GitHub/WinDivert
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: GitHub/WinDivert:master
Branches Tags
GitHub/WinDivert:master GitHub/WinDivert:eth_layer GitHub/WinDivert:release-v2.2.1 GitHub/WinDivert:flow_layer GitHub/WinDivert:v1.1.8
GitHub/WinDivert:v2.2.2 GitHub/WinDivert:v2.2.1 GitHub/WinDivert:v2.2.0 GitHub/WinDivert:v2.1.0 GitHub/WinDivert:v2.0.1-rc GitHub/WinDivert:v2.0.0-rc GitHub/WinDivert:v1.4.3 GitHub/WinDivert:v1.4.2 GitHub/WinDivert:v1.4.1 GitHub/WinDivert:v1.4.0-rc GitHub/WinDivert:v1.3.0 GitHub/WinDivert:v1.1.8 GitHub/WinDivert:v1.2.0-rc GitHub/WinDivert:v1.1.7 GitHub/WinDivert:v1.1.6 GitHub/WinDivert:v1.1.5 GitHub/WinDivert:v1.1.4 GitHub/WinDivert:v1.1.3 GitHub/WinDivert:v1.1.2-rc GitHub/WinDivert:v1.1.1 GitHub/WinDivert:v1.1.0-rc
..
pull from: GitHub/WinDivert:v1.1.8
Branches Tags
GitHub/WinDivert:eth_layer GitHub/WinDivert:release-v2.2.1 GitHub/WinDivert:master GitHub/WinDivert:flow_layer GitHub/WinDivert:v1.1.8
GitHub/WinDivert:v2.2.2 GitHub/WinDivert:v2.2.1 GitHub/WinDivert:v2.2.0 GitHub/WinDivert:v2.1.0 GitHub/WinDivert:v2.0.1-rc GitHub/WinDivert:v2.0.0-rc GitHub/WinDivert:v1.4.3 GitHub/WinDivert:v1.4.2 GitHub/WinDivert:v1.4.1 GitHub/WinDivert:v1.4.0-rc GitHub/WinDivert:v1.3.0 GitHub/WinDivert:v1.1.8 GitHub/WinDivert:v1.2.0-rc GitHub/WinDivert:v1.1.7 GitHub/WinDivert:v1.1.6 GitHub/WinDivert:v1.1.5 GitHub/WinDivert:v1.1.4 GitHub/WinDivert:v1.1.3 GitHub/WinDivert:v1.1.2-rc GitHub/WinDivert:v1.1.1 GitHub/WinDivert:v1.1.0-rc

1 Commits
master .. v1.1.8

Author SHA1 Message Date
basil00 92869a96c0 Fix ip.TOS and ipv6 comparison bug & bump version. 2015-07-28 22:00:13 +08:00
57 changed files with 5936 additions and 19640 deletions
Expand all files Collapse all files
CHANGELOG
-251
View File
@@ -61,254 +61,3 @@ WinDivert 1.1.7
WinDivert 1.1.8
- Fix ip.TOS handling bug.
- Fix IPv6 comparison bug.
WinDivert 1.2.0-rc
- The WinDivert filter language now supports C-style "(F1? F2: F3)"
expressions, where {F1,F2,F3} are themselves filter expressions.
- New WinDivert helper functions:
* WinDivertHelperCheckFilter() checks if a filter string is valid.
* WinDivertHelperEvalFilter() evaluates a filter on a packet.
- Some packets (specifically outbound or loopback packets) returned by
WinDivertRecv() or WinDivertRecvEx() are no longer required to have
correct checksums. Absent checksum fields will be set to zero. If need
be the checksums can be recovered by WinDivertHelperCalcChecksums().
- The WINDIVERT_FLAG_NO_CHECKSUM flag has been deprecated.
- The WinDivertHelperCalcChecksums() function now accepts a new
WINDIVERT_HELPER_NO_REPLACE flag, which indicates that non-zero checksum
fields should not be replaced.
- Support for the old WinDivert1.0 API has been removed.
WinDivert 1.2.1
- Identical to WinDivert 1.2.0-rc.
WinDivert 1.3.0
- Fix BSOD that sometimes occurs after abnormal user application exit.
