public unsafe void SendPacket(Packets.Packet pkt) { bool worked = false; if (pkt.Outbound) { ETH_REQUEST Request = new ETH_REQUEST(); INTERMEDIATE_BUFFER *ib = pkt.IB; Request.EthPacket.Buffer = (IntPtr)ib; Request.hAdapterHandle = adapterHandle; if (!Ndisapi.SendPacketToAdapter(hNdisapi, ref Request)) { worked = false; } else { worked = true; } } else { ETH_REQUEST Request = new ETH_REQUEST(); INTERMEDIATE_BUFFER *ib = pkt.IB; Request.EthPacket.Buffer = (IntPtr)ib; Request.hAdapterHandle = adapterHandle; worked = Ndisapi.SendPacketToMstcp(hNdisapi, ref Request); } if (pkt.CodeGenerated) { pkt.ClearGeneratedPacket(); } }
void NewAdaptersLoop() { try { while (true) { Thread.Sleep(5000); if (!isNdisFilterDriverOpen) { OpenDriver(); } allAdapters = NetworkInterface.GetAllNetworkInterfaces(); TCP_AdapterList adList = new TCP_AdapterList(); Ndisapi.GetTcpipBoundAdaptersInfo(hNdisapi, ref adList); for (int x = 0; x < currentAdapters.Count; x++) { for (int y = 0; y < adList.m_nAdapterCount; y++) { if (adList.m_nAdapterHandle[y] == currentAdapters[x].adapterHandle) { string name = Encoding.ASCII.GetString(adList.m_szAdapterNameList, y * 256, 256); currentAdapters[x].UpdateNetworkInterface(name.Substring(0, name.IndexOf((char)0x00))); } } } for (int x = 0; x < adList.m_nAdapterCount; x++) { bool found = false; for (int y = 0; y < currentAdapters.Count; y++) { if (adList.m_nAdapterHandle[x] == currentAdapters[y].adapterHandle) { found = true; } } if (!found) { WinpkFilter newAdapter = new WinpkFilter(hNdisapi, adList.m_nAdapterHandle[x], Encoding.ASCII.GetString(adList.m_szAdapterNameList, x * 256, 256)); if (newAdapter.GetAdapterInformation() != null && !string.IsNullOrEmpty(newAdapter.GetAdapterInformation().Name)) { //lock (newAdapters) //{ newAdapters.Add(newAdapter); //} } } } } } catch (ThreadAbortException) { } catch (Exception e) { LogCenter.Instance.LogException(e); } }
void NewAdaptersLoop() { try { while (true) { Thread.Sleep(1000); if (!isNdisFilterDriverOpen) { OpenDriver(); } TCP_AdapterList adList = new TCP_AdapterList(); Ndisapi.GetTcpipBoundAdaptersInfo(hNdisapi, ref adList); for (int x = 0; x < currentAdapters.Count; x++) { for (int y = 0; y < adList.m_nAdapterCount; y++) { if (adList.m_nAdapterHandle[y] == currentAdapters[x].adapterHandle) { currentAdapters[x].UpdateNetworkInterface(Encoding.ASCII.GetString(adList.m_szAdapterNameList, y * 256, 256)); } } } for (int x = 0; x < adList.m_nAdapterCount; x++) { bool found = false; for (int y = 0; y < currentAdapters.Count; y++) { if (adList.m_nAdapterHandle[x] == currentAdapters[y].adapterHandle) { found = true; } } if (!found) { WinpkFilter newAdapter = new WinpkFilter(hNdisapi, adList.m_nAdapterHandle[x], Encoding.ASCII.GetString(adList.m_szAdapterNameList, x * 256, 256)); if (newAdapter.GetAdapterInformation() != null && !string.IsNullOrEmpty(newAdapter.GetAdapterInformation().Name)) { lock (newAdapters) { newAdapters.Add(newAdapter); } } } } } } catch (ThreadAbortException tae) { } }
