inline
|
|
#endif // INLINE
|
|
typedef LONG HRESULT;
|
|
|
|
// normal Network Monitor errors will be put into the code portion of an hresult
|
|
// for return from OLE objects:
|
|
// these two macros will help to create and crack the scode
|
|
INLINE HRESULT NMERR_TO_HRESULT( DWORD nmerror )
|
|
{
|
|
HRESULT hResult;
|
|
if (nmerror == NMERR_SUCCESS)
|
|
hResult = NOERROR;
|
|
else
|
|
hResult = MAKE_HRESULT( SEVERITY_ERROR,FACILITY_ITF, (WORD)nmerror) ;
|
|
|
|
return hResult;
|
|
}
|
|
//We use to decide whether the first bit was set to 1 or 0, not regarding
|
|
//whether the result passed with a warning set in the low word. Now we
|
|
//disregard the first bit and pass back the warning.
|
|
INLINE DWORD HRESULT_TO_NMERR( HRESULT hResult )
|
|
{
|
|
return HRESULT_CODE(hResult);
|
|
}
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (BHFilter.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
//============================================================================
|
|
// types
|
|
//============================================================================
|
|
typedef HFILTER *LPHFILTER;
|
|
|
|
typedef DWORD FILTERACTIONTYPE;
|
|
|
|
typedef DWORD VALUETYPE;
|
|
|
|
// check for protocols existing in the frame.
|
|
|
|
// ProtocolPart
|
|
// this is the raw data for a Protocol based expression
|
|
//
|
|
// WHAT FIELD DESCRIPTION EXAMPLE
|
|
// ---- ----- ----------- -------
|
|
// Count of Protocol(nPropertyDBs) Number of protocols to pass 5
|
|
// PropertyDB Table (PropertyDB) Table of HPROTOCOL SMB, LLC, MAC
|
|
//
|
|
// NOTE: the nPropertyDBs field may also be the following, which implies that
|
|
// all are selected but that none have actually been put into the structure
|
|
#define PROTOCOL_NUM_ANY ( -1 )
|
|
|
|
typedef PROTOCOLTABLE PROTOCOLTABLETYPE;
|
|
|
|
typedef PROTOCOLTABLETYPE *LPPROTOCOLTABLETYPE;
|
|
|
|
// filter bits stores who passed what filter per frame to speed up
|
|
// the filter process... This is actually an array.
|
|
typedef DWORD FILTERBITS;
|
|
|
|
typedef FILTERBITS *LPFILTERBITS;
|
|
|
|
typedef SYSTEMTIME *LPTIME;
|
|
|
|
typedef SYSTEMTIME UNALIGNED * ULPTIME;
|
|
// The Filter Object is the basic unit of the postfix stack.
|
|
// I need to restart the convert property to value if the comparison does not match.
|
|
// To do this, I need the original pointer to the property. Pull the hProperty out of
|
|
// the union so that the pointer to the property is saved.
|
|
typedef struct _FILTEROBJECT2
|
|
{
|
|
FILTERACTIONTYPE Action; // Object action, see codes below
|
|
HPROPERTY hProperty; // property key
|
|
union
|
|
{
|
|
VALUETYPE Value; // value of the object.
|
|
HPROTOCOL hProtocol; // protocol key.
|
|
LPVOID lpArray; // if array, length is ItemCount below.
|
|
LPPROTOCOLTABLETYPE lpProtocolTable; // list of protocols to see if exist in frame.
|
|
LPADDRESS2 lpAddress; // kernel type address, mac or ip
|
|
ULPLARGEINT lpLargeInt; // Double DWORD used by NT
|
|
ULPTIME lpTime; // pointer to SYSTEMTIME
|
|
LPOBJECT_IDENTIFIER lpOID; // pointer to OBJECT_IDENTIFIER
|
|
|
|
};
|
|
union
|
|
{
|
|
WORD ByteCount; // Number of BYTES!
|
|
WORD ByteOffset; // offset for array compare
|
|
};
|
|
|
|
struct _FILTEROBJECT2 * pNext; // reserved
|
|
|
|
} FILTEROBJECT2;
|
|
|
|
typedef FILTEROBJECT2 * LPFILTEROBJECT2;
|
|
|
|
#define FILTERINFO_SIZE (sizeof(FILTEROBJECT2) )
|
|
|
|
|
|
|
|
typedef struct _FILTERDESC2
|
|
{
|
|
WORD NumEntries;
|
|
WORD Flags; // private
|
|
LPFILTEROBJECT2 lpStack;
|
|
LPFILTEROBJECT2 lpKeepLast;
|
|
LPVOID UIInstanceData; // UI specific information.
|
|
LPFILTERBITS lpFilterBits; // cache who passed
|
|
LPFILTERBITS lpCheckBits; // have we looked at it yet?
|
|
|
|
} FILTERDESC2;
|
|
|
|
typedef FILTERDESC2 * LPFILTERDESC2;
|
|
|
|
#define FILTERDESC2_SIZE sizeof(FILTERDESC2)
|
|
// Obsolete, FILTEROBJECT2 should be used
|
|
typedef struct _FILTEROBJECT
|
|
{
|
|
FILTERACTIONTYPE Action; // Object action, see codes below
|
|
HPROPERTY hProperty; // property key
|
|
union
|
|
{
|
|
VALUETYPE Value; // value of the object.
|
|
HPROTOCOL hProtocol; // protocol key.
|
|
LPVOID lpArray; // if array, length is ItemCount below.
|
|
LPPROTOCOLTABLETYPE lpProtocolTable; // list of protocols to see if exist in frame.
|
|
LPADDRESS lpAddress; // kernel type address, mac or ip
|
|
ULPLARGEINT lpLargeInt; // Double DWORD used by NT
|
|
ULPTIME lpTime; // pointer to SYSTEMTIME
|
|
LPOBJECT_IDENTIFIER lpOID; // pointer to OBJECT_IDENTIFIER
|
|
|
|
};
|
|
union
|
|
{
|
|
WORD ByteCount; // Number of BYTES!
|
|
WORD ByteOffset; // offset for array compare
|
|
};
|
|
|
|
struct _FILTEROBJECT * pNext; // reserved
|
|
|
|
} FILTEROBJECT;
|
|
typedef FILTEROBJECT * LPFILTEROBJECT;
|
|
// Obsolete, FILTERDESC2 should be used
|
|
typedef struct _FILTERDESC
|
|
{
|
|
WORD NumEntries;
|
|
WORD Flags; // private
|
|
LPFILTEROBJECT lpStack;
|
|
LPFILTEROBJECT lpKeepLast;
|
|
LPVOID UIInstanceData; // UI specific information.
|
|
LPFILTERBITS lpFilterBits; // cache who passed
|
|
LPFILTERBITS lpCheckBits; // have we looked at it yet?
|
|
|
|
} FILTERDESC;
|
|
typedef FILTERDESC * LPFILTERDESC;
|
|
#define FILTERDESC_SIZE sizeof(FILTERDESC)
|
|
//============================================================================
|
|
// Macros.
|
|
//============================================================================
|
|
#define FilterGetUIInstanceData(hfilt) (((LPFILTERDESC2)hfilt)->UIInstanceData)
|
|
#define FilterSetUIInstanceData(hfilt,inst) (((LPFILTERDESC2)hfilt)->UIInstanceData = (LPVOID)inst)
|
|
//============================================================================
|
|
// defines
|
|
//============================================================================
|
|
#define FILTERFREEPOOLSTART ( 20 )
|
|
|
|
#define INVALIDELEMENT ( -1 )
|
|
|
|
#define INVALIDVALUE ( ( VALUETYPE )-9999 )
|
|
|
|
// use filter failed to check the return code on FilterFrame.
|
|
#define FILTER_FAIL_WITH_ERROR ( -1 )
|
|
|
|
#define FILTER_PASSED ( TRUE )
|
|
|
|
#define FILTER_FAILED ( FALSE )
|
|
|
|
#define FILTERACTION_INVALID ( 0 )
|
|
|
|
#define FILTERACTION_PROPERTY ( 1 )
|
|
|
|
#define FILTERACTION_VALUE ( 2 )
|
|
|
|
#define FILTERACTION_STRING ( 3 )
|
|
|
|
#define FILTERACTION_ARRAY ( 4 )
|
|
|
|
#define FILTERACTION_AND ( 5 )
|
|
|
|
#define FILTERACTION_OR ( 6 )
|
|
|
|
#define FILTERACTION_XOR ( 7 )
|
|
|
|
#define FILTERACTION_PROPERTYEXIST ( 8 )
|
|
|
|
#define FILTERACTION_CONTAINSNC ( 9 )
|
|
|
|
#define FILTERACTION_CONTAINS ( 10 )
|
|
|
|
#define FILTERACTION_NOT ( 11 )
|
|
|
|
#define FILTERACTION_EQUALNC ( 12 )
|
|
|
|
#define FILTERACTION_EQUAL ( 13 )
|
|
|
|
#define FILTERACTION_NOTEQUALNC ( 14 )
|
|
|
|
#define FILTERACTION_NOTEQUAL ( 15 )
|
|
|
|
#define FILTERACTION_GREATERNC ( 16 )
|
|
|
|
#define FILTERACTION_GREATER ( 17 )
|
|
|
|
#define FILTERACTION_LESSNC ( 18 )
|
|
|
|
#define FILTERACTION_LESS ( 19 )
|
|
|
|
#define FILTERACTION_GREATEREQUALNC ( 20 )
|
|
|
|
#define FILTERACTION_GREATEREQUAL ( 21 )
|
|
|
|
#define FILTERACTION_LESSEQUALNC ( 22 )
|
|
|
|
#define FILTERACTION_LESSEQUAL ( 23 )
|
|
|
|
#define FILTERACTION_PLUS ( 24 )
|
|
|
|
#define FILTERACTION_MINUS ( 25 )
|
|
|
|
#define FILTERACTION_ADDRESS ( 26 )
|
|
|
|
#define FILTERACTION_ADDRESSANY ( 27 )
|
|
|
|
#define FILTERACTION_FROM ( 28 )
|
|
|
|
#define FILTERACTION_TO ( 29 )
|
|
|
|
#define FILTERACTION_FROMTO ( 30 )
|
|
|
|
#define FILTERACTION_AREBITSON ( 31 )
|
|
|
|
#define FILTERACTION_AREBITSOFF ( 32 )
|
|
|
|
#define FILTERACTION_PROTOCOLSEXIST ( 33 )
|
|
|
|
#define FILTERACTION_PROTOCOLEXIST ( 34 )
|
|
|
|
#define FILTERACTION_ARRAYEQUAL ( 35 )
|
|
|
|
#define FILTERACTION_DEREFPROPERTY ( 36 )
|
|
|
|
#define FILTERACTION_LARGEINT ( 37 )
|
|
|
|
#define FILTERACTION_TIME ( 38 )
|
|
|
|
#define FILTERACTION_ADDR_ETHER ( 39 )
|
|
|
|
#define FILTERACTION_ADDR_TOKEN ( 40 )
|
|
|
|
#define FILTERACTION_ADDR_FDDI ( 41 )
|
|
|
|
#define FILTERACTION_ADDR_IPX ( 42 )
|
|
|
|
#define FILTERACTION_ADDR_IP ( 43 )
|
|
|
|
#define FILTERACTION_OID ( 44 )
|
|
|
|
#define FILTERACTION_OID_CONTAINS ( 45 )
|
|
|
|
#define FILTERACTION_OID_BEGINS_WITH ( 46 )
|
|
|
|
#define FILTERACTION_OID_ENDS_WITH ( 47 )
|
|
|
|
#define FILTERACTION_ADDR_VINES ( 48 )
|
|
|
|
#define FILTERACTION_ADDR_IP6 ( 49 )
|
|
|
|
#define FILTERACTION_EXPRESSION ( 97 )
|
|
|
|
#define FILTERACTION_BOOL ( 98 )
|
|
|
|
#define FILTERACTION_NOEVAL ( 99 )
|
|
|
|
#define FILTER_NO_MORE_FRAMES ( 0xffffffff )
|
|
|
|
#define FILTER_CANCELED ( 0xfffffffe )
|
|
|
|
#define FILTER_DIRECTION_NEXT ( TRUE )
|
|
|
|
#define FILTER_DIRECTION_PREV ( FALSE )
|
|
|
|
//============================================================================
|
|
// Helper functions.
|
|
//============================================================================
|
|
typedef BOOL (WINAPI *STATUSPROC)(DWORD, HCAPTURE, HFILTER, LPVOID);
|
|
//=============================================================================
|
|
// FILTER API's.
|
|
//=============================================================================
|
|
|
|
HFILTER WINAPI CreateFilter(VOID);
|
|
|
|
DWORD WINAPI DestroyFilter(HFILTER hFilter);
|
|
|
|
HFILTER WINAPI FilterDuplicate(HFILTER hFilter);
|
|
|
|
DWORD WINAPI DisableParserFilter(HFILTER hFilter, HPARSER hParser);
|
|
|
|
DWORD WINAPI EnableParserFilter(HFILTER hFilter, HPARSER hParser);
|
|
|
|
DWORD WINAPI FilterAddObject(HFILTER hFilter, LPFILTEROBJECT2 lpFilterObject );
|
|
|
|
VOID WINAPI FilterFlushBits(HFILTER hFilter);
|
|
|
|
DWORD WINAPI FilterFrame(HFRAME hFrame, HFILTER hFilter, HCAPTURE hCapture);
|
|
// returns -1 == check BH set last error
|
|
// 0 == FALSE
|
|
// 1 == TRUE
|
|
|
|
BOOL WINAPI FilterAttachesProperties(HFILTER hFilter);
|
|
|
|
DWORD WINAPI FilterFindFrame ( HFILTER hFilter,
|
|
HCAPTURE hCapture,
|
|
DWORD nFrame,
|
|
STATUSPROC StatusProc,
|
|
LPVOID UIInstance,
|
|
DWORD TimeDelta,
|
|
BOOL FilterDirection );
|
|
|
|
HFRAME FilterFindPropertyInstance ( HFRAME hFrame,
|
|
HFILTER hMasterFilter,
|
|
HCAPTURE hCapture,
|
|
HFILTER hInstanceFilter,
|
|
LPPROPERTYINST *lpPropRestartKey,
|
|
STATUSPROC StatusProc,
|
|
LPVOID UIInstance,
|
|
DWORD TimeDelta,
|
|
BOOL FilterForward );
|
|
|
|
|
|
VOID WINAPI SetCurrentFilter(HFILTER);
|
|
HFILTER WINAPI GetCurrentFilter(VOID);
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (Frame.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// 802.3 and ETHERNET MAC structure.
|
|
//=============================================================================
|
|
typedef struct _ETHERNET
|
|
{
|
|
BYTE DstAddr[MAX_ADDR_LENGTH]; //... destination address.
|
|
BYTE SrcAddr[MAX_ADDR_LENGTH]; //... source address.
|
|
union
|
|
{
|
|
WORD Length; //... 802.3 length field.
|
|
WORD Type; //... Ethernet type field.
|
|
};
|
|
BYTE Info[0]; //... information field.
|
|
|
|
} ETHERNET;
|
|
typedef ETHERNET *LPETHERNET;
|
|
typedef ETHERNET UNALIGNED *ULPETHERNET;
|
|
#define ETHERNET_SIZE sizeof(ETHERNET)
|
|
#define ETHERNET_HEADER_LENGTH ( 14 )
|
|
|
|
#define ETHERNET_DATA_LENGTH ( 0x5dc )
|
|
|
|
#define ETHERNET_FRAME_LENGTH ( 0x5ea )
|
|
|
|
#define ETHERNET_FRAME_TYPE ( 0x600 )
|
|
|
|
//=============================================================================
|
|
// Header for NM_ATM Packets.
|
|
//=============================================================================
|
|
|
|
typedef struct _NM_ATM
|
|
{
|
|
UCHAR DstAddr[ 6 ];
|
|
UCHAR SrcAddr[ 6 ];
|
|
ULONG Vpi;
|
|
ULONG Vci;
|
|
} NM_ATM;
|
|
|
|
typedef NM_ATM *PNM_ATM;
|
|
|
|
typedef NM_ATM *UPNM_ATM;
|
|
|
|
#define NM_ATM_HEADER_LENGTH sizeof(NM_ATM)
|
|
|
|
#pragma pack(push, 1)
|
|
typedef struct _NM_1394
|
|
{
|
|
UCHAR DstAddr[ 6 ];
|
|
UCHAR SrcAddr[ 6 ];
|
|
ULONGLONG VcId;
|
|
} NM_1394;
|
|
|
|
typedef NM_1394 *PNM_1394;
|
|
|
|
typedef NM_1394 *UPNM_1394;
|
|
|
|
#define NM_1394_HEADER_LENGTH sizeof(NM_1394)
|
|
//=============================================================================
|
|
// 802.5 (TOKENRING) MAC structure.
|
|
//=============================================================================
|
|
|
|
// This structure is used to decode network data and so needs to be packed
|
|
typedef struct _TOKENRING
|
|
{
|
|
BYTE AccessCtrl; //... access control field.