- Fix BSOD that sometimes occurs when WinDivert is combined with other
callout drivers.
- WinDivertSend() has been optimized. However, it may not detect as
many packet injection errors as it could before.
WinDivert 1.4.0-rc
- Add a new WINDIVERT_PARAM_QUEUE_SIZE parameter that can be used to
control the maximum number of bytes used by the packet queue.
- Add a new WINDIVERT_FLAG_DEBUG flag that causes WinDivertSend() to
block until the packet exits the Windows TCP/IP stack. This is slower
but provides better error messages, so is useful for debugging.
- Internally queued packets are now reinjected when WinDivertClose() is
called instead of being dropped.
- WINDIVERT_ADDRESS now includes a Timestamp field that indicates when
the packet was first captured by WinDivert. The timestamp uses the
same clock as QueryPerformanceCounter().
- WINDIVERT_ADDRESS now includes a Loopback field that indicates whether
the packet is a loopback packet or not.
- The filter language has been extended to include a loopback field that
matches loopback packets.
- Loopback packets are now considered to be outbound-only.
- WINDIVERT_ADDRESS now includes an Impostor field which indicates that the
packet originated from another driver rather than from the network or
TCP/IP stack.
- WinDivertRecv() will eventually fail with ERROR_HOST_UNREACHABLE if
an impostor packet enters an infinite loop (see #41).
- The filter language has been extended to include an impostor field that
matches impostor packets.
- WINDIVERT_ADDRESS now includes three new flags relating to checksums:
* PseudoIPChecksum
* PseudoTCPChecksum
* PseudoUDPChecksum
When set, these flags indicate that the corresponding packet uses
"pseudo" IP/TCP/UDP checksums instead of the default full checksums.
Pseudo checksums are cheaper to calculate, and can be used when the
network hardware supports checksum offloading.
- WinDivertHelperCalcChecksums() now takes an optional pointer to a
WINDIVERT_ADDRESS structure, and calculates pseudo checksums if the
corresponding Pseudo*Checksum flag is set.
- The WINDIVERT_HELPER_NO_REPLACE flag for WinDivertHelperCalcChecksums()
has been deprecated. It is no longer necessary to calculate checksums
for unmodified packets.
WinDivert 1.4.1
- Dual license WinDivert under LGPLv3 and GPLv2.
WinDivert 1.4.2
- Add workaround for pseudo checksum issue (see #134).
WinDivert 1.4.3
- WinDivert.dll no longer depends on MSVCRT*.dll.
WinDivert 2.0.0-rc
- Add 3 new layers:
* WINDIVERT_LAYER_FLOW for tracking network "flow" events.
* WINDIVERT_LAYER_SOCKET for tracking "socket" events.
* WINDIVERT_LAYER_REFLECT for tracking WinDivert events.
- WINDIVERT_ADDRESS has been re-factored as follows:
* addr.Layer: The WINDIVERT_LAYER_* value for the handle.
* addr.Event: A WINDIVERT_EVENT_* value representing the event (see
below).
* addr.Sniffed: Indicates that the event was sniffed.
* addr.Outbound: Replaces addr.Direction.
* addr.IPv6: Indicates an IPv6 packet.
* addr.Network.IfIdx: Replaces addr.IfIdx.
* addr.Network.SubIfIdx: Replaces addr.SubIfIdx.
* addr.Flow.EndpointId: The endpoint ID of the flow.
* addr.Flow.ParentEndpointId: The parent endpoint ID of the flow.
* addr.Flow.ProcessId: The ID of process that created the flow.
* addr.Flow.LocalAddr: The flow's local address.
* addr.Flow.RemoteAddr: The flow's remote address.
* addr.Flow.LocalPort: The flow's local port.
* addr.Flow.RemotePort: The flow's remote port.
* addr.Flow.Protocol: The flow's protocol.
* addr.Socket.EndpointId: The endpoint ID of the operation.
* addr.Socket.ParentEndpointId: The parent endpoint ID of the operation.
* addr.Socket.ProcessId: The ID of process that created the socket.
* addr.Socket.LocalAddr: The socket's local address.
