注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

BCB-DG's Blog

...

 
 
 

日志

 
 

枚舉網絡連接信息  

2010-05-24 09:54:31|  分类: Socket |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
作者:未知

用到 GetExtendedUdpTable 和 GetExtendedTCPTable 2个未公开的函数

使用的函数和结构体:

typedef struct _MIB_UDPROW_OWNER_MODULE {
DWORD dwLocalAddr;
DWORD dwLocalPort;
DWORD dwOwningPid;
LARGE_INTEGER liCreateTimestamp;
union {   
struct {      int SpecificPortBind :1;    };  
int dwFlags; };
ULONGLONG OwningModuleInfo[TCPIP_OWNING_MODULE_SIZE];//还没有公布的数据
} MIB_UDPROW_OWNER_MODULE, *PMIB_UDPRPW_OWNER_MODULE;

typedef struct _MIB_UDPTABLE_OWNER_MODULE {
DWORD dwNumEntries; MIB_UDPROW_OWNER_MODULE 结构的个数
MIB_UDPROW_OWNER_MODULE table[ANY_SIZE];
} MIB_UDPTABLE_OWNER_MODULE, *PMIB_UDPTABLE_OWNER_MODULE;

typedef struct _MIB_TCPROW_OWNER_PID {
DWORD dwState; //连接状态
DWORD dwLocalAddr; //本地计算机地址
DWORD dwLocalPort; //本地计算机端口
DWORD dwRemoteAddr; //远程计算机地址
DWORD dwRemotePort; //远程计算机端口
DWORD dwOwningPid;//进程ID
} MIB_TCPROW_OWNER_PID, *PMIB_TCPROW_OWNER_PID;

typedef struct {
DWORD dwNumEntries;
MIB_TCPROW_OWNER_PID table[ANY_SIZE];
} MIB_TCPTABLE_OWNER_PID, *PMIB_TCPTABLE_OWNER_PID;

DWORD GetExtendedUdpTable(
__out         PVOID pUdpTable,//返回查询结构体指针
__in_out      PDWORD pdwSize,//估计结构体大小
__in          BOOL bOrder,//是否排序
__in          ULONG ulAf,//是AF_INET还是AF_INET6
__in          UDP_TABLE_CLASS TableClass,//返回结构体的种类
__in          ULONG Reserved//保留值
);

DWORD GetExtendedTcpTable(
__out         PVOID pTcpTable,
__in_out      PDWORD pdwSize,//大小
__in          BOOL bOrder,
__in          ULONG ulAf,
__in          TCP_TABLE_CLASS TableClass,
__in          ULONG Reserved
);

#include <stdio.h>
#include <windows.h>
#include <tlhelp32.h>
#include <Iphlpapi.h>
#include<time.h>
#pragma comment(lib, "ws2_32.lib")
#pragma comment(lib,"Iphlpapi.lib")
#define HOSTNAMELEN 256
#define PORTNAMELEN 256
#define ADDRESSLEN HOSTNAMELEN+PORTNAMELEN

#define FLAG_ALL_ENDPOINTS 1
#define FLAG_SHOW_NUMBERS 2

typedef struct {
DWORD dwNumEntries;
MIB_TCPROW_OWNER_MODULE table[100];
} D_MIB_TCPTABLE_OWNER_MODULE, *D_PMIB_TCPTABLE_OWNER_MODULE;

typedef struct {
DWORD dwNumEntries;
MIB_UDPROW_OWNER_MODULE table[100];
} D_MIB_UDPTABLE_OWNER_MODULE, *D_PMIB_UDPTABLE_OWNER_MODULE;


static char TcpState[][32] = {
"???",
"CLOSED",
"LISTENING",
"SYN_SENT",
"SYN_RCVD",
"ESTABLISHED",
"FIN_WAIT1",
"FIN_WAIT2",
"CLOSE_WAIT",
"CLOSING",
"LAST_ACK",
"TIME_WAIT",
"DELETE_TCB"
};

PCHAR GetPort(unsigned int port, char* pPort)
{
wsprintf(pPort, "%d", htons( (WORD) port));
return pPort;
}