|
|
BYTE FrameCtrl; //... frame control field.
|
|
BYTE DstAddr[MAX_ADDR_LENGTH]; //... destination address.
|
|
BYTE SrcAddr[MAX_ADDR_LENGTH]; //... source address.
|
|
union
|
|
{
|
|
BYTE Info[0]; //... information field.
|
|
WORD RoutingInfo[0]; //... routing information field.
|
|
};
|
|
} TOKENRING;
|
|
|
|
typedef TOKENRING *LPTOKENRING;
|
|
typedef TOKENRING UNALIGNED *ULPTOKENRING;
|
|
#define TOKENRING_SIZE sizeof(TOKENRING)
|
|
#define TOKENRING_HEADER_LENGTH ( 14 )
|
|
|
|
#define TOKENRING_SA_ROUTING_INFO ( 0x80 )
|
|
|
|
#define TOKENRING_SA_LOCAL ( 0x40 )
|
|
|
|
#define TOKENRING_DA_LOCAL ( 0x40 )
|
|
|
|
#define TOKENRING_DA_GROUP ( 0x80 )
|
|
|
|
#define TOKENRING_RC_LENGTHMASK ( 0x1f )
|
|
|
|
#define TOKENRING_BC_MASK ( 0xe0 )
|
|
|
|
#define TOKENRING_TYPE_MAC ( 0 )
|
|
|
|
#define TOKENRING_TYPE_LLC ( 0x40 )
|
|
|
|
|
|
#pragma pack(pop)
|
|
//=============================================================================
|
|
// FDDI MAC structure.
|
|
//=============================================================================
|
|
|
|
// This structure is used to decode network data and so needs to be packed
|
|
|
|
#pragma pack(push, 1)
|
|
typedef struct _FDDI
|
|
{
|
|
BYTE FrameCtrl; //... frame control field.
|
|
BYTE DstAddr[MAX_ADDR_LENGTH]; //... destination address.
|
|
BYTE SrcAddr[MAX_ADDR_LENGTH]; //... source address.
|
|
BYTE Info[0]; //... information field.
|
|
|
|
} FDDI;
|
|
#define FDDI_SIZE sizeof(FDDI)
|
|
typedef FDDI *LPFDDI;
|
|
typedef FDDI UNALIGNED *ULPFDDI;
|
|
#define FDDI_HEADER_LENGTH ( 13 )
|
|
|
|
#define FDDI_TYPE_MAC ( 0 )
|
|
|
|
#define FDDI_TYPE_LLC ( 0x10 )
|
|
|
|
#define FDDI_TYPE_LONG_ADDRESS ( 0x40 )
|
|
|
|
|
|
#pragma pack(pop)
|
|
//=============================================================================
|
|
// LLC (802.2)
|
|
//=============================================================================
|
|
|
|
// This structure is used to decode network data and so needs to be packed
|
|
|
|
#pragma pack(push, 1)
|
|
typedef struct _LLC
|
|
{
|
|
BYTE dsap;
|
|
BYTE ssap;
|
|
struct
|
|
{
|
|
union
|
|
{
|
|
BYTE Command;
|
|
BYTE NextSend;
|
|
} ;
|
|
union
|
|
{
|
|
BYTE NextRecv;
|
|
BYTE Data[ 1 ];
|
|
} ;
|
|
} ControlField;
|
|
} LLC;
|
|
|
|
typedef LLC *LPLLC;
|
|
|
|
typedef LLC UNALIGNED *ULPLLC;
|
|
#define LLC_SIZE ( sizeof( LLC ) )
|
|
|
|
|
|
#pragma pack(pop)
|
|
//=============================================================================
|
|
// Helper macros.
|
|
//=============================================================================
|
|
|
|
#define IsRoutingInfoPresent(f) ((((ULPTOKENRING) (f))->SrcAddr[0] & TOKENRING_SA_ROUTING_INFO) ? TRUE : FALSE)
|
|
|
|
#define GetRoutingInfoLength(f) (IsRoutingInfoPresent(f) \
|
|
? (((ULPTOKENRING) (f))->RoutingInfo[0] & TOKENRING_RC_LENGTHMASK) : 0)
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (Parser.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
|
|
//=============================================================================
|
|
// Format Procedure Type.
|
|
//
|
|
// NOTE: All format functions *must* be declared as WINAPIV not WINAPI!
|
|
//=============================================================================
|
|
|
|
typedef VOID (WINAPIV *FORMAT)(LPPROPERTYINST, ...);
|
|
|
|
// The protocol recognized the frame and moved the pointer to end of its
|
|
// protocol header. Network Monitor uses the protocols follow set to continue
|
|
// parsing.
|
|
#define PROTOCOL_STATUS_RECOGNIZED ( 0 )
|
|
|
|
// The protocol did not recognized the frame and did not move the pointer
|
|
// (i.e. the start data pointer which was passed in). Network Monitor uses the
|
|
// protocols follow set to continue parsing.
|
|
#define PROTOCOL_STATUS_NOT_RECOGNIZED ( 1 )
|
|
|
|
// The protocol recognized the frame and claimed it all for itself,
|
|
// and parsing terminates.
|
|
#define PROTOCOL_STATUS_CLAIMED ( 2 )
|
|
|
|
// The protocol recognized the frame and moved the pointer to end of its
|
|
// protocol header. The current protocol requests that Network Monitor
|
|
// continue parsing at a known next protocol by returning the next protocols
|
|
// handle back to Network Monitor. In this case, the follow of the current
|
|
// protocol, if any, is not used.
|
|
#define PROTOCOL_STATUS_NEXT_PROTOCOL ( 3 )
|
|
|
|
//=============================================================================
|
|
// Macros.
|
|
//=============================================================================
|
|
|
|
extern BYTE HexTable[];
|
|
|
|
#define XCHG(x) MAKEWORD( HIBYTE(x), LOBYTE(x) )
|
|
|
|
#define DXCHG(x) MAKELONG( XCHG(HIWORD(x)), XCHG(LOWORD(x)) )
|
|
|
|
#define LONIBBLE(b) ((BYTE) ((b) & 0x0F))
|
|
|
|
#define HINIBBLE(b) ((BYTE) ((b) >> 4))
|
|
|
|
#define HEX(b) (HexTable[LONIBBLE(b)])
|
|
|
|
#define SWAPBYTES(w) ((w) = XCHG(w))
|
|
|
|
#define SWAPWORDS(d) ((d) = DXCHG(d))
|
|
|
|
//=============================================================================
|
|
// All the MAC frame types combined.
|
|
//=============================================================================
|
|
typedef union _MACFRAME
|
|
{
|
|
LPBYTE MacHeader; //... generic pointer.
|
|
LPETHERNET Ethernet; //... ethernet pointer.
|
|
LPTOKENRING Tokenring; //... tokenring pointer.
|
|
LPFDDI Fddi; //... FDDI pointer.
|
|
|
|
} MACFRAME;
|
|
typedef MACFRAME *LPMACFRAME;
|
|
|
|
#define HOT_SIGNATURE MAKE_IDENTIFIER('H', 'O', 'T', '$')
|
|
#define HOE_SIGNATURE MAKE_IDENTIFIER('H', 'O', 'E', '$')
|
|
typedef struct _HANDOFFENTRY
|
|
{
|
|
DWORD hoe_sig;
|
|
DWORD hoe_ProtIdentNumber;
|
|
HPROTOCOL hoe_ProtocolHandle;
|
|
DWORD hoe_ProtocolData;
|
|
} HANDOFFENTRY;
|
|
|
|
typedef HANDOFFENTRY *LPHANDOFFENTRY;
|
|
|
|
typedef struct _HANDOFFTABLE
|
|
{
|
|
DWORD hot_sig;
|
|
DWORD hot_NumEntries;
|
|
LPHANDOFFENTRY hot_Entries;
|
|
} HANDOFFTABLE;
|
|
|
|
typedef struct _HANDOFFTABLE *LPHANDOFFTABLE;
|
|
|
|
//=============================================================================
|
|
// Parser helper macros.
|
|
//=============================================================================
|
|
|
|
INLINE LPVOID GetPropertyInstanceData(LPPROPERTYINST PropertyInst)
|
|
{
|
|
if ( PropertyInst->DataLength != (WORD) -1 )
|
|
{
|
|
return PropertyInst->lpData;
|
|
}
|
|
|
|
return (LPVOID) PropertyInst->lpPropertyInstEx->Byte;
|
|
}
|
|
|
|
#define GetPropertyInstanceDataValue(p, type) ((type *) GetPropertyInstanceData(p))[0]
|
|
|
|
INLINE DWORD GetPropertyInstanceFrameDataLength(LPPROPERTYINST PropertyInst)
|
|
{
|
|
if ( PropertyInst->DataLength != (WORD) -1 )
|
|
{
|
|
return PropertyInst->DataLength;
|
|
}
|
|
|
|
return PropertyInst->lpPropertyInstEx->Length;
|
|
}
|
|
|
|
INLINE DWORD GetPropertyInstanceExDataLength(LPPROPERTYINST PropertyInst)
|
|
{
|
|
if ( PropertyInst->DataLength == (WORD) -1 )
|
|
{
|
|
PropertyInst->lpPropertyInstEx->Length;
|
|
}
|
|
|
|
return (WORD) -1;
|
|
}
|
|
|
|
//=============================================================================
|
|
// Parser helper functions.
|
|
//=============================================================================
|
|
|
|
LPLABELED_WORD WINAPI GetProtocolDescriptionTable(LPDWORD TableSize);
|
|
|
|
LPLABELED_WORD WINAPI GetProtocolDescription(DWORD ProtocolID);
|
|
|
|
DWORD WINAPI GetMacHeaderLength(LPVOID MacHeader, DWORD MacType);
|
|
|
|
DWORD WINAPI GetLLCHeaderLength(LPLLC Frame);
|
|
|
|
DWORD WINAPI GetEtype(LPVOID MacHeader, DWORD MacType);
|
|
|
|
DWORD WINAPI GetSaps(LPVOID MacHeader, DWORD MacType);
|
|
|
|
BOOL WINAPI IsLLCPresent(LPVOID MacHeader, DWORD MacType);
|
|
|
|
VOID WINAPI CanonicalizeHexString(LPSTR hex, LPSTR dest, DWORD len);
|
|
|
|
void WINAPI CanonHex(UCHAR * pDest, UCHAR * pSource, int iLen, BOOL fOx );
|
|
|
|
DWORD WINAPI ByteToBinary(LPSTR string, DWORD ByteValue);
|
|
|
|
DWORD WINAPI WordToBinary(LPSTR string, DWORD WordValue);
|
|
|
|
DWORD WINAPI DwordToBinary(LPSTR string, DWORD DwordValue);
|
|
|
|
LPSTR WINAPI AddressToString(LPSTR string, BYTE *lpAddress);
|
|
|
|
LPBYTE WINAPI StringToAddress(BYTE *lpAddress, LPSTR string);
|
|
|
|
LPDWORD WINAPI VarLenSmallIntToDword( LPBYTE pValue,
|
|
WORD ValueLen,
|
|
BOOL fIsByteswapped,
|
|
LPDWORD lpDword );
|
|
|
|
LPBYTE WINAPI LookupByteSetString (LPSET lpSet, BYTE Value);
|
|
|
|
LPBYTE WINAPI LookupWordSetString (LPSET lpSet, WORD Value);
|
|
|
|
LPBYTE WINAPI LookupDwordSetString (LPSET lpSet, DWORD Value);
|
|
|
|
DWORD WINAPIV FormatByteFlags(LPSTR string, DWORD ByteValue, DWORD BitMask);
|
|
|
|
DWORD WINAPIV FormatWordFlags(LPSTR string, DWORD WordValue, DWORD BitMask);
|
|
|
|
DWORD WINAPIV FormatDwordFlags(LPSTR string, DWORD DwordValue, DWORD BitMask);
|
|
|
|
LPSTR WINAPIV FormatTimeAsString(SYSTEMTIME *time, LPSTR string);
|
|
|
|
VOID WINAPIV FormatLabeledByteSetAsFlags(LPPROPERTYINST lpPropertyInst);
|
|
|
|
VOID WINAPIV FormatLabeledWordSetAsFlags(LPPROPERTYINST lpPropertyInst);
|
|
|
|
VOID WINAPIV FormatLabeledDwordSetAsFlags(LPPROPERTYINST lpPropertyInst);
|
|
|
|
VOID WINAPIV FormatPropertyDataAsByte(LPPROPERTYINST lpPropertyInst, DWORD Base);
|
|
|
|
VOID WINAPIV FormatPropertyDataAsWord(LPPROPERTYINST lpPropertyInst, DWORD Base);
|
|
|
|
VOID WINAPIV FormatPropertyDataAsDword(LPPROPERTYINST lpPropertyInst, DWORD Base);
|
|
|
|
VOID WINAPIV FormatLabeledByteSet(LPPROPERTYINST lpPropertyInst);
|
|
|
|
VOID WINAPIV FormatLabeledWordSet(LPPROPERTYINST lpPropertyInst);
|
|
|
|
VOID WINAPIV FormatLabeledDwordSet(LPPROPERTYINST lpPropertyInst);
|
|
|
|
VOID WINAPIV FormatPropertyDataAsInt64(LPPROPERTYINST lpPropertyInst, DWORD Base);
|
|
|
|
VOID WINAPIV FormatPropertyDataAsTime(LPPROPERTYINST lpPropertyInst);
|
|
|
|
VOID WINAPIV FormatPropertyDataAsString(LPPROPERTYINST lpPropertyInst);
|
|
|
|
VOID WINAPIV FormatPropertyDataAsHexString(LPPROPERTYINST lpPropertyInst);
|
|
|
|
// Parsers should NOT call LockFrame(). If a parser takes a lock and then gets
|
|
// faulted or returns without unlocking, it leaves the system in a state where
|
|
// it cannot change protocols or cut/copy frames. Parsers should use ParserTemporaryLockFrame
|
|
// which grants a lock ONLY during the context of the api entry into the parser. The
|
|
// lock is released on exit from the parser for that frame.
|
|
ULPBYTE WINAPI ParserTemporaryLockFrame(HFRAME hFrame);
|
|
|
|
LPVOID WINAPI GetCCInstPtr(VOID);
|
|
VOID WINAPI SetCCInstPtr(LPVOID lpCurCaptureInst);
|
|
LPVOID WINAPI CCHeapAlloc(DWORD dwBytes, BOOL bZeroInit);
|
|
LPVOID WINAPI CCHeapReAlloc(LPVOID lpMem, DWORD dwBytes, BOOL bZeroInit);
|
|
BOOL WINAPI CCHeapFree(LPVOID lpMem);
|
|
SIZE_T WINAPI CCHeapSize(LPVOID lpMem);
|
|
|
|
BOOL _cdecl BERGetInteger( ULPBYTE pCurrentPointer,
|
|
ULPBYTE *ppValuePointer,
|
|
LPDWORD pHeaderLength,
|
|
LPDWORD pDataLength,
|
|
ULPBYTE *ppNext);
|
|
BOOL _cdecl BERGetString( ULPBYTE pCurrentPointer,
|
|
ULPBYTE *ppValuePointer,
|
|
LPDWORD pHeaderLength,
|
|
LPDWORD pDataLength,
|
|
ULPBYTE *ppNext);
|
|
BOOL _cdecl BERGetHeader( ULPBYTE pCurrentPointer,
|
|
ULPBYTE pTag,
|
|
LPDWORD pHeaderLength,
|
|
LPDWORD pDataLength,
|
|
ULPBYTE *ppNext);
|
|
|
|
//=============================================================================
|
|
// Parser Finder Structures.
|
|
//=============================================================================
|
|
#define MAX_PROTOCOL_COMMENT_LEN ( 256 )
|
|
|
|
#define NETMON_MAX_PROTOCOL_NAME_LEN ( 16 )
|
|
|
|
// the constant MAX_PROTOCOL_NAME_LEN conflicts with one of the same name
|
|
// but different size in rtutils.h.
|
|
// So if both headers are included, we do not define MAX_PROTOCOL_NAME_LEN.