* addr.Socket.RemoteAddr: The socket's remote address.
* addr.Socket.LocalPort: The socket's local port.
* addr.Socket.RemotePort: The socket's remote port.
* addr.Socket.Protocol: The socket's protocol.
* addr.Reflect.ProcessId: The ID of process that created opened the
handle.
* addr.Reflect.Timestamp: The timestamp of the handle.
* addr.Reflect.Layer: The layer of the handle.
* addr.Reflect.Flags: The flags of the handle.
* addr.Reflect.Priority: The priority of the handle.
- The addr.Event field can take the following values:
* WINDIVERT_EVENT_NETWORK_PACKET: (NETWORK/NETWORK_FORWARD layers) a new
packet was diverted.
* WINDIVERT_EVENT_FLOW_ESTABLISHED: (FLOW layer) a new flow is
established.
* WINDIVERT_EVENT_FLOW_DELETED: (FLOW layer) an existing flow is
deleted.
* WINDIVERT_EVENT_SOCKET_BIND: (SOCKET layer) a socket bind()
operation occurred.
* WINDIVERT_EVENT_SOCKET_CONNECT: (SOCKET layer) a socket connect()
operation occurred.
* WINDIVERT_EVENT_SOCKET_LISTEN: (SOCKET layer) a socket listen()
operation occurred.
* WINDIVERT_EVENT_SOCKET_ACCEPT: (SOCKET layer) a socket accept()
operation occurred.
* WINDIVERT_EVENT_SOCKET_CLOSE: (SOCKET layer) a socket endpoint is
closed.
* WINDIVERT_EVENT_REFLECT_OPEN: (REFLECT layer) a WinDivertOpen()
operation occurred.
* WINDIVERT_EVENT_REFLECT_CLOSE: (REFLECT layer) a WinDivertClose()
operation occurred.
- The WinDivert filter language has been expanded with new fields:
* event: The event value.
* timestamp: The event timestamp.
* endpointId: (FLOW/SOCKET layers) the endpoint ID.
* parentEndpointId: (FLOW/SOCKET layers) the parent endpoint ID.
* processId: (FLOW/SOCKET/REFLECT layers) the process ID.
* localAddr: (NETWORK/NETWORK_FORWARD/FLOW/SOCKET layers) the local
address.
* localPort: (NETWORK/NETWORK_FORWARD/FLOW/SOCKET layers) the local
port.
* remoteAddr: (NETWORK/NETWORK_FORWARD/FLOW/SOCKET layers) the remote
address.
* remotePort: (NETWORK/NETWORK_FORWARD/FLOW/SOCKET layers) the remote
port.
* protocol: (NETWORK/NETWORK_FORWARD/FLOW/SOCKET layers) the protocol.
* priority: (REFLECT layer) the handle's priority.
* layer: (REFLECT layer) the handle's layer.
* random8: (NETWORK/NETWORK_FORWARD layers) an 8-bit pseudo random
number.
* random16: (NETWORK/NETWORK_FORWARD layers) a 16-bit pseudo random
number.
* random32: (NETWORK/NETWORK_FORWARD layers) a 32-bit pseudo random
number.
* length: (NETWORK/NETWORK_FORWARD layers) the packet length.
* zero: The value "0".
- The WinDivert filter language can now address packet/payload data for
the NETWORK/NETWORK_FORWARD layers:
* packet[i]: the ith packet byte.
* packet16[i]: the ith packet 16bit word.
* packet32[i]: the ith packet 32bit word.
* tcp.payload[i]: the ith TCP payload byte.
* tcp.payload16[i]: the ith TCP 16bit word.
* tcp.payload32[i]: the ith TCP 32bit word.
* udp.payload[i]: the ith UDP payload byte.
* udp.payload16[i]: the ith UDP 16bit word.
* udp.payload32[i]: the ith UDP 32bit word.
The index (i) can be:
* An ordinary integer representing word addressing.
* A 'b' decorated integer representing byte-level addressing.
Furthermore, the index can be:
* Positive, representing addressing from the start of the
packet/payload.
* Negative, representing addressing from the end of the packet/payload.