PCHAR GetIp(unsigned int ipaddr, char* pIP)
{
in_addr nipaddr;
nipaddr.S_un.S_addr= ipaddr;
strcpy(pIP,inet_ntoa(nipaddr));
return pIP;
}

PCHAR ProcessPidToName( HANDLE hProcessSnap,DWORD ProcessId,PCHAR ProcessName)
{
PROCESSENTRY32 processEntry;
strcpy( ProcessName, ".." );
if( !Process32First( hProcessSnap, &processEntry )) {
return ProcessName;
}
do {
if( processEntry.th32ProcessID == ProcessId )
{
strcpy( ProcessName, processEntry.szExeFile );
return ProcessName;
}
} while( Process32Next( hProcessSnap, &processEntry ));
return ProcessName;
}


int main(int argc, char* argv[])
{
int nRetCode;
DWORD i;
WSADATA WSAData;
HANDLE hProcessSnap;
D_MIB_TCPTABLE_OWNER_MODULE TCPExTable;
D_MIB_UDPTABLE_OWNER_MODULE UDPExTable;
DWORD UdpCount=sizeof(D_MIB_TCPTABLE_OWNER_MODULE);
DWORD TcpCount=sizeof(D_MIB_UDPTABLE_OWNER_MODULE);
char szProcessName[MAX_PATH];
char szLocalName[HOSTNAMELEN], szRemoteName[HOSTNAMELEN];
char szRemotePort[PORTNAMELEN], szLocalPort[PORTNAMELEN];
char szLocalAddress[ADDRESSLEN], szRemoteAddress[ADDRESSLEN];
struct tm *Time;


if( WSAStartup(MAKEWORD(1, 1), &WSAData ))
{
printf("WSAStartup error!\n");
return 0;
}

nRetCode= GetExtendedTcpTable(&TCPExTable,&TcpCount, TRUE,AF_INET, TCP_TABLE_OWNER_MODULE_ALL, 0);
if( nRetCode )
{
printf("GetExtendedTcpTable!\n");
return 0;
}
nRetCode = GetExtendedUdpTable(&UDPExTable,&UdpCount,TRUE,AF_INET,UDP_TABLE_OWNER_MODULE,0);
if( nRetCode )
{
printf("GetExtendedUdpTable.\n");
return -1;
}
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( hProcessSnap == INVALID_HANDLE_VALUE )
{
printf("CreateToolhelp32Snapshot Error!\n");
}

printf("%-6s%-20s%-20s%-11s%s\n", "协议", "本地地址","外部地址", "连接状态","进程");
for( i = 0; i < TCPExTable.dwNumEntries; i++)
{
wsprintf( szLocalAddress, "%s:%s", GetIp(TCPExTable.table[i].dwLocalAddr, szLocalName),GetPort(TCPExTable.table[i].dwLocalPort, szLocalPort));
wsprintf( szRemoteAddress, "%s:%s", GetIp(TCPExTable.table[i].dwRemoteAddr, szRemoteName),GetPort(TCPExTable.table[i].dwRemotePort, szRemotePort));

printf("%-6s%-20s%-20s%-11s%s:%d\n", "TCP",
szLocalAddress, szRemoteAddress,TcpState[TCPExTable.table[i].dwState],ProcessPidToName( hProcessSnap, TCPExTable.table[i].dwOwningPid, szProcessName),
TCPExTable.table[i].dwOwningPid);

}
for( i = 0; i < UDPExTable.dwNumEntries; i++ )
{
sprintf( szLocalAddress, "%s:%s",
GetIp(UDPExTable.table[i].dwLocalAddr, szLocalName),
GetPort(UDPExTable.table[i].dwLocalPort, szLocalPort));
sprintf( szRemoteAddress, "%s", "*:*");
printf("%-6s%-20s%-33s%s:%d\n", "UDP",
szLocalAddress, szRemoteAddress,
ProcessPidToName( hProcessSnap, UDPExTable.table[i].dwOwningPid, szProcessName),
UDPExTable.table[i].dwOwningPid
);

}
WSACleanup();
getchar();
return 0;
}

枚舉網絡連接信息 - BCB-DG - BCB-DGs Blog
  评论这张
 
阅读(1905)| 评论(0)
推荐 转载

历史上的今天

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017