|
|
#ifndef MAX_PROTOCOL_NAME_LEN
|
|
#define MAX_PROTOCOL_NAME_LEN ( NETMON_MAX_PROTOCOL_NAME_LEN )
|
|
|
|
#else
|
|
#undef MAX_PROTOCOL_NAME_LEN
|
|
#endif
|
|
// Handoff Value Format Base
|
|
typedef /* [public][public][public] */
|
|
enum __MIDL___MIDL_itf_netmon_0000_0015
|
|
{ HANDOFF_VALUE_FORMAT_BASE_UNKNOWN = 0,
|
|
HANDOFF_VALUE_FORMAT_BASE_DECIMAL = 10,
|
|
HANDOFF_VALUE_FORMAT_BASE_HEX = 16
|
|
} PF_HANDOFFVALUEFORMATBASE;
|
|
|
|
// PF_HANDOFFENTRY
|
|
typedef struct _PF_HANDOFFENTRY
|
|
{
|
|
char szIniFile[ 260 ];
|
|
char szIniSection[ 260 ];
|
|
char szProtocol[ 16 ];
|
|
DWORD dwHandOffValue;
|
|
PF_HANDOFFVALUEFORMATBASE ValueFormatBase;
|
|
} PF_HANDOFFENTRY;
|
|
|
|
typedef PF_HANDOFFENTRY *PPF_HANDOFFENTRY;
|
|
|
|
// PF_HANDOFFSET
|
|
typedef struct _PF_HANDOFFSET
|
|
{
|
|
DWORD nEntries;
|
|
PF_HANDOFFENTRY Entry[0];
|
|
|
|
} PF_HANDOFFSET;
|
|
typedef PF_HANDOFFSET* PPF_HANDOFFSET;
|
|
// FOLLOWENTRY
|
|
typedef struct _PF_FOLLOWENTRY
|
|
{
|
|
char szProtocol[ 16 ];
|
|
} PF_FOLLOWENTRY;
|
|
|
|
typedef PF_FOLLOWENTRY *PPF_FOLLOWENTRY;
|
|
|
|
// PF_FOLLOWSET
|
|
typedef struct _PF_FOLLOWSET
|
|
{
|
|
DWORD nEntries;
|
|
PF_FOLLOWENTRY Entry[0];
|
|
|
|
} PF_FOLLOWSET;
|
|
typedef PF_FOLLOWSET* PPF_FOLLOWSET;
|
|
|
|
// PARSERINFO - contains information about a single parser
|
|
typedef struct _PF_PARSERINFO
|
|
{
|
|
char szProtocolName[NETMON_MAX_PROTOCOL_NAME_LEN];
|
|
char szComment[MAX_PROTOCOL_COMMENT_LEN];
|
|
char szHelpFile[MAX_PATH];
|
|
|
|
PPF_FOLLOWSET pWhoCanPrecedeMe;
|
|
PPF_FOLLOWSET pWhoCanFollowMe;
|
|
|
|
PPF_HANDOFFSET pWhoHandsOffToMe;
|
|
PPF_HANDOFFSET pWhoDoIHandOffTo;
|
|
|
|
} PF_PARSERINFO;
|
|
typedef PF_PARSERINFO* PPF_PARSERINFO;
|
|
|
|
// PF_PARSERDLLINFO - contains information about a single parser DLL
|
|
typedef struct _PF_PARSERDLLINFO
|
|
{
|
|
// char szDLLName[MAX_PATH];
|
|
DWORD nParsers;
|
|
PF_PARSERINFO ParserInfo[0];
|
|
|
|
} PF_PARSERDLLINFO;
|
|
typedef PF_PARSERDLLINFO* PPF_PARSERDLLINFO;
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (IniLib.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
#define INI_PATH_LENGTH ( 256 )
|
|
|
|
#define MAX_HANDOFF_ENTRY_LENGTH ( 80 )
|
|
|
|
#define MAX_PROTOCOL_NAME ( 40 )
|
|
|
|
#define NUMALLOCENTRIES ( 10 )
|
|
|
|
#define RAW_INI_STR_LEN ( 200 )
|
|
|
|
#define PARSERS_SUBDIR "PARSERS"
|
|
#define INI_EXTENSION "INI"
|
|
#define BASE10_FORMAT_STR "%ld=%s %ld"
|
|
#define BASE16_FORMAT_STR "%lx=%s %lx"
|
|
// Given "XNS" or "TCP" or whatever BuildINIPath will return fully qual. path to "XNS.INI" or "TCP.INI"
|
|
LPSTR _cdecl BuildINIPath( char *FullPath,
|
|
char *IniFileName );
|
|
|
|
// Builds Handoff Set
|
|
DWORD WINAPI CreateHandoffTable(LPSTR secName,
|
|
LPSTR iniFile,
|
|
LPHANDOFFTABLE * hTable,
|
|
DWORD nMaxProtocolEntries,
|
|
DWORD base);
|
|
|
|
HPROTOCOL WINAPI GetProtocolFromTable(LPHANDOFFTABLE hTable, // lp to Handoff Table...
|
|
DWORD ItemToFind, // port number etc...
|
|
PDWORD_PTR lpInstData ); // inst data to give to next protocol
|
|
|
|
VOID WINAPI DestroyHandoffTable( LPHANDOFFTABLE hTable );
|
|
|
|
BOOLEAN WINAPI IsRawIPXEnabled(LPSTR secName,
|
|
LPSTR iniFile,
|
|
LPSTR CurProtocol );
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMExpert.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
#define EXPERTSTRINGLENGTH ( 260 )
|
|
|
|
#define EXPERTGROUPNAMELENGTH ( 25 )
|
|
|
|
// HEXPERTKEY tracks running experts. It is only used by experts for
|
|
// self reference. It refers to a RUNNINGEXPERT (an internal only structure)..
|
|
typedef LPVOID HEXPERTKEY;
|
|
|
|
typedef HEXPERTKEY *PHEXPERTKEY;
|
|
|
|
// HEXPERT tracks loaded experts. It refers to an EXPERTENUMINFO.
|
|
typedef LPVOID HEXPERT;
|
|
|
|
typedef HEXPERT *PHEXPERT;
|
|
|
|
// HRUNNINGEXPERT tracks a currently running expert.
|
|
// It refers to a RUNNINGEXPERT (an internal only structure).
|
|
typedef LPVOID HRUNNINGEXPERT;
|
|
|
|
typedef HRUNNINGEXPERT *PHRUNNINGEXPERT;
|
|
|
|
typedef struct _EXPERTENUMINFO * PEXPERTENUMINFO;
|
|
typedef struct _EXPERTCONFIG * PEXPERTCONFIG;
|
|
typedef struct _EXPERTSTARTUPINFO * PEXPERTSTARTUPINFO;
|
|
// Definitions needed to call experts
|
|
#define EXPERTENTRY_REGISTER "Register"
|
|
#define EXPERTENTRY_CONFIGURE "Configure"
|
|
#define EXPERTENTRY_RUN "Run"
|
|
typedef BOOL (WINAPI * PEXPERTREGISTERPROC)( PEXPERTENUMINFO );
|
|
typedef BOOL (WINAPI * PEXPERTCONFIGPROC) ( HEXPERTKEY, PEXPERTCONFIG*, PEXPERTSTARTUPINFO, DWORD, HWND );
|
|
typedef BOOL (WINAPI * PEXPERTRUNPROC) ( HEXPERTKEY, PEXPERTCONFIG, PEXPERTSTARTUPINFO, DWORD, HWND);
|
|
// EXPERTENUMINFO describes an expert that NetMon has loaded from disk.
|
|
// It does not include any configuration or runtime information.
|
|
typedef struct _EXPERTENUMINFO
|
|
{
|
|
char szName[EXPERTSTRINGLENGTH];
|
|
char szVendor[EXPERTSTRINGLENGTH];
|
|
char szDescription[EXPERTSTRINGLENGTH];
|
|
DWORD Version;
|
|
DWORD Flags;
|
|
char szDllName[MAX_PATH]; // private, dont' touch
|
|
HEXPERT hExpert; // private, don't touch
|
|
HINSTANCE hModule; // private, don't touch
|
|
PEXPERTREGISTERPROC pRegisterProc; // private, don't touch
|
|
PEXPERTCONFIGPROC pConfigProc; // private, don't touch
|
|
PEXPERTRUNPROC pRunProc; // private, don't touch
|
|
|
|
} EXPERTENUMINFO;
|
|
typedef EXPERTENUMINFO * PEXPERTENUMINFO;
|
|
#define EXPERT_ENUM_FLAG_CONFIGURABLE ( 0x1 )
|
|
|
|
#define EXPERT_ENUM_FLAG_VIEWER_PRIVATE ( 0x2 )
|
|
|
|
#define EXPERT_ENUM_FLAG_NO_VIEWER ( 0x4 )
|
|
|
|
#define EXPERT_ENUM_FLAG_ADD_ME_TO_RMC_IN_SUMMARY ( 0x10 )
|
|
|
|
#define EXPERT_ENUM_FLAG_ADD_ME_TO_RMC_IN_DETAIL ( 0x20 )
|
|
|
|
// EXPERTSTARTUPINFO
|
|
// This gives the Expert an indication of where he came from.
|
|
// Note: if the lpPropertyInst->PropertyInfo->DataQualifier == PROP_QUAL_FLAGS
|
|
// then the sBitField structure is filled in
|
|
typedef struct _EXPERTSTARTUPINFO
|
|
{
|
|
DWORD Flags;
|
|
HCAPTURE hCapture;
|
|
char szCaptureFile[MAX_PATH];
|
|
DWORD dwFrameNumber;
|
|
HPROTOCOL hProtocol;
|
|
|
|
LPPROPERTYINST lpPropertyInst;
|
|
|
|
struct
|
|
{
|
|
BYTE BitNumber;
|
|
BOOL bOn;
|
|
} sBitfield;
|
|
|
|
} EXPERTSTARTUPINFO;
|
|
// EXPERTCONFIG
|
|
// This is a generic holder for an Expert's config data.
|
|
typedef struct _EXPERTCONFIG
|
|
{
|
|
DWORD RawConfigLength;
|
|
BYTE RawConfigData[0];
|
|
|
|
} EXPERTCONFIG;
|
|
typedef EXPERTCONFIG * PEXPERTCONFIG;
|
|
// CONFIGUREDEXPERT
|
|
// This structure associates a loaded expert with its configuration data.
|
|
typedef struct
|
|
{
|
|
HEXPERT hExpert;
|
|
DWORD StartupFlags;
|
|
PEXPERTCONFIG pConfig;
|
|
} CONFIGUREDEXPERT;
|
|
typedef CONFIGUREDEXPERT * PCONFIGUREDEXPERT;
|
|
// EXPERTFRAMEDESCRIPTOR - passed back to the expert to fulfil the request for a frame
|
|
typedef struct
|
|
{
|
|
DWORD FrameNumber; // Frame Number.
|
|
HFRAME hFrame; // Handle to the frame.
|
|
ULPFRAME pFrame; // pointer to frame.
|
|
LPRECOGNIZEDATATABLE lpRecognizeDataTable;// pointer to table of RECOGNIZEDATA structures.
|
|
LPPROPERTYTABLE lpPropertyTable; // pointer to property table.
|
|
|
|
} EXPERTFRAMEDESCRIPTOR;
|
|
typedef EXPERTFRAMEDESCRIPTOR * LPEXPERTFRAMEDESCRIPTOR;
|
|
#define GET_SPECIFIED_FRAME ( 0 )
|
|
|
|
#define GET_FRAME_NEXT_FORWARD ( 1 )
|
|
|
|
#define GET_FRAME_NEXT_BACKWARD ( 2 )
|
|
|
|
#define FLAGS_DEFER_TO_UI_FILTER ( 0x1 )
|
|
|
|
#define FLAGS_ATTACH_PROPERTIES ( 0x2 )
|
|
|
|
// EXPERTSTATUSENUM
|
|
// gives the possible values for the status field in the EXPERTSTATUS structure
|
|
typedef /* [public][public][public] */
|
|
enum __MIDL___MIDL_itf_netmon_0000_0016
|
|
{ EXPERTSTATUS_INACTIVE = 0,
|
|
EXPERTSTATUS_STARTING = EXPERTSTATUS_INACTIVE + 1,
|
|
EXPERTSTATUS_RUNNING = EXPERTSTATUS_STARTING + 1,
|
|
EXPERTSTATUS_PROBLEM = EXPERTSTATUS_RUNNING + 1,
|
|
EXPERTSTATUS_ABORTED = EXPERTSTATUS_PROBLEM + 1,
|
|
EXPERTSTATUS_DONE = EXPERTSTATUS_ABORTED + 1
|
|
} EXPERTSTATUSENUMERATION;
|
|
|
|
// EXPERTSUBSTATUS bitfield
|
|
// gives the possible values for the substatus field in the EXPERTSTATUS structure
|
|
#define EXPERTSUBSTATUS_ABORTED_USER ( 0x1 )
|
|
|
|
#define EXPERTSUBSTATUS_ABORTED_LOAD_FAIL ( 0x2 )
|
|
|
|
#define EXPERTSUBSTATUS_ABORTED_THREAD_FAIL ( 0x4 )
|
|
|
|
#define EXPERTSUBSTATUS_ABORTED_BAD_ENTRY ( 0x8 )
|
|
|
|
// EXPERTSTATUS
|
|
// Indicates the current status of a running expert.
|
|
typedef /* [public][public] */ struct __MIDL___MIDL_itf_netmon_0000_0017
|
|
{
|
|
EXPERTSTATUSENUMERATION Status;
|
|
DWORD SubStatus;
|
|
DWORD PercentDone;
|
|
DWORD Frame;
|
|
char szStatusText[ 260 ];
|
|
} EXPERTSTATUS;
|
|
|
|
typedef EXPERTSTATUS *PEXPERTSTATUS;
|
|
|
|
// EXPERT STARTUP FLAGS
|
|
#define EXPERT_STARTUP_FLAG_USE_STARTUP_DATA_OVER_CONFIG_DATA ( 0x1 )
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NetMon.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// A frame with no number contains this value as its frame number.
|
|
#define INVALID_FRAME_NUMBER ( ( DWORD )-1 )
|
|
|
|
//=============================================================================
|
|
// Capture file flags.
|
|
//=============================================================================
|
|
#define CAPTUREFILE_OPEN OPEN_EXISTING
|
|
#define CAPTUREFILE_CREATE CREATE_NEW
|
|
//=============================================================================
|
|
// CAPTURE CONTEXT API's.
|
|
//=============================================================================
|
|
|
|
LPSYSTEMTIME WINAPI GetCaptureTimeStamp(HCAPTURE hCapture);
|
|
|
|
DWORD WINAPI GetCaptureMacType(HCAPTURE hCapture);
|
|
|
|
DWORD WINAPI GetCaptureTotalFrames(HCAPTURE hCapture);
|
|
|
|
LPSTR WINAPI GetCaptureComment(HCAPTURE hCapture);
|
|
|
|
//=============================================================================
|
|
// FRAME HELP API's.
|
|
//=============================================================================
|
|
|
|
DWORD WINAPI MacTypeToAddressType(DWORD MacType);
|
|
|
|
DWORD WINAPI AddressTypeToMacType(DWORD AddressType);
|
|
|
|
DWORD WINAPI GetFrameDstAddressOffset(HFRAME hFrame, DWORD AddressType, LPDWORD AddressLength);
|
|
|
|
DWORD WINAPI GetFrameSrcAddressOffset(HFRAME hFrame, DWORD AddressType, LPDWORD AddressLength);
|
|
|
|
HCAPTURE WINAPI GetFrameCaptureHandle(HFRAME hFrame);
|
|
|
|
|
|
DWORD WINAPI GetFrameDestAddress(HFRAME hFrame,
|
|
LPADDRESS2 lpAddress,
|
|
DWORD AddressType,
|
|
DWORD Flags);
|
|
|
|
DWORD WINAPI GetFrameSourceAddress(HFRAME hFrame,
|
|
LPADDRESS2 lpAddress,
|
|
DWORD AddressType,
|
|
DWORD Flags);
|
|
|
|
DWORD WINAPI GetFrameMacHeaderLength(HFRAME hFrame);
|
|
|
|
BOOL WINAPI CompareFrameDestAddress(HFRAME hFrame, LPADDRESS2 lpAddress);
|
|
|
|
BOOL WINAPI CompareFrameSourceAddress(HFRAME hFrame, LPADDRESS2 lpAddress);
|
|
|
|
DWORD WINAPI GetFrameLength(HFRAME hFrame);
|
|
|
|
DWORD WINAPI GetFrameStoredLength(HFRAME hFrame);
|
|
|
|
DWORD WINAPI GetFrameMacType(HFRAME hFrame);
|
|
|
|
DWORD WINAPI GetFrameMacHeaderLength(HFRAME hFrame);
|
|
|
|
DWORD WINAPI GetFrameNumber(HFRAME hFrame);
|
|
|
|
__int64 WINAPI GetFrameTimeStamp(HFRAME hFrame);
|
|
|
|
ULPFRAME WINAPI GetFrameFromFrameHandle(HFRAME hFrame);
|
|
|
|
//=============================================================================
|
|
// FRAME API's.
|
|
//=============================================================================
|
|
|
|
HFRAME WINAPI ModifyFrame(HCAPTURE hCapture,
|
|
DWORD FrameNumber,
|
|
LPBYTE FrameData,
|
|
DWORD FrameLength,
|
|
__int64 TimeStamp);
|
|
|
|
HFRAME WINAPI FindNextFrame(HFRAME hCurrentFrame,
|
|
LPSTR ProtocolName,
|
|
LPADDRESS2 lpDestAddress,
|
|
LPADDRESS2 lpSrcAddress,
|
|
LPWORD ProtocolOffset,
|
|
DWORD OriginalFrameNumber,
|
|
DWORD nHighestFrame);
|
|
|
|
HFRAME WINAPI FindPreviousFrame(HFRAME hCurrentFrame,
|
|
LPSTR ProtocolName,
|
|
LPADDRESS2 lpDstAddress,
|
|
LPADDRESS2 lpSrcAddress,
|
|
LPWORD ProtocolOffset,
|
|
DWORD OriginalFrameNumber,
|
|
DWORD nLowestFrame );
|
|
|
|
HCAPTURE WINAPI GetFrameCaptureHandle(HFRAME);
|
|
|
|
HFRAME WINAPI GetFrame(HCAPTURE hCapture, DWORD FrameNumber);
|
|
|
|
LPRECOGNIZEDATATABLE WINAPI GetFrameRecognizeData(HFRAME hFrame);
|
|
|
|
//=============================================================================
|
|
// Protocol API's.