- The WinDivert filter language now supports several symbolic values:
* PACKET: (NETWORK/NETWORK_FORWARD layers) equal to
WINDIVERT_EVENT_NETWORK_PACKET
* ESTABLISHED: (FLOW layer) equal to WINDIVERT_EVENT_FLOW_ESTABLISHED.
* DELETED: (FLOW LAYER) equal to WINDIVERT_EVENT_FLOW_DELETED.
* BIND: (SOCKET layer) equal to WINDIVERT_EVENT_SOCKET_BIND.
* CONNECT: (SOCKET layer) equal to WINDIVERT_EVENT_SOCKET_CONNECT.
* LISTEN: (SOCKET layer) equal to WINDIVERT_EVENT_SOCKET_LISTEN.
* ACCEPT: (SOCKET layer) equal to WINDIVERT_EVENT_SOCKET_ACCEPT.
WINDIVERT_LAYER_NETWORK_FORWARD.
* CLOSE: (SOCKET layer) equal to WINDIVERT_EVENT_SOCKET_CLOSE.
* OPEN: (REFLECT layer) equal to WINDIVERT_EVENT_REFLECT_OPEN.
* CLOSE: (REFLECT layer) equal to WINDIVERT_EVENT_REFLECT_CLOSE.
* NETWORK: (REFLECT layer) equal to WINDIVERT_LAYER_NETWORK.
* NETWORK_FORWARD: (REFLECT layer) equal to
* FLOW: (REFLECT layer) equal to WINDIVERT_LAYER_FLOW.
* SOCKET: (REFLECT layer) equal to WINDIVERT_LAYER_SOCKET.
* REFLECT: (REFLECT layer) equal to WINDIVERT_LAYER_REFLECT.
* TRUE: equal to 1.
* FALSE: equal to 0.
* TCP: equal to IPPROTO_TCP (6).
* UDP: equal to IPPROTO_UDP (17).
* ICMP: equal to IPPROTO_ICMP (1).
* ICMPV6: equal to IPPROTO_ICMPV6 (58).
- WinDivertOpen() now supports several new flags:
* WINDIVERT_FLAG_RECV_ONLY/WINDIVERT_FLAG_READ_ONLY: The handle cannot
be used for send operations.
* WINDIVERT_FLAG_SEND_ONLY/WINDIVERT_FLAG_WRITE_ONLY: The handle cannot
be used for receive operations.
* WINDIVERT_FLAG_NO_INSTALL: If the WinDivert driver is not already
installed/loaded, then WinDivertOpen() will fail with an error.
- WinDivertRecvEx()/WinDivertSendEx() now support a "batch" mode that
allows more than one packet to be received/sent at once. The number
of packets is determined by a new pAddrLen/addrLen parameter.
- Add a new WinDivertShutdown() function that supports the following
modes:
* WINDIVERT_SHUTDOWN_RECV: Disable the queuing new packets.
* WINDIVERT_SHUTDOWN_SEND: Disable the sending of new packets.
* WINDIVERT_SHUTDOWN_BOTH: Equivalent to
(WINDIVERT_SHUTDOWN_RECV | WINDIVERT_SHUTDOWN_SEND).
- Add new "read-only" WinDivert parameters:
* WINDIVERT_PARAM_VERSION_MAJOR: Driver version (major).
* WINDIVERT_PARAM_VERSION_MINOR: Driver version (minor).
- Add a new WinDivertHelperHashPacket() helper function that calculates
a 64bit hash value of a packet.
- Add new WinDivertHelperFormatIPv4Address() and
WinDivertHelperFormatIPv6Address() helper functions that format
IPv4 and IPv6 addresses respectively.
- Replace WinDivertHelperCheckFilter() with a new
WinDivertHelperCompileFilter() helper function. The latter can also be
used to compile a human-readable filter string into a more compact
"object" format. The object format can be used in place of the
human readable format for all WinDivert operations.
- Add a new WinDivertHelperFormatFilter() helper function that formats a
filter string into a normalized form. It also can be used to
"de-compile" the object format into a human readable form.
- Add a new WinDivertHelperDecrementTTL() function that decrements the
ip.TTL/ipv6.HopLimit field of a packet.