public static unsafe string ConvertAdapterName(byte *bAdapterName, uint dwPlatformId, uint dwMajorVersion) { byte[] szAdapterName = new byte[256]; bool success = false; string res = null; fixed(byte *pbFriendlyName = szAdapterName) { if (dwPlatformId == 2 /*VER_PLATFORM_WIN32_NT*/) { if (dwMajorVersion > 4) { // Windows 2000 or XP success = Ndisapi.ConvertWindows2000AdapterName(bAdapterName, pbFriendlyName, (uint)szAdapterName.Length); } else if (dwMajorVersion == 4) { // Windows NT 4.0 success = Ndisapi.ConvertWindowsNTAdapterName(bAdapterName, pbFriendlyName, (uint)szAdapterName.Length); } } else { // Windows 9x/ME success = Ndisapi.ConvertWindows9xAdapterName(bAdapterName, pbFriendlyName, (uint)szAdapterName.Length); } if (success) { int zero_index = 0; while (zero_index < 256 && szAdapterName[zero_index] != 0) { ++zero_index; } res = System.Text.Encoding.ASCII.GetString(szAdapterName, 0, zero_index); } } return(res); }
public void OpenDriver() { if (hNdisapi != IntPtr.Zero) { LogCenter.Instance.LogDebugMessage("Bad state was found, attempting to open the NDIS Filter Driver while the IntPtr != IntPtr.Zero, continuing"); } hNdisapi = Ndisapi.OpenFilterDriver(Ndisapi.NDISRD_DRIVER_NAME); TCP_AdapterList adList = new TCP_AdapterList(); Ndisapi.GetTcpipBoundAdaptersInfo(hNdisapi, ref adList); if (adList.m_nAdapterCount == 0) { LogCenter.Instance.LogDebugMessage("No adapters found on this driver interface"); return; } isNdisFilterDriverOpen = true; if (updateThread == null) { updateThread = new Thread(NewAdaptersLoop); updateThread.Name = "WinpkFilterList New Adapters Loop"; updateThread.Start(); } }
public void CloseDriver() { Ndisapi.CloseFilterDriver(hNdisapi); isNdisFilterDriverOpen = false; }
void UpdateCurrentAdapters() { bool succeeded = false; while (!succeeded) { if (!isNdisFilterDriverOpen) { OpenDriver(); } TCP_AdapterList adList = new TCP_AdapterList(); Ndisapi.GetTcpipBoundAdaptersInfo(hNdisapi, ref adList); List <WinpkFilter> tempList = new List <WinpkFilter>(); //Populate with current adapters List <WinpkFilter> notFound = new List <WinpkFilter>(); for (int x = 0; x < currentAdapters.Count; x++) { bool found = false; for (int y = 0; y < adList.m_nAdapterCount; y++) { if (adList.m_nAdapterHandle[y] == currentAdapters[x].adapterHandle) { currentAdapters[x].UpdateNetworkInterface(Encoding.ASCII.GetString(adList.m_szAdapterNameList, y * 256, 256)); tempList.Add(currentAdapters[x]); found = true; } } if (!found) { notFound.Add(currentAdapters[x]); } } //Deal with no longer existant adapters for (int x = 0; x < notFound.Count; x++) { notFound[x].StopProcessing(); } //Adding any new adapters for (int x = 0; x < adList.m_nAdapterCount; x++) { bool found = false; for (int y = 0; y < currentAdapters.Count; y++) { if (adList.m_nAdapterHandle[x] == currentAdapters[y].adapterHandle) { found = true; } } if (!found) { WinpkFilter newAdapter = new WinpkFilter(hNdisapi, adList.m_nAdapterHandle[x], Encoding.ASCII.GetString(adList.m_szAdapterNameList, x * 256, 256)); if (newAdapter.GetAdapterInformation() != null && !string.IsNullOrEmpty(newAdapter.GetAdapterInformation().Name)) { tempList.Add(newAdapter); } } } currentAdapters = new List <WinpkFilter>(tempList); succeeded = true; } }