|
|
//=============================================================================
|
|
|
|
HPROTOCOL WINAPI CreateProtocol(LPSTR ProtocolName,
|
|
LPENTRYPOINTS lpEntryPoints,
|
|
DWORD cbEntryPoints);
|
|
|
|
VOID WINAPI DestroyProtocol(HPROTOCOL hProtocol);
|
|
|
|
LPPROTOCOLINFO WINAPI GetProtocolInfo(HPROTOCOL hProtocol);
|
|
|
|
HPROPERTY WINAPI GetProperty(HPROTOCOL hProtocol, LPSTR PropertyName);
|
|
|
|
HPROTOCOL WINAPI GetProtocolFromName(LPSTR ProtocolName);
|
|
|
|
DWORD WINAPI GetProtocolStartOffset(HFRAME hFrame, LPSTR ProtocolName);
|
|
|
|
DWORD WINAPI GetProtocolStartOffsetHandle(HFRAME hFrame, HPROTOCOL hProtocol);
|
|
|
|
DWORD WINAPI GetPreviousProtocolOffsetByName(HFRAME hFrame,
|
|
DWORD dwStartOffset,
|
|
LPSTR szProtocolName,
|
|
DWORD* pdwPreviousOffset);
|
|
|
|
LPPROTOCOLTABLE WINAPI GetEnabledProtocols(HCAPTURE hCapture);
|
|
|
|
//=============================================================================
|
|
// Property API's.
|
|
//=============================================================================
|
|
|
|
DWORD WINAPI CreatePropertyDatabase(HPROTOCOL hProtocol, DWORD nProperties);
|
|
|
|
DWORD WINAPI DestroyPropertyDatabase(HPROTOCOL hProtocol);
|
|
|
|
HPROPERTY WINAPI AddProperty(HPROTOCOL hProtocol, LPPROPERTYINFO PropertyInfo);
|
|
|
|
BOOL WINAPI AttachPropertyInstance(HFRAME hFrame,
|
|
HPROPERTY hProperty,
|
|
DWORD Length,
|
|
ULPVOID lpData,
|
|
DWORD HelpID,
|
|
DWORD Level,
|
|
DWORD IFlags);
|
|
|
|
BOOL WINAPI AttachPropertyInstanceEx(HFRAME hFrame,
|
|
HPROPERTY hProperty,
|
|
DWORD Length,
|
|
ULPVOID lpData,
|
|
DWORD ExLength,
|
|
ULPVOID lpExData,
|
|
DWORD HelpID,
|
|
DWORD Level,
|
|
DWORD IFlags);
|
|
|
|
LPPROPERTYINST WINAPI FindPropertyInstance(HFRAME hFrame, HPROPERTY hProperty);
|
|
|
|
LPPROPERTYINST WINAPI FindPropertyInstanceRestart (HFRAME hFrame,
|
|
HPROPERTY hProperty,
|
|
LPPROPERTYINST *lpRestartKey,
|
|
BOOL DirForward );
|
|
|
|
LPPROPERTYINFO WINAPI GetPropertyInfo(HPROPERTY hProperty);
|
|
|
|
LPSTR WINAPI GetPropertyText(HFRAME hFrame, LPPROPERTYINST lpPI, LPSTR szBuffer, DWORD BufferSize);
|
|
|
|
DWORD WINAPI ResetPropertyInstanceLength( LPPROPERTYINST lpProp,
|
|
WORD nOrgLen,
|
|
WORD nNewLen );
|
|
//=============================================================================
|
|
// MISC. API's.
|
|
//=============================================================================
|
|
|
|
DWORD WINAPI GetCaptureCommentFromFilename(LPSTR lpFilename, LPSTR lpComment, DWORD BufferSize);
|
|
|
|
int WINAPI CompareAddresses(LPADDRESS2 lpAddress1, LPADDRESS2 lpAddress2);
|
|
|
|
DWORD WINAPIV FormatPropertyInstance(LPPROPERTYINST lpPropertyInst, ...);
|
|
|
|
SYSTEMTIME * WINAPI AdjustSystemTime(SYSTEMTIME *SystemTime, __int64 TimeDelta);
|
|
|
|
LPSTR WINAPI NMRtlIpv6AddressToStringA(const BYTE IP6Addr[],LPSTR S);
|
|
|
|
LPWSTR WINAPI NMRtlIpv6AddressToStringW(const BYTE IP6Addr[], LPWSTR S);
|
|
|
|
ULONG WINAPI NMRtlIpv6StringToAddressA(LPCSTR S, LPCSTR *Terminator, BYTE IP6Addr[]);
|
|
|
|
ULONG WINAPI NMRtlIpv6StringToAddressW(LPCWSTR S, LPCWSTR *Terminator, BYTE IP6Addr[]);
|
|
|
|
//=============================================================================
|
|
// EXPERT API's for use by Experts
|
|
//=============================================================================
|
|
|
|
DWORD WINAPI ExpertGetFrame( IN HEXPERTKEY hExpertKey,
|
|
IN DWORD Direction,
|
|
IN DWORD RequestFlags,
|
|
IN DWORD RequestedFrameNumber,
|
|
IN HFILTER hFilter,
|
|
OUT LPEXPERTFRAMEDESCRIPTOR pEFrameDescriptor);
|
|
|
|
LPVOID WINAPI ExpertAllocMemory( IN HEXPERTKEY hExpertKey,
|
|
IN SIZE_T nBytes,
|
|
OUT DWORD* pError);
|
|
|
|
LPVOID WINAPI ExpertReallocMemory( IN HEXPERTKEY hExpertKey,
|
|
IN LPVOID pOriginalMemory,
|
|
IN SIZE_T nBytes,
|
|
OUT DWORD* pError);
|
|
|
|
DWORD WINAPI ExpertFreeMemory( IN HEXPERTKEY hExpertKey,
|
|
IN LPVOID pOriginalMemory);
|
|
|
|
SIZE_T WINAPI ExpertMemorySize( IN HEXPERTKEY hExpertKey,
|
|
IN LPVOID pOriginalMemory);
|
|
|
|
DWORD WINAPI ExpertIndicateStatus( IN HEXPERTKEY hExpertKey,
|
|
IN EXPERTSTATUSENUMERATION Status,
|
|
IN DWORD SubStatus,
|
|
IN const char * szText,
|
|
IN LONG PercentDone);
|
|
|
|
DWORD WINAPI ExpertSubmitEvent( IN HEXPERTKEY hExpertKey,
|
|
IN PNMEVENTDATA pExpertEvent);
|
|
|
|
DWORD WINAPI ExpertGetStartupInfo( IN HEXPERTKEY hExpertKey,
|
|
OUT PEXPERTSTARTUPINFO pExpertStartupInfo);
|
|
|
|
//=============================================================================
|
|
// DEBUG API's.
|
|
//=============================================================================
|
|
#ifdef DEBUG
|
|
|
|
//=============================================================================
|
|
// BreakPoint() macro.
|
|
//=============================================================================
|
|
// We do not want breakpoints in our code any more...
|
|
// so we are defining DebugBreak(), usually a system call, to be
|
|
// just a dprintf. BreakPoint() is still defined as DebugBreak().
|
|
|
|
#ifdef DebugBreak
|
|
#undef DebugBreak
|
|
#endif // DebugBreak
|
|
|
|
#define DebugBreak() dprintf("DebugBreak Called at %s:%s", __FILE__, __LINE__);
|
|
#define BreakPoint() DebugBreak()
|
|
|
|
#endif // DEBUG
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMBlob.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// Blob Constants
|
|
//=============================================================================
|
|
#define INITIAL_RESTART_KEY ( 0xffffffff )
|
|
|
|
//=============================================================================
|
|
// Blob Core Helper Routines
|
|
//=============================================================================
|
|
DWORD _cdecl CreateBlob(HBLOB * phBlob);
|
|
|
|
DWORD _cdecl DestroyBlob(HBLOB hBlob);
|
|
|
|
DWORD _cdecl SetStringInBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
const char * pString);
|
|
|
|
DWORD _cdecl SetWStringInBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
const WCHAR * pwString);
|
|
|
|
DWORD _cdecl ConvertWStringToHexString(const WCHAR *pwsz,
|
|
char ** ppsz);
|
|
|
|
DWORD _cdecl GetStringFromBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
const char ** ppString);
|
|
|
|
DWORD _cdecl ConvertHexStringToWString(CHAR *psz,
|
|
WCHAR **ppwsz);
|
|
|
|
DWORD _cdecl GetWStringFromBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
WCHAR ** ppwString);
|
|
|
|
DWORD _cdecl GetStringsFromBlob(HBLOB hBlob,
|
|
const char * pRequestedOwnerName,
|
|
const char * pRequestedCategoryName,
|
|
const char * pRequestedTagName,
|
|
const char ** ppReturnedOwnerName,
|
|
const char ** ppReturnedCategoryName,
|
|
const char ** ppReturnedTagName,
|
|
const char ** ppReturnedString,
|
|
DWORD * pRestartKey);
|
|
|
|
DWORD _cdecl RemoveFromBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName);
|
|
|
|
DWORD _cdecl LockBlob(HBLOB hBlob);
|
|
|
|
DWORD _cdecl UnlockBlob(HBLOB hBlob);
|
|
|
|
DWORD _cdecl FindUnknownBlobCategories( HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pKnownCategoriesTable[],
|
|
HBLOB hUnknownCategoriesBlob);
|
|
|
|
//=============================================================================
|
|
// Blob Helper Routines
|
|
//=============================================================================
|
|
DWORD _cdecl MergeBlob(HBLOB hDstBlob,
|
|
HBLOB hSrcBlob);
|
|
|
|
DWORD _cdecl DuplicateBlob (HBLOB hSrcBlob,
|
|
HBLOB *hBlobThatWillBeCreated );
|
|
|
|
DWORD _cdecl WriteBlobToFile(HBLOB hBlob,
|
|
const char * pFileName);
|
|
|
|
DWORD _cdecl ReadBlobFromFile(HBLOB* phBlob,
|
|
const char * pFileName);
|
|
|
|
DWORD _cdecl RegCreateBlobKey(HKEY hkey, const char* szBlobName, HBLOB hBlob);
|
|
|
|
DWORD _cdecl RegOpenBlobKey(HKEY hkey, const char* szBlobName, HBLOB* phBlob);
|
|
|
|
DWORD _cdecl MarshalBlob(HBLOB hBlob, DWORD* pSize, BYTE** ppBytes);
|
|
|
|
DWORD _cdecl UnMarshalBlob(HBLOB* phBlob, DWORD Size, BYTE* pBytes);
|
|
|
|
DWORD _cdecl SetDwordInBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
DWORD Dword);
|
|
|
|
DWORD _cdecl GetDwordFromBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
DWORD * pDword);
|
|
|
|
DWORD _cdecl SetBoolInBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
BOOL Bool);
|
|
|
|
DWORD _cdecl GetBoolFromBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
BOOL * pBool);
|
|
|
|
DWORD _cdecl GetMacAddressFromBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
BYTE * pMacAddress);
|
|
|
|
DWORD _cdecl SetMacAddressInBlob(HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pTagName,
|
|
const BYTE * pMacAddress);
|
|
|
|
DWORD _cdecl FindUnknownBlobTags( HBLOB hBlob,
|
|
const char * pOwnerName,
|
|
const char * pCategoryName,
|
|
const char * pKnownTagsTable[],
|
|
HBLOB hUnknownTagsBlob);
|
|
|
|
//=============================================================================
|
|
// Blob NPP Helper Routines
|
|
//=============================================================================
|
|
DWORD _cdecl SetNetworkInfoInBlob(HBLOB hBlob,
|
|
LPNETWORKINFO lpNetworkInfo);
|
|
|
|
DWORD _cdecl GetNetworkInfoFromBlob(HBLOB hBlob,
|
|
LPNETWORKINFO lpNetworkInfo);
|
|
|
|
DWORD _cdecl CreateNPPInterface ( HBLOB hBlob,
|
|
REFIID iid,
|
|
void ** ppvObject);
|
|
|
|
DWORD _cdecl SetClassIDInBlob(HBLOB hBlob,
|
|
const char* pOwnerName,
|
|
const char* pCategoryName,
|
|
const char* pTagName,
|
|
const CLSID* pClsID);
|
|
|
|
DWORD _cdecl GetClassIDFromBlob(HBLOB hBlob,
|
|
const char* pOwnerName,
|
|
const char* pCategoryName,
|
|
const char* pTagName,
|
|
CLSID * pClsID);
|
|
|
|
DWORD _cdecl SetNPPPatternFilterInBlob( HBLOB hBlob,
|
|
LPEXPRESSION pExpression,
|
|
HBLOB hErrorBlob);
|
|
|
|
DWORD _cdecl GetNPPPatternFilterFromBlob( HBLOB hBlob,
|
|
LPEXPRESSION pExpression,
|
|
HBLOB hErrorBlob);
|
|
|
|
DWORD _cdecl SetNPPAddress2FilterInBlob( HBLOB hBlob,
|
|
LPADDRESSTABLE2 pAddressTable);
|
|
|
|
DWORD _cdecl GetNPPAddress2FilterFromBlob( HBLOB hBlob,
|
|
LPADDRESSTABLE2 pAddressTable,
|
|
HBLOB hErrorBlob);
|
|
|
|
DWORD _cdecl SetNPPTriggerInBlob( HBLOB hBlob,
|
|
LPTRIGGER pTrigger,
|
|
HBLOB hErrorBlob);
|
|
|
|
DWORD _cdecl GetNPPTriggerFromBlob( HBLOB hBlob,
|
|
LPTRIGGER pTrigger,
|
|
HBLOB hErrorBlob);
|
|
|
|
DWORD _cdecl SetNPPEtypeSapFilter(HBLOB hBlob,
|
|
WORD nSaps,
|
|
WORD nEtypes,
|
|
LPBYTE lpSapTable,
|
|
LPWORD lpEtypeTable,
|
|
DWORD FilterFlags,
|
|
HBLOB hErrorBlob);
|
|
|
|
DWORD _cdecl GetNPPEtypeSapFilter(HBLOB hBlob,
|
|
WORD *pnSaps,
|
|
WORD *pnEtypes,
|
|
LPBYTE *ppSapTable,
|
|
LPWORD *ppEtypeTable,
|
|
DWORD *pFilterFlags,
|
|
HBLOB hErrorBlob);
|
|
|
|
// GetNPPMacTypeAsNumber maps the tag NPP:NetworkInfo:MacType to the MAC_TYPE_*
|
|
// defined in the NPPTYPES.h. If the tag is unavailable, the API returns MAC_TYPE_UNKNOWN.
|
|
DWORD _cdecl GetNPPMacTypeAsNumber(HBLOB hBlob,
|
|
LPDWORD lpMacType);
|
|
|
|
// See if a remote catagory exists... and make sure that the remote computername
|
|
// isn't the same as the local computername.