- Add new WinDivertHelperNto*()/WinDivertHelperHton*() helper functions
for swapping from network to host byte ordering, and vice versa.
- WinDivertOpen() priorities now are ascending, meaning that higher
values correspond to higher priorities.
- The last two arguments for WinDivertRecv() and WinDivertSend() have been
swapped.
WinDivert 2.0.1-rc
- Fix WFP callout install optimization bug.
- Fix WinDivertHelperNtohIpv6Address/WinDivertHelperHtonIpv6Address bug.
- Rename the following functions for consistency:
* WinDivertHelperNtohIpv6Address -> WinDivertHelperNtohIPv6Address
* WinDivertHelperHtonIpv6Address -> WinDivertHelperHtonIPv6Address
WinDivert 2.1.0
- WinDivertOpen() now supports a new flag:
* WINDIVERT_FLAG_FRAGMENTS: If set, the handle will capture inbound IP
fragments, but not inbound reassembled IP packets. Otherwise, if not
set (the default), the handle will capture inbound reassembled IP
packets, but not inbound IP fragments. This flag only affects
inbound packets at the NETWORK layer.
- Filter fields inbound/outbound are now supported at the SOCKET layer.
- Fix BSOD caused by packets with missing or incomplete transport
headers (introduced in 2.0.0).
- Fix missing Flow.EndpointId and Flow.ParentEndpointId for IPv6 flows.
WinDivert 2.2.0
- Implement new packet parser that correctly handles IP fragments.
- Add a new "fragment" filter field that matches IP fragments.
- (Un)Loading the WinDivert driver will cause a system event to be logged.
LICENSE
+3 -407
View File
@@ -1,13 +1,7 @@
WinDivert is dual-licensed under your choice of the GNU Lesser General Public
License (LGPL) Version 3 or the GNU General Public License (GPL) Version 2.
Copies of the LGPLv3, GPLv3 and GPLv2 are provided below.
==============================================================================
GNU LESSER GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
@@ -170,12 +164,12 @@ apply, that proxy's public statement of acceptance of any version is
permanent authorization for you to choose that version for the
Library.
==============================================================================
------------------------------------------------------------------------------
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
@@ -791,401 +785,3 @@ reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.
==============================================================================
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
README
+78 -30
View File
@@ -1,36 +1,51 @@
WinDivert 2.2: Windows Packet Divert
WinDivert 1.1: Windows Packet Divert
====================================
1. Introduction
---------------
Windows Packet Divert (WinDivert) is a user-mode packet interception library
for Windows 7, Windows 8 and Windows 10.
Windows Packet Divert (WinDivert) is a user-mode packet capture-and-divert
package for Windows Vista, Windows 2008, Windows 7, and Windows 8.
WinDivert enables user-mode capturing/modifying/dropping of network packets
sent to/from the Windows network stack. In summary, WinDivert can:
With WinDivert developers can write user-mode programs that capture and
modify or drop network packets sent to/from the Windows network stack.
In summary, WinDivert can
- capture network packets
- filter/drop network packets
- sniff network packets
- (re)inject network packets
- modify network packets
WinDivert can be used to implement user-mode packet filters, sniffers,
firewalls, NATs, VPNs, IDSs, tunneling applications, etc..
WinDivert supports the following features:
WinDivert can be used to implement user-mode packet filters, packet sniffers,
firewalls, NAT, VPNs, tunneling applications, etc., etc.. If you
need to intercept and modify packets, then WinDivert is for you.
The features of WinDivert include:
- packet interception, sniffing, or dropping modes
- support for loopback (localhost) traffic
- full IPv6 support
- network layer
- simple yet powerful API
- simple and powerful API
- high-level filtering language
- filter priorities
- freely available under the terms of the GNU Lesser General Public
License (LGPLv3)
License (LGPL)
For more information see doc/windivert.html
For more information about WinDivert, see doc/divert.html
2. Architecture
2. Similar Packages
-------------------
WinDivert is similar to divert sockets in FreeBSD/MacOS, NETLINK sockets in
Linux, and some commercial packet capturing packages such as WinPkFilter for
Windows. The design of WinDivert is largely influenced by FreeBSD's divert
sockets.