void SetPacketEvent() { hEvent = new ManualResetEvent(false); Ndisapi.SetPacketEvent(hNdisapi, adapterHandle, hEvent.SafeWaitHandle); }
void SetAdapterMode() { mode.dwFlags = Ndisapi.MSTCP_FLAG_SENT_TUNNEL | Ndisapi.MSTCP_FLAG_RECV_TUNNEL; mode.hAdapterHandle = adapterHandle; Ndisapi.SetAdapterMode(hNdisapi, ref mode); }
public unsafe void ProcessLoop() { // Allocate and initialize packet structures ETH_REQUEST Request = new ETH_REQUEST(); INTERMEDIATE_BUFFER PacketBuffer = new INTERMEDIATE_BUFFER(); IntPtr PacketBufferIntPtr = Marshal.AllocHGlobal(Marshal.SizeOf(PacketBuffer)); try { win32api.ZeroMemory(PacketBufferIntPtr, Marshal.SizeOf(PacketBuffer)); Request.hAdapterHandle = adapterHandle; Request.EthPacket.Buffer = PacketBufferIntPtr; Modules = new ModuleList(this); Modules.LoadExternalModules(); Modules.UpdateModuleOrder(); string folder = Configuration.ConfigurationManagement.Instance.ConfigurationPath; folder = folder + System.IO.Path.DirectorySeparatorChar + "pcapLogs"; if (!System.IO.Directory.Exists(folder)) { System.IO.Directory.CreateDirectory(folder); } string f = folder + System.IO.Path.DirectorySeparatorChar + "blocked-" + inter.Name + "-" + DateTime.Now.ToBinary() + ".pcap"; pcaplog = new PcapFileWriter(f); INTERMEDIATE_BUFFER *PacketPointer; while (true) { hEvent.WaitOne(); while (Ndisapi.ReadPacket(hNdisapi, ref Request)) { PacketPointer = (INTERMEDIATE_BUFFER *)PacketBufferIntPtr; Packet pkt = new EthPacket(PacketPointer).MakeNextLayerPacket(); if (pkt.Outbound) { inter.DataOut.AddBits(pkt.Length()); } else { inter.DataIn.AddBits(pkt.Length()); } bool drop = false; bool log = false; if (this.Filtering) { for (int x = 0; x < Modules.Count; x++) { NDISModule fm = Modules.GetModule(x); int pmr = fm.PacketMain(ref pkt); if (pmr == null) { continue; } if ((pmr & (int)PacketMainReturnType.LogPacket) == (int)PacketMainReturnType.LogPacket) { log = true; } if ((pmr & (int)PacketMainReturnType.Drop) == (int)PacketMainReturnType.Drop) { drop = true; break; } } } if (!drop && !DropAll) { if (pkt.Outbound) { Ndisapi.SendPacketToAdapter(hNdisapi, ref Request); } else { Ndisapi.SendPacketToMstcp(hNdisapi, ref Request); } } if (log) { pcaplog.AddPacket(pkt.Data(), (int)pkt.Length()); } } //OM NOM NOM PASTA! while (processQueue.Count != 0) { Packet pkt = processQueue.Dequeue().MakeNextLayerPacket(); if (pkt.Outbound) { inter.DataOut.AddBits(pkt.Length()); } else { inter.DataIn.AddBits(pkt.Length()); } bool drop = false; bool log = false; if (this.Filtering) { for (int x = 0; x < Modules.Count; x++) { NDISModule fm = Modules.GetModule(x); int pmr = fm.PacketMain(ref pkt); if (pmr == 0) { continue; } if ((pmr & (int)PacketMainReturnType.LogPacket) == (int)PacketMainReturnType.LogPacket) { log = true; } if ((pmr & (int)PacketMainReturnType.Drop) == (int)PacketMainReturnType.Drop) { drop = true; break; } } } if (!drop && !DropAll) { if (pkt.Outbound) { Ndisapi.SendPacketToAdapter(hNdisapi, ref Request); } else { Ndisapi.SendPacketToMstcp(hNdisapi, ref Request); } } if (log) { pcaplog.AddPacket(pkt.Data(), (int)pkt.Length()); } } hEvent.Reset(); } } catch (Exception tae) { Marshal.FreeHGlobal(PacketBufferIntPtr); } }