|
|
BOOL _cdecl IsRemoteNPP ( HBLOB hBLOB);
|
|
|
|
//=============================================================================
|
|
// npp tag definitions
|
|
//=============================================================================
|
|
#define OWNER_NPP "NPP"
|
|
|
|
#define CATEGORY_NETWORKINFO "NetworkInfo"
|
|
#define TAG_MACTYPE "MacType"
|
|
#define TAG_CURRENTADDRESS "CurrentAddress"
|
|
#define TAG_LINKSPEED "LinkSpeed"
|
|
#define TAG_MAXFRAMESIZE "MaxFrameSize"
|
|
#define TAG_FLAGS "Flags"
|
|
#define TAG_TIMESTAMPSCALEFACTOR "TimeStampScaleFactor"
|
|
#define TAG_COMMENT "Comment"
|
|
#define TAG_NODENAME "NodeName"
|
|
#define TAG_NAME "Name"
|
|
#define TAG_FAKENPP "Fake"
|
|
#define TAG_PROMISCUOUS_MODE "PMode"
|
|
|
|
#define CATEGORY_LOCATION "Location"
|
|
#define TAG_RAS "Dial-up Connection"
|
|
#define TAG_MACADDRESS "MacAddress"
|
|
#define TAG_CLASSID "ClassID"
|
|
#define TAG_NAME "Name"
|
|
#define TAG_CONNECTIONNAME "Connection Name"
|
|
#define TAG_FRIENDLYNAME "Friendly Name"
|
|
|
|
#define CATEGORY_CONFIG "Config"
|
|
#define TAG_FRAME_SIZE "FrameSize"
|
|
#define TAG_UPDATE_FREQUENCY "UpdateFreq"
|
|
#define TAG_BUFFER_SIZE "BufferSize"
|
|
#define TAG_PATTERN_DESIGNATOR "PatternMatch"
|
|
#define TAG_PATTERN "Pattern"
|
|
#define TAG_ADDRESS_PAIR "AddressPair"
|
|
#define TAG_CONNECTIONFLAGS "ConnectionFlags"
|
|
#define TAG_ETYPES "Etypes"
|
|
#define TAG_SAPS "Saps"
|
|
#define TAG_NO_CONVERSATION_STATS "NoConversationStats"
|
|
#define TAG_NO_STATS_FRAME "NoStatsFrame"
|
|
#define TAG_DONT_DELETE_EMPTY_CAPTURE "DontDeleteEmptyCapture"
|
|
#define TAG_WANT_PROTOCOL_INFO "WantProtocolInfo"
|
|
#define TAG_INTERFACE_DELAYED_CAPTURE "IDdC"
|
|
#define TAG_INTERFACE_REALTIME_CAPTURE "IRTC"
|
|
#define TAG_INTERFACE_STATS "ISts"
|
|
#define TAG_INTERFACE_TRANSMIT "IXmt"
|
|
#define TAG_LOCAL_ONLY "LocalOnly"
|
|
// Is_Remote is set to TRUE by NPPs that go remote. Note that when you
|
|
// are looking for a remote NPP, you probably also need to ask for
|
|
// blobs that have the TAG_GET_SPECIAL_BLOBS bool set
|
|
#define TAG_IS_REMOTE "IsRemote"
|
|
|
|
|
|
#define CATEGORY_TRIGGER "Trigger"
|
|
#define TAG_TRIGGER "Trigger"
|
|
|
|
#define CATEGORY_FINDER "Finder"
|
|
#define TAG_ROOT "Root"
|
|
#define TAG_PROCNAME "ProcName"
|
|
#define TAG_DISP_STRING "Display"
|
|
#define TAG_DLL_FILENAME "DLLName"
|
|
#define TAG_GET_SPECIAL_BLOBS "Specials"
|
|
|
|
#define CATEGORY_REMOTE "Remote"
|
|
#define TAG_REMOTECOMPUTER "RemoteComputer"
|
|
#define TAG_REMOTECLASSID "ClassID"
|
|
|
|
|
|
//=============================================================================
|
|
// npp value definitions
|
|
//=============================================================================
|
|
// Mac types
|
|
#define PROTOCOL_STRING_ETHERNET_TXT "ETHERNET"
|
|
#define PROTOCOL_STRING_TOKENRING_TXT "TOKENRING"
|
|
#define PROTOCOL_STRING_FDDI_TXT "FDDI"
|
|
#define PROTOCOL_STRING_ATM_TXT "ATM"
|
|
#define PROTOCOL_STRING_1394_TXT "IP/1394"
|
|
|
|
// lower protocols
|
|
#define PROTOCOL_STRING_IP_TXT "IP"
|
|
#define PROTOCOL_STRING_IP6_TXT "IP6"
|
|
#define PROTOCOL_STRING_IPX_TXT "IPX"
|
|
#define PROTOCOL_STRING_XNS_TXT "XNS"
|
|
#define PROTOCOL_STRING_VINES_IP_TXT "VINES IP"
|
|
|
|
// upper protocols
|
|
#define PROTOCOL_STRING_ICMP_TXT "ICMP"
|
|
#define PROTOCOL_STRING_TCP_TXT "TCP"
|
|
#define PROTOCOL_STRING_UDP_TXT "UDP"
|
|
#define PROTOCOL_STRING_SPX_TXT "SPX"
|
|
#define PROTOCOL_STRING_NCP_TXT "NCP"
|
|
|
|
// pseudo protocols
|
|
#define PROTOCOL_STRING_ANY_TXT "ANY"
|
|
#define PROTOCOL_STRING_ANY_GROUP_TXT "ANY GROUP"
|
|
#define PROTOCOL_STRING_HIGHEST_TXT "HIGHEST"
|
|
#define PROTOCOL_STRING_LOCAL_ONLY_TXT "LOCAL ONLY"
|
|
#define PROTOCOL_STRING_UNKNOWN_TXT "UNKNOWN"
|
|
#define PROTOCOL_STRING_DATA_TXT "DATA"
|
|
#define PROTOCOL_STRING_FRAME_TXT "FRAME"
|
|
#define PROTOCOL_STRING_NONE_TXT "NONE"
|
|
#define PROTOCOL_STRING_EFFECTIVE_TXT "EFFECTIVE"
|
|
|
|
#define ADDRESS_PAIR_INCLUDE_TXT "INCLUDE"
|
|
#define ADDRESS_PAIR_EXCLUDE_TXT "EXCLUDE"
|
|
|
|
#define INCLUDE_ALL_EXCEPT_TXT "INCLUDE ALL EXCEPT"
|
|
#define EXCLUDE_ALL_EXCEPT_TXT "EXCLUDE ALL EXCEPT"
|
|
|
|
#define PATTERN_MATCH_OR_TXT "OR("
|
|
#define PATTERN_MATCH_AND_TXT "AND("
|
|
|
|
#define TRIGGER_PATTERN_TXT "PATTERN MATCH"
|
|
#define TRIGGER_BUFFER_TXT "BUFFER CONTENT"
|
|
|
|
#define TRIGGER_NOTIFY_TXT "NOTIFY"
|
|
#define TRIGGER_STOP_TXT "STOP"
|
|
#define TRIGGER_PAUSE_TXT "PAUSE"
|
|
|
|
#define TRIGGER_25_PERCENT_TXT "25 PERCENT"
|
|
#define TRIGGER_50_PERCENT_TXT "50 PERCENT"
|
|
#define TRIGGER_75_PERCENT_TXT "75 PERCENT"
|
|
#define TRIGGER_100_PERCENT_TXT "100 PERCENT"
|
|
|
|
#define PATTERN_MATCH_NOT_TXT "NOT"
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMRegHelp.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
|
|
// Registry helpers
|
|
LPCSTR _cdecl FindOneOf(LPCSTR p1, LPCSTR p2);
|
|
|
|
LONG _cdecl recursiveDeleteKey(HKEY hKeyParent, // Parent of key to delete.
|
|
const char* lpszKeyChild); // Key to delete.
|
|
|
|
BOOL _cdecl SubkeyExists(const char* pszPath, // Path of key to check
|
|
const char* szSubkey); // Key to check
|
|
|
|
BOOL _cdecl setKeyAndValue(const char* szKey,
|
|
const char* szSubkey,
|
|
const char* szValue,
|
|
const char* szName) ;
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMIpStructs.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
|
|
// These structures are used to decode network data and so need to be packed
|
|
|
|
#pragma pack(push, 1)
|
|
//
|
|
// IP Packet Structure
|
|
//
|
|
typedef struct _IP
|
|
{
|
|
union
|
|
{
|
|
BYTE Version;
|
|
BYTE HdrLen;
|
|
};
|
|
BYTE ServiceType;
|
|
WORD TotalLen;
|
|
WORD ID;
|
|
union
|
|
{
|
|
WORD Flags;
|
|
WORD FragOff;
|
|
};
|
|
BYTE TimeToLive;
|
|
BYTE Protocol;
|
|
WORD HdrChksum;
|
|
DWORD SrcAddr;
|
|
DWORD DstAddr;
|
|
BYTE Options[0];
|
|
} IP;
|
|
|
|
typedef IP * LPIP;
|
|
typedef IP UNALIGNED * ULPIP;
|
|
// Psuedo Header used for CheckSum Calculations
|
|
typedef struct _PSUHDR
|
|
{
|
|
DWORD ph_SrcIP;
|
|
DWORD ph_DstIP;
|
|
UCHAR ph_Zero;
|
|
UCHAR ph_Proto;
|
|
WORD ph_ProtLen;
|
|
} PSUHDR;
|
|
|
|
typedef PSUHDR UNALIGNED * LPPSUHDR;
|
|
//
|
|
// IP Bitmasks that are useful
|
|
// (and the appropriate bit shifts, as well)
|
|
//
|
|
|
|
#define IP_VERSION_MASK ((BYTE) 0xf0)
|
|
#define IP_VERSION_SHIFT (4)
|
|
#define IP_HDRLEN_MASK ((BYTE) 0x0f)
|
|
#define IP_HDRLEN_SHIFT (0)
|
|
#define IP_PRECEDENCE_MASK ((BYTE) 0xE0)
|
|
#define IP_PRECEDENCE_SHIFT (5)
|
|
#define IP_TOS_MASK ((BYTE) 0x1E)
|
|
#define IP_TOS_SHIFT (1)
|
|
#define IP_DELAY_MASK ((BYTE) 0x10)
|
|
#define IP_THROUGHPUT_MASK ((BYTE) 0x08)
|
|
#define IP_RELIABILITY_MASK ((BYTE) 0x04)
|
|
#define IP_FLAGS_MASK ((BYTE) 0xE0)
|
|
#define IP_FLAGS_SHIFT (13)
|
|
#define IP_DF_MASK ((BYTE) 0x40)
|
|
#define IP_MF_MASK ((BYTE) 0x20)
|
|
#define IP_MF_SHIFT (5)
|
|
#define IP_FRAGOFF_MASK ((WORD) 0x1FFF)
|
|
#define IP_FRAGOFF_SHIFT (3)
|
|
#define IP_TCC_MASK ((DWORD) 0xFFFFFF00)
|
|
#define IP_TIME_OPTS_MASK ((BYTE) 0x0F)
|
|
#define IP_MISS_STNS_MASK ((BYTE) 0xF0)
|
|
|
|
#define IP_TIME_OPTS_SHIFT (0)
|
|
#define IP_MISS_STNS_SHIFT (4)
|
|
|
|
//
|
|
// Offset to checksum field in ip header
|
|
//
|
|
#define IP_CHKSUM_OFF 10
|
|
|
|
INLINE BYTE IP_Version(ULPIP pIP)
|
|
{
|
|
return (pIP->Version & IP_VERSION_MASK) >> IP_VERSION_SHIFT;
|
|
}
|
|
|
|
INLINE DWORD IP_HdrLen(ULPIP pIP)
|
|
{
|
|
return ((pIP->HdrLen & IP_HDRLEN_MASK) >> IP_HDRLEN_SHIFT) << 2;
|
|
}
|
|
|
|
INLINE WORD IP_FragOff(ULPIP pIP)
|
|
{
|
|
return (XCHG(pIP->FragOff) & IP_FRAGOFF_MASK) << IP_FRAGOFF_SHIFT;
|
|
}
|
|
|
|
INLINE DWORD IP_TotalLen(ULPIP pIP)
|
|
{
|
|
return XCHG(pIP->TotalLen);
|
|
}
|
|
|
|
INLINE DWORD IP_MoreFragments(ULPIP pIP)
|
|
{
|
|
return (pIP->Flags & IP_MF_MASK) >> IP_MF_SHIFT;
|
|
}
|
|
//
|
|
// Well known ports in the TCP/IP protocol (See RFC 1060)
|
|
//
|
|
#define PORT_TCPMUX 1 // TCP Port Service Multiplexer
|
|
#define PORT_RJE 5 // Remote Job Entry
|
|
#define PORT_ECHO 7 // Echo
|
|
#define PORT_DISCARD 9 // Discard
|
|
#define PORT_USERS 11 // Active users
|
|
#define PORT_DAYTIME 13 // Daytime
|
|
#define PORT_NETSTAT 15 // Netstat
|
|
#define PORT_QUOTE 17 // Quote of the day
|
|
#define PORT_CHARGEN 19 // Character Generator
|
|
#define PORT_FTPDATA 20 // File transfer [default data]
|
|
#define PORT_FTP 21 // File transfer [Control]
|
|
#define PORT_TELNET 23 // Telnet
|
|
#define PORT_SMTP 25 // Simple Mail Transfer
|
|
#define PORT_NSWFE 27 // NSW User System FE
|
|
#define PORT_MSGICP 29 // MSG ICP
|
|
#define PORT_MSGAUTH 31 // MSG Authentication
|
|
#define PORT_DSP 33 // Display Support
|
|
#define PORT_PRTSERVER 35 // any private printer server
|
|
#define PORT_TIME 37 // Time
|
|
#define PORT_RLP 39 // Resource Location Protocol
|
|
#define PORT_GRAPHICS 41 // Graphics
|
|
#define PORT_NAMESERVER 42 // Host Name Server
|
|
#define PORT_NICNAME 43 // Who is
|
|
#define PORT_MPMFLAGS 44 // MPM Flags
|
|
#define PORT_MPM 45 // Message Processing Module [recv]
|
|
#define PORT_MPMSND 46 // MPM [default send]
|
|
#define PORT_NIFTP 47 // NI FTP
|
|
#define PORT_LOGIN 49 // Login Host Protocol
|
|
#define PORT_LAMAINT 51 // IMP Logical Address Maintenance
|
|
#define PORT_DOMAIN 53 // Domain Name Server
|
|
#define PORT_ISIGL 55 // ISI Graphics Language
|
|
#define PORT_ANYTERMACC 57 // any private terminal access
|
|
#define PORT_ANYFILESYS 59 // any private file service
|
|
#define PORT_NIMAIL 61 // NI Mail
|
|
#define PORT_VIAFTP 63 // VIA Systems - FTP
|
|
#define PORT_TACACSDS 65 // TACACS - Database Service
|
|
#define PORT_BOOTPS 67 // Bootstrap Protocol server
|
|
#define PORT_BOOTPC 68 // Bootstrap Protocol client
|
|
#define PORT_TFTP 69 // Trivial File Transfer
|
|
#define PORT_NETRJS1 71 // Remote Job service
|
|
#define PORT_NETRJS2 72 // Remote Job service
|
|
#define PORT_NETRJS3 73 // Remote Job service
|
|
#define PORT_NETRJS4 74 // Remote Job service
|
|
#define PORT_ANYDIALOUT 75 // any private dial out service
|
|
#define PORT_ANYRJE 77 // any private RJE service
|
|
#define PORT_FINGER 79 // Finger
|
|
#define PORT_HTTP 80 // HTTP (www)
|
|
#define PORT_HOSTS2NS 81 // Hosts2 Name Server
|
|
#define PORT_MITMLDEV1 83 // MIT ML Device
|
|
#define PORT_MITMLDEV2 85 // MIT ML Device
|
|
#define PORT_ANYTERMLINK 87 // any private terminal link
|
|
#define PORT_SUMITTG 89 // SU/MIT Telnet Gateway
|
|
#define PORT_MITDOV 91 // MIT Dover Spooler
|
|
#define PORT_DCP 93 // Device Control Protocol
|
|
#define PORT_SUPDUP 95 // SUPDUP
|
|
#define PORT_SWIFTRVF 97 // Swift Remote Vitural File Protocol
|
|
#define PORT_TACNEWS 98 // TAC News
|
|
#define PORT_METAGRAM 99 // Metagram Relay
|
|
#define PORT_NEWACCT 100 // [Unauthorized use]
|
|
#define PORT_HOSTNAME 101 // NIC Host Name Server
|
|
#define PORT_ISOTSAP 102 // ISO-TSAP
|
|
#define PORT_X400 103 // X400
|
|
#define PORT_X400SND 104 // X400 - SND
|
|
#define PORT_CSNETNS 105 // Mailbox Name Nameserver
|
|
#define PORT_RTELNET 107 // Remote Telnet Service
|
|
#define PORT_POP2 109 // Post Office Protocol - version 2
|
|
#define PORT_POP3 110 // Post Office Protocol - version 3
|
|
#define PORT_SUNRPC 111 // SUN Remote Procedure Call
|
|
#define PORT_AUTH 113 // Authentication
|
|
#define PORT_SFTP 115 // Simple File Transfer Protocol
|
|
#define PORT_UUCPPATH 117 // UUCP Path Service
|
|
#define PORT_NNTP 119 // Network News Transfer Protocol
|
|
#define PORT_ERPC 121 // Encore Expedited Remote Proc. Call
|
|