WinDivert in packet-sniffing mode is similar to Winpcap. Unlike Winpcap,
WinDivert fully supports capturing loopback traffic. Furthermore, WinDivert
supports packet interception, which is not supported in Winpcap.
3. Architecture
---------------
The basic architecture of WinDivert is as follows:
@@ -55,37 +70,70 @@ The basic architecture of WinDivert is as follows:
| |
+---------------+
The WinDivert.sys driver is installed below the Windows network stack. The
following actions occur:
The WinDivert.sys driver is inserted below the Windows network stack. The
following then happens
(1) A new packet enters the network stack and is intercepted by WinDivert.sys
(2a) If the packet matches the PROGRAM-defined filter, it is diverted. The
PROGRAM can then read the packet using a call to WinDivertRecv().
(2b) If the packet does not match the filter, the packet continues as normal.
(3) PROGRAM either drops, modifies, or re-injects the packet. PROGRAM can
re-inject the (modified) using a call to WinDivertSend().
(1) a new packet enters the network stack and is intercepted by WinDivert.sys
(2a) if the packet matches a PROGRAM-defined filter, it is diverted. The
PROGRAM reads the packet with a call to the WinDivertRecv() function.
(2b) if the packet does not match the filter, the packet is permitted to
continue as normal.
(3) PROGRAM either drops, modifies, or re-injects the packet. If the
(modified) packet is re-injected, via a call to WinDivertSend(), it is
inserted back into the Windows network stack.
3. License
4. Building
-----------
(1) In a WinDDK build environment, run the command:
wddk-build.bat
(2) [OPTIONAL Visual Studio 2012 support] In a VS2012 command prompt, run the
command:
msvc-build.bat
(3) [OPTIONAL MinGW support] In Linux with MinGW a cross-compiler, run the
command:
sh mingw-build.sh
For more detailed build instructions, see doc\windivert.html
5. License
----------
WinDivert is dual-licensed under your choice of the GNU Lesser General Public
License (LGPL) Version 3 or the GNU General Public License (GPL) Version 2.
See the LICENSE file for more information.
This package is distributed under the GNU Lesser General Public License
(LGPL) Version 3. See LICENSE for more information.
4. About
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>
6. About
--------
WinDivert was written by basil.
For further information, or bug reports, please contact:
For further information, or bug reports, please contact
basil@reqrypt.org
basil AT reqrypt DOT org
The homepage for WinDivert is:
The homepage for WinDivert is
https://reqrypt.org/windivert.html
http://reqrypt.org/windivert.html
The source code for WinDivert is hosted by GitHub at:
The source code for WinDivert is hosted by GitHub at
https://github.com/basil00/Divert
VERSION
+1 -1
View File
@@ -1 +1 @@
2.2.0
1.1.8
dirs
+4 -2
View File
@@ -1,2 +1,4 @@
DIRS= \
sys
DIRS= \
dll \
examples \
sys
dll/Makefile
+1
View File
@@ -0,0 +1 @@
!INCLUDE $(NTMAKEENV)\makefile.def
dll/sources
+32
View File
@@ -0,0 +1,32 @@
# sources
# (C) 2014, all rights reserved,
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
TARGETNAME=WinDivert
TARGETTYPE=DYNLINK
TARGETPATH=..\install\WDDK
TARGETLIBS=\
$(SDK_LIB_PATH)\advapi32.lib \
$(SDK_LIB_PATH)\setupapi.lib \
$(SDK_LIB_PATH)\user32.lib \
$(SDK_LIB_PATH)\kernel32.lib \
$(SDK_LIB_PATH)\ws2_32.lib
C_DEFINES=/DWIN32 /D_WINDOWS /D_USRDLL /DUSE_STDAFX /DUNICODE /D_UNICODE
DLLENTRY=WinDivertDllEntry
DLLDEF=windivert.def
USE_MSVCRT=1
INCLUDES=$(DDK_INC_PATH);$(KMDF_INC_PATH)\$(KMDF_VER_PATH);..\include
SOURCES=windivert.c
dll/windivert.c
+1900 -531
View File
File diff suppressed because it is too large Load Diff
dll/windivert.def
+11 -18
View File
@@ -1,32 +1,25 @@
LIBRARY WinDivert
EXPORTS
WinDivertDllEntry
WinDivertOpen
WinDivertRecv
WinDivertRecvEx
WinDivertSend