#define PORT_NTP 123 // Network Time Protocol
|
|
#define PORT_LOCUSMAP 125 // Locus PC-Interface Net Map Sesrver
|
|
#define PORT_LOCUSCON 127 // Locus PC-Interface Conn Server
|
|
#define PORT_PWDGEN 129 // Password Generator Protocol
|
|
#define PORT_CISCOFNA 130 // CISCO FNATIVE
|
|
#define PORT_CISCOTNA 131 // CISCO TNATIVE
|
|
#define PORT_CISCOSYS 132 // CISCO SYSMAINT
|
|
#define PORT_STATSRV 133 // Statistics Service
|
|
#define PORT_INGRESNET 134 // Ingres net service
|
|
#define PORT_LOCSRV 135 // Location Service
|
|
#define PORT_PROFILE 136 // PROFILE Naming System
|
|
#define PORT_NETBIOSNS 137 // NETBIOS Name Service
|
|
#define PORT_NETBIOSDGM 138 // NETBIOS Datagram Service
|
|
#define PORT_NETBIOSSSN 139 // NETBIOS Session Service
|
|
#define PORT_EMFISDATA 140 // EMFIS Data Service
|
|
#define PORT_EMFISCNTL 141 // EMFIS Control Service
|
|
#define PORT_BLIDM 142 // Britton-Lee IDM
|
|
#define PORT_IMAP2 143 // Interim Mail Access Protocol v2
|
|
#define PORT_NEWS 144 // NewS
|
|
#define PORT_UAAC 145 // UAAC protocol
|
|
#define PORT_ISOTP0 146 // ISO-IP0
|
|
#define PORT_ISOIP 147 // ISO-IP
|
|
#define PORT_CRONUS 148 // CRONUS-Support
|
|
#define PORT_AED512 149 // AED 512 Emulation Service
|
|
#define PORT_SQLNET 150 // SQL-NET
|
|
#define PORT_HEMS 151 // HEMS
|
|
#define PORT_BFTP 152 // Background File Transfer Protocol
|
|
#define PORT_SGMP 153 // SGMP
|
|
#define PORT_NETSCPROD 154 // NETSC
|
|
#define PORT_NETSCDEV 155 // NETSC
|
|
#define PORT_SQLSRV 156 // SQL service
|
|
#define PORT_KNETCMP 157 // KNET/VM Command/Message Protocol
|
|
#define PORT_PCMAILSRV 158 // PCMail server
|
|
#define PORT_NSSROUTING 159 // NSS routing
|
|
#define PORT_SGMPTRAPS 160 // SGMP-TRAPS
|
|
#define PORT_SNMP 161 // SNMP
|
|
#define PORT_SNMPTRAP 162 // SNMPTRAP
|
|
#define PORT_CMIPMANAGE 163 // CMIP/TCP Manager
|
|
#define PORT_CMIPAGENT 164 // CMIP/TCP Agent
|
|
#define PORT_XNSCOURIER 165 // Xerox
|
|
#define PORT_SNET 166 // Sirius Systems
|
|
#define PORT_NAMP 167 // NAMP
|
|
#define PORT_RSVD 168 // RSVC
|
|
#define PORT_SEND 169 // SEND
|
|
#define PORT_PRINTSRV 170 // Network Postscript
|
|
#define PORT_MULTIPLEX 171 // Network Innovations Multiples
|
|
#define PORT_CL1 172 // Network Innovations CL/1
|
|
#define PORT_XYPLEXMUX 173 // Xyplex
|
|
#define PORT_MAILQ 174 // MAILQ
|
|
#define PORT_VMNET 175 // VMNET
|
|
#define PORT_GENRADMUX 176 // GENRAD-MUX
|
|
#define PORT_XDMCP 177 // X Display Manager Control Protocol
|
|
#define PORT_NEXTSTEP 178 // NextStep Window Server
|
|
#define PORT_BGP 179 // Border Gateway Protocol
|
|
#define PORT_RIS 180 // Intergraph
|
|
#define PORT_UNIFY 181 // Unify
|
|
#define PORT_UNISYSCAM 182 // Unisys-Cam
|
|
#define PORT_OCBINDER 183 // OCBinder
|
|
#define PORT_OCSERVER 184 // OCServer
|
|
#define PORT_REMOTEKIS 185 // Remote-KIS
|
|
#define PORT_KIS 186 // KIS protocol
|
|
#define PORT_ACI 187 // Application Communication Interface
|
|
#define PORT_MUMPS 188 // MUMPS
|
|
#define PORT_QFT 189 // Queued File Transport
|
|
#define PORT_GACP 190 // Gateway Access Control Protocol
|
|
#define PORT_PROSPERO 191 // Prospero
|
|
#define PORT_OSUNMS 192 // OSU Network Monitoring System
|
|
#define PORT_SRMP 193 // Spider Remote Monitoring Protocol
|
|
#define PORT_IRC 194 // Internet Relay Chat Protocol
|
|
#define PORT_DN6NLMAUD 195 // DNSIX Network Level Module Audit
|
|
#define PORT_DN6SMMRED 196 // DSNIX Session Mgt Module Audit Redirector
|
|
#define PORT_DLS 197 // Directory Location Service
|
|
#define PORT_DLSMON 198 // Directory Location Service Monitor
|
|
#define PORT_ATRMTP 201 // AppleTalk Routing Maintenance
|
|
#define PORT_ATNBP 202 // AppleTalk Name Binding
|
|
#define PORT_AT3 203 // AppleTalk Unused
|
|
#define PORT_ATECHO 204 // AppleTalk Echo
|
|
#define PORT_AT5 205 // AppleTalk Unused
|
|
#define PORT_ATZIS 206 // AppleTalk Zone Information
|
|
#define PORT_AT7 207 // AppleTalk Unused
|
|
#define PORT_AT8 208 // AppleTalk Unused
|
|
#define PORT_SURMEAS 243 // Survey Measurement
|
|
#define PORT_LINK 245 // LINK
|
|
#define PORT_DSP3270 246 // Display Systems Protocol
|
|
#define PORT_LDAP1 389 // LDAP
|
|
#define PORT_ISAKMP 500 // ISAKMP
|
|
#define PORT_REXEC 512 // Remote Process Execution
|
|
#define PORT_RLOGIN 513 // Remote login a la telnet
|
|
#define PORT_RSH 514 // Remote command
|
|
#define PORT_LPD 515 // Line printer spooler - LPD
|
|
#define PORT_RIP 520 // TCP=? / UDP=RIP
|
|
#define PORT_TEMPO 526 // Newdate
|
|
#define PORT_COURIER 530 // rpc
|
|
#define PORT_NETNEWS 532 // READNEWS
|
|
#define PORT_UUCPD 540 // UUCPD
|
|
#define PORT_KLOGIN 543 //
|
|
#define PORT_KSHELL 544 // krcmd
|
|
#define PORT_DSF 555 //
|
|
#define PORT_REMOTEEFS 556 // RFS server
|
|
#define PORT_CHSHELL 562 // chmod
|
|
#define PORT_METER 570 // METER
|
|
#define PORT_PCSERVER 600 // SUN IPC Server
|
|
#define PORT_NQS 607 // NQS
|
|
#define PORT_HMMP_INDICATION 612 //
|
|
#define PORT_HMMP_OPERATION 613 //
|
|
#define PORT_MDQS 666 // MDQS
|
|
#define PORT_LPD721 721 // LPD Client (lpd client ports 721 - 731)
|
|
#define PORT_LPD722 722 // LPD Client (see RFC 1179)
|
|
#define PORT_LPD723 723 // LPD Client
|
|
#define PORT_LPD724 724 // LPD Client
|
|
#define PORT_LPD725 725 // LPD Client
|
|
#define PORT_LPD726 726 // LPD Client
|
|
#define PORT_LPD727 727 // LPD Client
|
|
#define PORT_LPD728 728 // LPD Client
|
|
#define PORT_LPD729 729 // LPD Client
|
|
#define PORT_LPD730 730 // LPD Client
|
|
#define PORT_LPD731 731 // LPD Client
|
|
#define PORT_RFILE 750 // RFILE
|
|
#define PORT_PUMP 751 // PUMP
|
|
#define PORT_QRH 752 // QRH
|
|
#define PORT_RRH 753 // RRH
|
|
#define PORT_TELL 754 // TELL
|
|
#define PORT_NLOGIN 758 // NLOGIN
|
|
#define PORT_CON 759 // CON
|
|
#define PORT_NS 760 // NS
|
|
#define PORT_RXE 761 // RXE
|
|
#define PORT_QUOTAD 762 // QUOTAD
|
|
#define PORT_CYCLESERV 763 // CYCLESERV
|
|
#define PORT_OMSERV 764 // OMSERV
|
|
#define PORT_WEBSTER 765 // WEBSTER
|
|
#define PORT_PHONEBOOK 767 // PHONE
|
|
#define PORT_VID 769 // VID
|
|
#define PORT_RTIP 771 // RTIP
|
|
#define PORT_CYCLESERV2 772 // CYCLESERV-2
|
|
#define PORT_SUBMIT 773 // submit
|
|
#define PORT_RPASSWD 774 // RPASSWD
|
|
#define PORT_ENTOMB 775 // ENTOMB
|
|
#define PORT_WPAGES 776 // WPAGES
|
|
#define PORT_WPGS 780 // wpgs
|
|
#define PORT_MDBSDAEMON 800 // MDBS DAEMON
|
|
#define PORT_DEVICE 801 // DEVICE
|
|
#define PORT_MAITRD 997 // MAITRD
|
|
#define PORT_BUSBOY 998 // BUSBOY
|
|
#define PORT_GARCON 999 // GARCON
|
|
#define PORT_NFS 2049 // NFS
|
|
#define PORT_LDAP2 3268 // LDAP
|
|
#define PORT_PPTP 5678 // PPTP
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMIcmpStructs.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
|
|
//
|
|
// ICMP Frame Structure
|
|
//
|
|
typedef struct _RequestReplyFields
|
|
{
|
|
WORD ID;
|
|
WORD SeqNo;
|
|
} ReqReply;
|
|
|
|
typedef struct _ParameterProblemFields
|
|
{
|
|
BYTE Pointer;
|
|
BYTE junk[ 3 ];
|
|
} ParmProb;
|
|
|
|
typedef struct _TimestampFields
|
|
{
|
|
DWORD tsOrig;
|
|
DWORD tsRecv;
|
|
DWORD tsXmit;
|
|
} TS;
|
|
|
|
typedef struct _RouterAnnounceHeaderFields
|
|
{
|
|
BYTE NumAddrs;
|
|
BYTE AddrEntrySize;
|
|
WORD Lifetime;
|
|
} RouterAH;
|
|
|
|
typedef struct _RouterAnnounceEntry
|
|
{
|
|
DWORD Address;
|
|
DWORD PreferenceLevel;
|
|
} RouterAE;
|
|
|
|
typedef struct _ICMP
|
|
{
|
|
BYTE Type;
|
|
BYTE Code;
|
|
WORD Checksum;
|
|
union
|
|
{
|
|
DWORD Unused;
|
|
DWORD Address;
|
|
ReqReply RR;
|
|
ParmProb PP;
|
|
RouterAH RAH;
|
|
};
|
|
|
|
union
|
|
{
|
|
TS Time;
|
|
IP IP;
|
|
RouterAE RAE[0];
|
|
};
|
|
} ICMP;
|
|
|
|
typedef ICMP * LPICMP;
|
|
typedef ICMP UNALIGNED * ULPICMP;
|
|
#define ICMP_HEADER_LENGTH ( 8 )
|
|
|
|
// # of *BYTES* of IP data to attach to
|
|
// datagram in addition to IP header
|
|
#define ICMP_IP_DATA_LENGTH ( 8 )
|
|
|
|
//
|
|
// ICMP Packet Types
|
|
//
|
|
#define ECHO_REPLY ( 0 )
|
|
|
|
#define DESTINATION_UNREACHABLE ( 3 )
|
|
|
|
#define SOURCE_QUENCH ( 4 )
|
|
|
|
#define REDIRECT ( 5 )
|
|
|
|
#define ECHO ( 8 )
|
|
|
|
#define ROUTER_ADVERTISEMENT ( 9 )
|
|
|
|
#define ROUTER_SOLICITATION ( 10 )
|
|
|
|
#define TIME_EXCEEDED ( 11 )
|
|
|
|
#define PARAMETER_PROBLEM ( 12 )
|
|
|
|
#define TIMESTAMP ( 13 )
|
|
|
|
#define TIMESTAMP_REPLY ( 14 )
|
|
|
|
#define INFORMATION_REQUEST ( 15 )
|
|
|
|
#define INFORMATION_REPLY ( 16 )
|
|
|
|
#define ADDRESS_MASK_REQUEST ( 17 )
|
|
|
|
#define ADDRESS_MASK_REPLY ( 18 )
|
|
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMIpxStructs.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// IPX
|
|
typedef /* [public][public][public][public][public][public][public] */ struct __MIDL___MIDL_itf_netmon_0000_0018
|
|
{
|
|
UCHAR ha_address[ 6 ];
|
|
} HOST_ADDRESS;
|
|
|
|
typedef struct _IPXADDRESS
|
|
{
|
|
ULONG ipx_NetNumber;
|
|
HOST_ADDRESS ipx_HostAddr;
|
|
} IPXADDRESS;
|
|
|
|
typedef IPXADDRESS UNALIGNED * PIPXADDRESS;
|
|
typedef struct _NET_ADDRESS
|
|
{
|
|
IPXADDRESS na_IPXAddr;
|
|
USHORT na_socket;
|
|
} NET_ADDRESS;
|
|
|
|
typedef NET_ADDRESS UNALIGNED * UPNET_ADDRESS;
|
|
// IPX Internetwork Packet eXchange Protocol Header.
|
|
typedef /* [public][public] */ struct __MIDL___MIDL_itf_netmon_0000_0019
|
|
{
|
|
USHORT ipx_checksum;
|
|
USHORT ipx_length;
|
|
UCHAR ipx_xport_control;
|
|
UCHAR ipx_packet_type;
|
|
NET_ADDRESS ipx_dest;
|
|
NET_ADDRESS ipx_source;
|
|
} IPX_HDR;
|
|
|
|
typedef IPX_HDR UNALIGNED * ULPIPX_HDR;
|
|
// SPX - Sequenced Packet Protocol
|
|
typedef struct _SPX_HDR
|
|
{
|
|
IPX_HDR spx_idp_hdr;
|
|
UCHAR spx_conn_ctrl;
|
|
UCHAR spx_data_type;
|
|
USHORT spx_src_conn_id;
|
|
USHORT spx_dest_conn_id;
|
|
USHORT spx_sequence_num;
|
|
USHORT spx_ack_num;
|
|
USHORT spx_alloc_num;
|
|
} SPX_HDR;
|
|
|
|
typedef SPX_HDR UNALIGNED *PSPX_HDR;
|
|
//=============================================================================
|
|
//=============================================================================
|
|
// (NMTcpStructs.h)
|
|
//=============================================================================
|
|
//=============================================================================
|
|
//
|
|
// TCP Packet Structure
|
|
//
|
|
typedef struct _TCP
|
|
{
|
|
WORD SrcPort;
|
|
WORD DstPort;
|
|
DWORD SeqNum;
|
|
DWORD AckNum;
|
|
BYTE DataOff;
|
|
BYTE Flags;
|
|
WORD Window;
|
|
WORD Chksum;
|
|
WORD UrgPtr;
|
|
} TCP;
|
|
|
|
typedef TCP *LPTCP;
|
|
|
|
typedef TCP UNALIGNED * ULPTCP;
|
|
INLINE DWORD TCP_HdrLen(ULPTCP pTCP)
|
|
{
|
|
return (pTCP->DataOff & 0xf0) >> 2;
|
|
}
|
|
|
|
INLINE DWORD TCP_SrcPort(ULPTCP pTCP)
|
|
{
|
|
return XCHG(pTCP->SrcPort);
|
|
}
|
|
|
|
INLINE DWORD TCP_DstPort(ULPTCP pTCP)
|
|
{
|
|
return XCHG(pTCP->DstPort);
|
|
}
|
|
//
|
|
// TCP Option Opcodes
|
|
//
|
|
#define TCP_OPTION_ENDOFOPTIONS ( 0 )
|
|
|
|
#define TCP_OPTION_NOP ( 1 )
|
|
|
|
#define TCP_OPTION_MAXSEGSIZE ( 2 )
|
|
|
|
#define TCP_OPTION_WSCALE ( 3 )
|
|
|
|
#define TCP_OPTION_SACK_PERMITTED ( 4 )
|
|
|
|
#define TCP_OPTION_SACK ( 5 )
|
|
|
|
#define TCP_OPTION_TIMESTAMPS ( 8 )
|
|
|
|
//
|
|
// TCP Flags
|
|
//
|
|
#define TCP_FLAG_URGENT ( 0x20 )
|
|
|
|
#define TCP_FLAG_ACK ( 0x10 )
|
|
|
|
#define TCP_FLAG_PUSH ( 0x8 )
|
|
|
|
#define TCP_FLAG_RESET ( 0x4 )
|
|
|
|
#define TCP_FLAG_SYN ( 0x2 )
|
|
|
|
#define TCP_FLAG_FIN ( 0x1 )
|
|
|
|
//
|
|
// TCP Field Masks
|
|
//
|
|
#define TCP_RESERVED_MASK ( 0xfc0 )
|
|
|
|
|
|
#pragma pack(pop)
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
// IDelaydC - used by a consumer to get frames after a capture has completed.
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
#define DEFAULT_DELAYED_BUFFER_SIZE ( 1 )
|
|
|
|
#define USE_DEFAULT_DRIVE_LETTER ( 0 )
|
|
|
|
#define RTC_FRAME_SIZE_FULL ( 0 )
|
|
|
|
|
|
|
|
extern RPC_IF_HANDLE __MIDL_itf_netmon_0000_v0_0_c_ifspec;
|
|
extern RPC_IF_HANDLE __MIDL_itf_netmon_0000_v0_0_s_ifspec;
|
|
|
|
#ifndef __IDelaydC_INTERFACE_DEFINED__
|
|
#define __IDelaydC_INTERFACE_DEFINED__
|
|
|
|
/* interface IDelaydC */
|
|
/* [local][unique][uuid][object] */
|
|
|
|
|
|
EXTERN_C const IID IID_IDelaydC;
|
|
|
|
#if defined(__cplusplus) && !defined(CINTERFACE)
|
|
|
|
MIDL_INTERFACE("BFF9C030-B58F-11ce-B5B0-00AA006CB37D")
|
|
IDelaydC : public IUnknown
|
|
{
|
|
public:
|
|
virtual HRESULT STDMETHODCALLTYPE Connect(
|
|
/* [in] */ HBLOB hInputBlob,
|
|
/* [in] */ LPVOID StatusCallbackProc,
|
|
/* [in] */ LPVOID UserContext,
|
|
/* [out] */ HBLOB hErrorBlob) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Disconnect( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE QueryStatus(
|
|
/* [out] */ NETWORKSTATUS *pNetworkStatus) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Configure(
|
|
/* [in] */ HBLOB hConfigurationBlob,
|
|
/* [out] */ HBLOB hErrorBlob) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Start(
|
|
/* [out] */ char *pFileName) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Pause( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Resume( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Stop(
|
|
/* [out] */ LPSTATISTICS lpStats) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE GetControlState(
|
|
/* [out] */ BOOL *IsRunnning,
|
|
/* [out] */ BOOL *IsPaused) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE GetTotalStatistics(
|
|
/* [out] */ LPSTATISTICS lpStats,
|
|
/* [in] */ BOOL fClearAfterReading) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE GetConversationStatistics(
|
|
/* [out] */ DWORD *nSessions,
|
|
/* [size_is][out] */ LPSESSIONSTATS lpSessionStats,
|
|
/* [out] */ DWORD *nStations,
|
|
/* [size_is][out] */ LPSTATIONSTATS lpStationStats,
|
|
/* [in] */ BOOL fClearAfterReading) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE InsertSpecialFrame(
|
|
/* [in] */ DWORD FrameType,
|
|
/* [in] */ DWORD Flags,
|
|
/* [in] */ BYTE *pUserData,
|
|
/* [in] */ DWORD UserDataLength) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE QueryStations(
|
|
/* [out][in] */ QUERYTABLE *lpQueryTable) = 0;
|
|
|
|
};
|
|
|
|
#else /* C style interface */
|
|
|
|
typedef struct IDelaydCVtbl
|
|
{
|
|
BEGIN_INTERFACE
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *QueryInterface )(
|
|
IDelaydC * This,
|
|
/* [in] */ REFIID riid,
|
|
/* [iid_is][out] */ void **ppvObject);
|
|
|
|
ULONG ( STDMETHODCALLTYPE *AddRef )(
|
|
IDelaydC * This);
|
|
|
|
ULONG ( STDMETHODCALLTYPE *Release )(
|
|
IDelaydC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Connect )(
|
|
IDelaydC * This,
|
|
/* [in] */ HBLOB hInputBlob,
|
|
/* [in] */ LPVOID StatusCallbackProc,
|
|
/* [in] */ LPVOID UserContext,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Disconnect )(
|
|
IDelaydC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *QueryStatus )(
|
|
IDelaydC * This,
|
|
/* [out] */ NETWORKSTATUS *pNetworkStatus);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Configure )(
|
|
IDelaydC * This,
|
|
/* [in] */ HBLOB hConfigurationBlob,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Start )(
|
|
IDelaydC * This,
|
|
/* [out] */ char *pFileName);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Pause )(
|
|
IDelaydC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Resume )(
|
|
IDelaydC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Stop )(
|
|
IDelaydC * This,
|
|
/* [out] */ LPSTATISTICS lpStats);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *GetControlState )(
|
|
IDelaydC * This,
|
|
/* [out] */ BOOL *IsRunnning,
|
|
/* [out] */ BOOL *IsPaused);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *GetTotalStatistics )(
|
|
IDelaydC * This,
|
|
/* [out] */ LPSTATISTICS lpStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *GetConversationStatistics )(
|
|
IDelaydC * This,
|
|
/* [out] */ DWORD *nSessions,
|
|
/* [size_is][out] */ LPSESSIONSTATS lpSessionStats,
|
|
/* [out] */ DWORD *nStations,
|
|
/* [size_is][out] */ LPSTATIONSTATS lpStationStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *InsertSpecialFrame )(
|
|
IDelaydC * This,
|
|
/* [in] */ DWORD FrameType,
|
|
/* [in] */ DWORD Flags,
|
|
/* [in] */ BYTE *pUserData,
|
|
/* [in] */ DWORD UserDataLength);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *QueryStations )(
|
|
IDelaydC * This,
|
|
/* [out][in] */ QUERYTABLE *lpQueryTable);
|
|
|
|
END_INTERFACE
|
|
} IDelaydCVtbl;
|
|
|
|
interface IDelaydC
|
|
{
|
|
CONST_VTBL struct IDelaydCVtbl *lpVtbl;
|
|
};
|
|
|
|
|
|
|
|
#ifdef COBJMACROS
|
|
|
|
|
|
#define IDelaydC_QueryInterface(This,riid,ppvObject) \
|
|
(This)->lpVtbl -> QueryInterface(This,riid,ppvObject)
|
|
|
|
#define IDelaydC_AddRef(This) \
|
|
(This)->lpVtbl -> AddRef(This)
|
|
|
|
#define IDelaydC_Release(This) \
|
|
(This)->lpVtbl -> Release(This)
|
|
|
|
|
|
#define IDelaydC_Connect(This,hInputBlob,StatusCallbackProc,UserContext,hErrorBlob) \
|
|
(This)->lpVtbl -> Connect(This,hInputBlob,StatusCallbackProc,UserContext,hErrorBlob)
|
|
|
|
#define IDelaydC_Disconnect(This) \
|
|
(This)->lpVtbl -> Disconnect(This)
|
|
|
|
#define IDelaydC_QueryStatus(This,pNetworkStatus) \
|
|
(This)->lpVtbl -> QueryStatus(This,pNetworkStatus)
|
|
|
|
#define IDelaydC_Configure(This,hConfigurationBlob,hErrorBlob) \
|
|
(This)->lpVtbl -> Configure(This,hConfigurationBlob,hErrorBlob)
|
|
|
|
#define IDelaydC_Start(This,pFileName) \
|
|
(This)->lpVtbl -> Start(This,pFileName)
|
|
|
|
#define IDelaydC_Pause(This) \
|
|
(This)->lpVtbl -> Pause(This)
|
|
|
|
#define IDelaydC_Resume(This) \
|
|
(This)->lpVtbl -> Resume(This)
|
|
|
|
#define IDelaydC_Stop(This,lpStats) \
|
|
(This)->lpVtbl -> Stop(This,lpStats)
|
|
|
|
#define IDelaydC_GetControlState(This,IsRunnning,IsPaused) \
|
|
(This)->lpVtbl -> GetControlState(This,IsRunnning,IsPaused)
|
|
|
|
#define IDelaydC_GetTotalStatistics(This,lpStats,fClearAfterReading) \
|
|
(This)->lpVtbl -> GetTotalStatistics(This,lpStats,fClearAfterReading)
|
|
|
|
#define IDelaydC_GetConversationStatistics(This,nSessions,lpSessionStats,nStations,lpStationStats,fClearAfterReading) \
|
|
(This)->lpVtbl -> GetConversationStatistics(This,nSessions,lpSessionStats,nStations,lpStationStats,fClearAfterReading)
|
|
|
|
#define IDelaydC_InsertSpecialFrame(This,FrameType,Flags,pUserData,UserDataLength) \
|
|
(This)->lpVtbl -> InsertSpecialFrame(This,FrameType,Flags,pUserData,UserDataLength)
|
|
|
|
#define IDelaydC_QueryStations(This,lpQueryTable) \
|
|
(This)->lpVtbl -> QueryStations(This,lpQueryTable)
|
|
|
|
#endif /* COBJMACROS */
|
|
|
|
|
|
#endif /* C style interface */
|
|
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_Connect_Proxy(
|
|
IDelaydC * This,
|
|
/* [in] */ HBLOB hInputBlob,
|
|
/* [in] */ LPVOID StatusCallbackProc,
|
|
/* [in] */ LPVOID UserContext,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_Connect_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_Disconnect_Proxy(
|
|
IDelaydC * This);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_Disconnect_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_QueryStatus_Proxy(
|
|
IDelaydC * This,
|
|
/* [out] */ NETWORKSTATUS *pNetworkStatus);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_QueryStatus_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_Configure_Proxy(
|
|
IDelaydC * This,
|
|
/* [in] */ HBLOB hConfigurationBlob,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_Configure_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_Start_Proxy(
|
|
IDelaydC * This,
|
|
/* [out] */ char *pFileName);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_Start_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_Pause_Proxy(
|
|
IDelaydC * This);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_Pause_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_Resume_Proxy(
|
|
IDelaydC * This);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_Resume_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_Stop_Proxy(
|
|
IDelaydC * This,
|
|
/* [out] */ LPSTATISTICS lpStats);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_Stop_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_GetControlState_Proxy(
|
|
IDelaydC * This,
|
|
/* [out] */ BOOL *IsRunnning,
|
|
/* [out] */ BOOL *IsPaused);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_GetControlState_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_GetTotalStatistics_Proxy(
|
|
IDelaydC * This,
|
|
/* [out] */ LPSTATISTICS lpStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_GetTotalStatistics_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_GetConversationStatistics_Proxy(
|
|
IDelaydC * This,
|
|
/* [out] */ DWORD *nSessions,
|
|
/* [size_is][out] */ LPSESSIONSTATS lpSessionStats,
|
|
/* [out] */ DWORD *nStations,
|
|
/* [size_is][out] */ LPSTATIONSTATS lpStationStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_GetConversationStatistics_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_InsertSpecialFrame_Proxy(
|
|
IDelaydC * This,
|
|
/* [in] */ DWORD FrameType,
|
|
/* [in] */ DWORD Flags,
|
|
/* [in] */ BYTE *pUserData,
|
|
/* [in] */ DWORD UserDataLength);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_InsertSpecialFrame_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IDelaydC_QueryStations_Proxy(
|
|
IDelaydC * This,
|
|
/* [out][in] */ QUERYTABLE *lpQueryTable);
|
|
|
|
|
|
void __RPC_STUB IDelaydC_QueryStations_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
|
|
#endif /* __IDelaydC_INTERFACE_DEFINED__ */
|
|
|
|
|
|
/* interface __MIDL_itf_netmon_0010 */
|
|
/* [local] */
|
|
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
// IRTC - used by a consumer to get an interface to local entry points
|
|
// necessary to do real time capture processing. It includes a method
|
|
// for handing a callback to the NPP.
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
#define DEFAULT_RTC_BUFFER_SIZE ( 0x100000 )
|
|
|
|
|
|
|
|
extern RPC_IF_HANDLE __MIDL_itf_netmon_0010_v0_0_c_ifspec;
|
|
extern RPC_IF_HANDLE __MIDL_itf_netmon_0010_v0_0_s_ifspec;
|
|
|
|
#ifndef __IRTC_INTERFACE_DEFINED__
|
|
#define __IRTC_INTERFACE_DEFINED__
|
|
|
|
/* interface IRTC */
|
|
/* [local][unique][uuid][object] */
|
|
|
|
|
|
EXTERN_C const IID IID_IRTC;
|
|
|
|
#if defined(__cplusplus) && !defined(CINTERFACE)
|
|
|
|
MIDL_INTERFACE("4811EA40-B582-11ce-B5AF-00AA006CB37D")
|
|
IRTC : public IUnknown
|
|
{
|
|
public:
|
|
virtual HRESULT STDMETHODCALLTYPE Connect(
|
|
/* [in] */ HBLOB hInputBlob,
|
|
/* [in] */ LPVOID StatusCallbackProc,
|
|
/* [in] */ LPVOID FramesCallbackProc,
|
|
/* [in] */ LPVOID UserContext,
|
|
/* [out] */ HBLOB hErrorBlob) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Disconnect( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE QueryStatus(
|
|
/* [out] */ NETWORKSTATUS *pNetworkStatus) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Configure(
|
|
/* [in] */ HBLOB hConfigurationBlob,
|
|
/* [out] */ HBLOB hErrorBlob) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Start( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Pause( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Resume( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Stop( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE GetControlState(
|
|
/* [out] */ BOOL *IsRunnning,
|
|
/* [out] */ BOOL *IsPaused) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE GetTotalStatistics(
|
|
/* [out] */ LPSTATISTICS lpStats,
|
|
/* [in] */ BOOL fClearAfterReading) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE GetConversationStatistics(
|
|
/* [out] */ DWORD *nSessions,
|
|
/* [size_is][out] */ LPSESSIONSTATS lpSessionStats,
|
|
/* [out] */ DWORD *nStations,
|
|
/* [size_is][out] */ LPSTATIONSTATS lpStationStats,
|
|
/* [in] */ BOOL fClearAfterReading) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE InsertSpecialFrame(
|
|
/* [in] */ DWORD FrameType,
|
|
/* [in] */ DWORD Flags,
|
|
/* [in] */ BYTE *pUserData,
|
|
/* [in] */ DWORD UserDataLength) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE QueryStations(
|
|
/* [out][in] */ QUERYTABLE *lpQueryTable) = 0;
|
|
|
|
};
|
|
|
|
#else /* C style interface */
|
|
|
|
typedef struct IRTCVtbl
|
|
{
|
|
BEGIN_INTERFACE
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *QueryInterface )(
|
|
IRTC * This,
|
|
/* [in] */ REFIID riid,
|
|
/* [iid_is][out] */ void **ppvObject);
|
|
|
|
ULONG ( STDMETHODCALLTYPE *AddRef )(
|
|
IRTC * This);
|
|
|
|
ULONG ( STDMETHODCALLTYPE *Release )(
|
|
IRTC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Connect )(
|
|
IRTC * This,
|
|
/* [in] */ HBLOB hInputBlob,
|
|
/* [in] */ LPVOID StatusCallbackProc,
|
|
/* [in] */ LPVOID FramesCallbackProc,
|
|
/* [in] */ LPVOID UserContext,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Disconnect )(
|
|
IRTC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *QueryStatus )(
|
|
IRTC * This,
|
|
/* [out] */ NETWORKSTATUS *pNetworkStatus);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Configure )(
|
|
IRTC * This,
|
|
/* [in] */ HBLOB hConfigurationBlob,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Start )(
|
|
IRTC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Pause )(
|
|
IRTC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Resume )(
|
|
IRTC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Stop )(
|
|
IRTC * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *GetControlState )(
|
|
IRTC * This,
|
|
/* [out] */ BOOL *IsRunnning,
|
|
/* [out] */ BOOL *IsPaused);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *GetTotalStatistics )(
|
|
IRTC * This,
|
|
/* [out] */ LPSTATISTICS lpStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *GetConversationStatistics )(
|
|
IRTC * This,
|
|
/* [out] */ DWORD *nSessions,
|
|
/* [size_is][out] */ LPSESSIONSTATS lpSessionStats,
|
|
/* [out] */ DWORD *nStations,
|
|
/* [size_is][out] */ LPSTATIONSTATS lpStationStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *InsertSpecialFrame )(
|
|
IRTC * This,
|
|
/* [in] */ DWORD FrameType,
|
|
/* [in] */ DWORD Flags,
|
|
/* [in] */ BYTE *pUserData,
|
|
/* [in] */ DWORD UserDataLength);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *QueryStations )(
|
|
IRTC * This,
|
|
/* [out][in] */ QUERYTABLE *lpQueryTable);
|
|
|
|
END_INTERFACE
|
|
} IRTCVtbl;
|
|
|
|
interface IRTC
|
|
{
|
|
CONST_VTBL struct IRTCVtbl *lpVtbl;
|
|
};
|
|
|
|
|
|
|
|
#ifdef COBJMACROS
|
|
|
|
|
|
#define IRTC_QueryInterface(This,riid,ppvObject) \
|
|
(This)->lpVtbl -> QueryInterface(This,riid,ppvObject)
|
|
|
|
#define IRTC_AddRef(This) \
|
|
(This)->lpVtbl -> AddRef(This)
|
|
|
|
#define IRTC_Release(This) \
|
|
(This)->lpVtbl -> Release(This)
|
|
|
|
|
|
#define IRTC_Connect(This,hInputBlob,StatusCallbackProc,FramesCallbackProc,UserContext,hErrorBlob) \
|
|
(This)->lpVtbl -> Connect(This,hInputBlob,StatusCallbackProc,FramesCallbackProc,UserContext,hErrorBlob)
|
|
|
|
#define IRTC_Disconnect(This) \
|
|
(This)->lpVtbl -> Disconnect(This)
|
|
|
|
#define IRTC_QueryStatus(This,pNetworkStatus) \
|
|
(This)->lpVtbl -> QueryStatus(This,pNetworkStatus)
|
|
|
|
#define IRTC_Configure(This,hConfigurationBlob,hErrorBlob) \
|
|
(This)->lpVtbl -> Configure(This,hConfigurationBlob,hErrorBlob)
|
|
|
|
#define IRTC_Start(This) \
|
|
(This)->lpVtbl -> Start(This)
|
|
|
|
#define IRTC_Pause(This) \
|
|
(This)->lpVtbl -> Pause(This)
|
|
|
|
#define IRTC_Resume(This) \
|
|
(This)->lpVtbl -> Resume(This)
|
|
|
|
#define IRTC_Stop(This) \
|
|
(This)->lpVtbl -> Stop(This)
|
|
|
|
#define IRTC_GetControlState(This,IsRunnning,IsPaused) \
|
|
(This)->lpVtbl -> GetControlState(This,IsRunnning,IsPaused)
|
|
|
|
#define IRTC_GetTotalStatistics(This,lpStats,fClearAfterReading) \
|
|
(This)->lpVtbl -> GetTotalStatistics(This,lpStats,fClearAfterReading)
|
|
|
|
#define IRTC_GetConversationStatistics(This,nSessions,lpSessionStats,nStations,lpStationStats,fClearAfterReading) \
|
|
(This)->lpVtbl -> GetConversationStatistics(This,nSessions,lpSessionStats,nStations,lpStationStats,fClearAfterReading)
|
|
|
|
#define IRTC_InsertSpecialFrame(This,FrameType,Flags,pUserData,UserDataLength) \
|
|
(This)->lpVtbl -> InsertSpecialFrame(This,FrameType,Flags,pUserData,UserDataLength)
|
|
|
|
#define IRTC_QueryStations(This,lpQueryTable) \
|
|
(This)->lpVtbl -> QueryStations(This,lpQueryTable)
|
|
|
|
#endif /* COBJMACROS */
|
|
|
|
|
|
#endif /* C style interface */
|
|
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_Connect_Proxy(
|
|
IRTC * This,
|
|
/* [in] */ HBLOB hInputBlob,
|
|
/* [in] */ LPVOID StatusCallbackProc,
|
|
/* [in] */ LPVOID FramesCallbackProc,
|
|
/* [in] */ LPVOID UserContext,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
|
|
void __RPC_STUB IRTC_Connect_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_Disconnect_Proxy(
|
|
IRTC * This);
|
|
|
|
|
|
void __RPC_STUB IRTC_Disconnect_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_QueryStatus_Proxy(
|
|
IRTC * This,
|
|
/* [out] */ NETWORKSTATUS *pNetworkStatus);
|
|
|
|
|
|
void __RPC_STUB IRTC_QueryStatus_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_Configure_Proxy(
|
|
IRTC * This,
|
|
/* [in] */ HBLOB hConfigurationBlob,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
|
|
void __RPC_STUB IRTC_Configure_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_Start_Proxy(
|
|
IRTC * This);
|
|
|
|
|
|
void __RPC_STUB IRTC_Start_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_Pause_Proxy(
|
|
IRTC * This);
|
|
|
|
|
|
void __RPC_STUB IRTC_Pause_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_Resume_Proxy(
|
|
IRTC * This);
|
|
|
|
|
|
void __RPC_STUB IRTC_Resume_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_Stop_Proxy(
|
|
IRTC * This);
|
|
|
|
|
|
void __RPC_STUB IRTC_Stop_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_GetControlState_Proxy(
|
|
IRTC * This,
|
|
/* [out] */ BOOL *IsRunnning,
|
|
/* [out] */ BOOL *IsPaused);
|
|
|
|
|
|
void __RPC_STUB IRTC_GetControlState_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_GetTotalStatistics_Proxy(
|
|
IRTC * This,
|
|
/* [out] */ LPSTATISTICS lpStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
|
|
void __RPC_STUB IRTC_GetTotalStatistics_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_GetConversationStatistics_Proxy(
|
|
IRTC * This,
|
|
/* [out] */ DWORD *nSessions,
|
|
/* [size_is][out] */ LPSESSIONSTATS lpSessionStats,
|
|
/* [out] */ DWORD *nStations,
|
|
/* [size_is][out] */ LPSTATIONSTATS lpStationStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
|
|
void __RPC_STUB IRTC_GetConversationStatistics_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_InsertSpecialFrame_Proxy(
|
|
IRTC * This,
|
|
/* [in] */ DWORD FrameType,
|
|
/* [in] */ DWORD Flags,
|
|
/* [in] */ BYTE *pUserData,
|
|
/* [in] */ DWORD UserDataLength);
|
|
|
|
|
|
void __RPC_STUB IRTC_InsertSpecialFrame_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IRTC_QueryStations_Proxy(
|
|
IRTC * This,
|
|
/* [out][in] */ QUERYTABLE *lpQueryTable);
|
|
|
|
|
|
void __RPC_STUB IRTC_QueryStations_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
|
|
#endif /* __IRTC_INTERFACE_DEFINED__ */
|
|
|
|
|
|
/* interface __MIDL_itf_netmon_0012 */
|
|
/* [local] */
|
|
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
// IStats - used by a consumer to get just statistics, no frames.
|
|
//****************************************************************************
|
|
//****************************************************************************
|
|
|
|
|
|
extern RPC_IF_HANDLE __MIDL_itf_netmon_0012_v0_0_c_ifspec;
|
|
extern RPC_IF_HANDLE __MIDL_itf_netmon_0012_v0_0_s_ifspec;
|
|
|
|
#ifndef __IStats_INTERFACE_DEFINED__
|
|
#define __IStats_INTERFACE_DEFINED__
|
|
|
|
/* interface IStats */
|
|
/* [local][unique][uuid][object] */
|
|
|
|
|
|
EXTERN_C const IID IID_IStats;
|
|
|
|
#if defined(__cplusplus) && !defined(CINTERFACE)
|
|
|
|
MIDL_INTERFACE("944AD530-B09D-11ce-B59C-00AA006CB37D")
|
|
IStats : public IUnknown
|
|
{
|
|
public:
|
|
virtual HRESULT STDMETHODCALLTYPE Connect(
|
|
/* [in] */ HBLOB hInputBlob,
|
|
/* [in] */ LPVOID StatusCallbackProc,
|
|
/* [in] */ LPVOID UserContext,
|
|
/* [out] */ HBLOB hErrorBlob) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Disconnect( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE QueryStatus(
|
|
/* [out] */ NETWORKSTATUS *pNetworkStatus) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Configure(
|
|
/* [in] */ HBLOB hConfigurationBlob,
|
|
/* [out] */ HBLOB hErrorBlob) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Start( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Pause( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Resume( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE Stop( void) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE GetControlState(
|
|
/* [out] */ BOOL *IsRunnning,
|
|
/* [out] */ BOOL *IsPaused) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE GetTotalStatistics(
|
|
/* [out] */ LPSTATISTICS lpStats,
|
|
/* [in] */ BOOL fClearAfterReading) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE GetConversationStatistics(
|
|
/* [out] */ DWORD *nSessions,
|
|
/* [size_is][out] */ LPSESSIONSTATS lpSessionStats,
|
|
/* [out] */ DWORD *nStations,
|
|
/* [size_is][out] */ LPSTATIONSTATS lpStationStats,
|
|
/* [in] */ BOOL fClearAfterReading) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE InsertSpecialFrame(
|
|
/* [in] */ DWORD FrameType,
|
|
/* [in] */ DWORD Flags,
|
|
/* [in] */ BYTE *pUserData,
|
|
/* [in] */ DWORD UserDataLength) = 0;
|
|
|
|
virtual HRESULT STDMETHODCALLTYPE QueryStations(
|
|
/* [out][in] */ QUERYTABLE *lpQueryTable) = 0;
|
|
|
|
};
|
|
|
|
#else /* C style interface */
|
|
|
|
typedef struct IStatsVtbl
|
|
{
|
|
BEGIN_INTERFACE
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *QueryInterface )(
|
|
IStats * This,
|
|
/* [in] */ REFIID riid,
|
|
/* [iid_is][out] */ void **ppvObject);
|
|
|
|
ULONG ( STDMETHODCALLTYPE *AddRef )(
|
|
IStats * This);
|
|
|
|
ULONG ( STDMETHODCALLTYPE *Release )(
|
|
IStats * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Connect )(
|
|
IStats * This,
|
|
/* [in] */ HBLOB hInputBlob,
|
|
/* [in] */ LPVOID StatusCallbackProc,
|
|
/* [in] */ LPVOID UserContext,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Disconnect )(
|
|
IStats * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *QueryStatus )(
|
|
IStats * This,
|
|
/* [out] */ NETWORKSTATUS *pNetworkStatus);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Configure )(
|
|
IStats * This,
|
|
/* [in] */ HBLOB hConfigurationBlob,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Start )(
|
|
IStats * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Pause )(
|
|
IStats * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Resume )(
|
|
IStats * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *Stop )(
|
|
IStats * This);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *GetControlState )(
|
|
IStats * This,
|
|
/* [out] */ BOOL *IsRunnning,
|
|
/* [out] */ BOOL *IsPaused);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *GetTotalStatistics )(
|
|
IStats * This,
|
|
/* [out] */ LPSTATISTICS lpStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *GetConversationStatistics )(
|
|
IStats * This,
|
|
/* [out] */ DWORD *nSessions,
|
|
/* [size_is][out] */ LPSESSIONSTATS lpSessionStats,
|
|
/* [out] */ DWORD *nStations,
|
|
/* [size_is][out] */ LPSTATIONSTATS lpStationStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *InsertSpecialFrame )(
|
|
IStats * This,
|
|
/* [in] */ DWORD FrameType,
|
|
/* [in] */ DWORD Flags,
|
|
/* [in] */ BYTE *pUserData,
|
|
/* [in] */ DWORD UserDataLength);
|
|
|
|
HRESULT ( STDMETHODCALLTYPE *QueryStations )(
|
|
IStats * This,
|
|
/* [out][in] */ QUERYTABLE *lpQueryTable);
|
|
|
|
END_INTERFACE
|
|
} IStatsVtbl;
|
|
|
|
interface IStats
|
|
{
|
|
CONST_VTBL struct IStatsVtbl *lpVtbl;
|
|
};
|
|
|
|
|
|
|
|
#ifdef COBJMACROS
|
|
|
|
|
|
#define IStats_QueryInterface(This,riid,ppvObject) \
|
|
(This)->lpVtbl -> QueryInterface(This,riid,ppvObject)
|
|
|
|
#define IStats_AddRef(This) \
|
|
(This)->lpVtbl -> AddRef(This)
|
|
|
|
#define IStats_Release(This) \
|
|
(This)->lpVtbl -> Release(This)
|
|
|
|
|
|
#define IStats_Connect(This,hInputBlob,StatusCallbackProc,UserContext,hErrorBlob) \
|
|
(This)->lpVtbl -> Connect(This,hInputBlob,StatusCallbackProc,UserContext,hErrorBlob)
|
|
|
|
#define IStats_Disconnect(This) \
|
|
(This)->lpVtbl -> Disconnect(This)
|
|
|
|
#define IStats_QueryStatus(This,pNetworkStatus) \
|
|
(This)->lpVtbl -> QueryStatus(This,pNetworkStatus)
|
|
|
|
#define IStats_Configure(This,hConfigurationBlob,hErrorBlob) \
|
|
(This)->lpVtbl -> Configure(This,hConfigurationBlob,hErrorBlob)
|
|
|
|
#define IStats_Start(This) \
|
|
(This)->lpVtbl -> Start(This)
|
|
|
|
#define IStats_Pause(This) \
|
|
(This)->lpVtbl -> Pause(This)
|
|
|
|
#define IStats_Resume(This) \
|
|
(This)->lpVtbl -> Resume(This)
|
|
|
|
#define IStats_Stop(This) \
|
|
(This)->lpVtbl -> Stop(This)
|
|
|
|
#define IStats_GetControlState(This,IsRunnning,IsPaused) \
|
|
(This)->lpVtbl -> GetControlState(This,IsRunnning,IsPaused)
|
|
|
|
#define IStats_GetTotalStatistics(This,lpStats,fClearAfterReading) \
|
|
(This)->lpVtbl -> GetTotalStatistics(This,lpStats,fClearAfterReading)
|
|
|
|
#define IStats_GetConversationStatistics(This,nSessions,lpSessionStats,nStations,lpStationStats,fClearAfterReading) \
|
|
(This)->lpVtbl -> GetConversationStatistics(This,nSessions,lpSessionStats,nStations,lpStationStats,fClearAfterReading)
|
|
|
|
#define IStats_InsertSpecialFrame(This,FrameType,Flags,pUserData,UserDataLength) \
|
|
(This)->lpVtbl -> InsertSpecialFrame(This,FrameType,Flags,pUserData,UserDataLength)
|
|
|
|
#define IStats_QueryStations(This,lpQueryTable) \
|
|
(This)->lpVtbl -> QueryStations(This,lpQueryTable)
|
|
|
|
#endif /* COBJMACROS */
|
|
|
|
|
|
#endif /* C style interface */
|
|
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_Connect_Proxy(
|
|
IStats * This,
|
|
/* [in] */ HBLOB hInputBlob,
|
|
/* [in] */ LPVOID StatusCallbackProc,
|
|
/* [in] */ LPVOID UserContext,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
|
|
void __RPC_STUB IStats_Connect_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_Disconnect_Proxy(
|
|
IStats * This);
|
|
|
|
|
|
void __RPC_STUB IStats_Disconnect_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_QueryStatus_Proxy(
|
|
IStats * This,
|
|
/* [out] */ NETWORKSTATUS *pNetworkStatus);
|
|
|
|
|
|
void __RPC_STUB IStats_QueryStatus_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_Configure_Proxy(
|
|
IStats * This,
|
|
/* [in] */ HBLOB hConfigurationBlob,
|
|
/* [out] */ HBLOB hErrorBlob);
|
|
|
|
|
|
void __RPC_STUB IStats_Configure_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_Start_Proxy(
|
|
IStats * This);
|
|
|
|
|
|
void __RPC_STUB IStats_Start_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_Pause_Proxy(
|
|
IStats * This);
|
|
|
|
|
|
void __RPC_STUB IStats_Pause_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_Resume_Proxy(
|
|
IStats * This);
|
|
|
|
|
|
void __RPC_STUB IStats_Resume_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_Stop_Proxy(
|
|
IStats * This);
|
|
|
|
|
|
void __RPC_STUB IStats_Stop_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_GetControlState_Proxy(
|
|
IStats * This,
|
|
/* [out] */ BOOL *IsRunnning,
|
|
/* [out] */ BOOL *IsPaused);
|
|
|
|
|
|
void __RPC_STUB IStats_GetControlState_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_GetTotalStatistics_Proxy(
|
|
IStats * This,
|
|
/* [out] */ LPSTATISTICS lpStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
|
|
void __RPC_STUB IStats_GetTotalStatistics_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_GetConversationStatistics_Proxy(
|
|
IStats * This,
|
|
/* [out] */ DWORD *nSessions,
|
|
/* [size_is][out] */ LPSESSIONSTATS lpSessionStats,
|
|
/* [out] */ DWORD *nStations,
|
|
/* [size_is][out] */ LPSTATIONSTATS lpStationStats,
|
|
/* [in] */ BOOL fClearAfterReading);
|
|
|
|
|
|
void __RPC_STUB IStats_GetConversationStatistics_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_InsertSpecialFrame_Proxy(
|
|
IStats * This,
|
|
/* [in] */ DWORD FrameType,
|
|
/* [in] */ DWORD Flags,
|
|
/* [in] */ BYTE *pUserData,
|
|
/* [in] */ DWORD UserDataLength);
|
|
|
|
|
|
void __RPC_STUB IStats_InsertSpecialFrame_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
HRESULT STDMETHODCALLTYPE IStats_QueryStations_Proxy(
|
|
IStats * This,
|
|
/* [out][in] */ QUERYTABLE *lpQueryTable);
|
|
|
|
|
|
void __RPC_STUB IStats_QueryStations_Stub(
|
|
IRpcStubBuffer *This,
|
|
IRpcChannelBuffer *_pRpcChannelBuffer,
|
|
PRPC_MESSAGE _pRpcMessage,
|
|
DWORD *_pdwStubPhase);
|
|
|
|
|
|
|
|
#endif /* __IStats_INTERFACE_DEFINED__ */
|
|
|
|
|
|
/* interface __MIDL_itf_netmon_0014 */
|
|
/* [local] */
|
|
|
|
#pragma warning(default:4200)
|
|
|
|
#pragma pack()
|
|
|
|
|
|
extern RPC_IF_HANDLE __MIDL_itf_netmon_0014_v0_0_c_ifspec;
|
|
extern RPC_IF_HANDLE __MIDL_itf_netmon_0014_v0_0_s_ifspec;
|
|
|
|
/* Additional Prototypes for ALL interfaces */
|
|
|
|
/* end of Additional Prototypes */
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif
|
|
|
|
|