WinDivertSendEx
WinDivertShutdown
WinDivertClose
WinDivertSetParam
WinDivertGetParam
WinDivertHelperCalcChecksums
WinDivertHelperDecrementTTL
WinDivertHelperHashPacket
WinDivertHelperParsePacket
WinDivertHelperParseIPv4Address
WinDivertHelperParseIPv6Address
WinDivertHelperFormatIPv4Address
WinDivertHelperFormatIPv6Address
WinDivertHelperCompileFilter
WinDivertHelperEvalFilter
WinDivertHelperFormatFilter
WinDivertHelperNtohs
WinDivertHelperHtons
WinDivertHelperNtohl
WinDivertHelperHtonl
WinDivertHelperNtohll
WinDivertHelperHtonll
WinDivertHelperNtohIPv6Address
WinDivertHelperHtonIPv6Address
WinDivertHelperNtohIpv6Address
WinDivertHelperHtonIpv6Address
DivertOpen
DivertRecv
DivertSend
DivertClose
DivertSetParam
DivertGetParam
DivertHelperCalcChecksums
DivertHelperParsePacket
DivertHelperParseIPv4Address
DivertHelperParseIPv6Address
dll/windivert.vcxproj
+61 -84
View File
@@ -1,84 +1,61 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
windivert.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="windivert.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<BufferSecurityCheck>false</BufferSecurityCheck>
<AdditionalIncludeDirectories>..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>WinDivert</RootNamespace>
<ProjectName>WinDivert</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<UseDebugLibraries>true</UseDebugLibraries>
<ConfigurationType>DynamicLibrary</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<ClCompile>
<WppEnabled>false</WppEnabled>
<PreprocessorDefinitions Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">WIN32;NDEBUG;_WINDOWS;_USRDLL;DLL_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions Condition="'$(Configuration)|$(Platform)'=='Release|x64'">WIN32;NDEBUG;_WINDOWS;_USRDLL;DLL_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<EntryPointSymbol>WinDivertDllEntry</EntryPointSymbol>
<AdditionalDependencies>%(AdditionalDependencies)</AdditionalDependencies>
<IgnoreAllDefaultLibraries>true</IgnoreAllDefaultLibraries>
<ModuleDefinitionFile>windivert.def</ModuleDefinitionFile>
<ImportLibrary>WinDivert.lib</ImportLibrary>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup>
<ConfigurationType>DynamicLibrary</ConfigurationType>
<TARGETNAME>WinDivert</TARGETNAME>
<Configuration>Release</Configuration>
</PropertyGroup>
<ItemDefinitionGroup>
<ClCompile>
<AdditionalIncludeDirectories>..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
<Link>
<ModuleDefinitionFile>windivert.def</ModuleDefinitionFile>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Debug'">
<UseDebugLibraries>True</UseDebugLibraries>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Release'">
<UseDebugLibraries>False</UseDebugLibraries>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props"/>
<ItemGroup>
<ClCompile Include="windivert.c"/>
</ItemGroup>
<ItemGroup>
<None Include="windivert.def"/>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets"/>
</Project>
dll/windivert_hash.c
-203
View File
@@ -1,203 +0,0 @@
/*
* windivert_hash.c
* (C) 2019, all rights reserved,
*
* This file is part of WinDivert.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* xxHash - Fast Hash algorithm
* Copyright (C) 2012-2016, Yann Collet
*
* BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php)
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following disclaimer
* in the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/*
* This is a modified version of the 64bit xxHash algorithm:
* - The algorithm is seeded with packet data rather than the single 64bit
* "seed" value.
* - The input sized is fixed to 32bytes (excluding the seed), so there is
* only ever a single round. As such, the algorithm has been specialized.
*/
#define WINDIVERT_ROTL64(x, r) (((x) << (r)) | ((x) >> (64 - (r))))
static const UINT64 WINDIVERT_PRIME64_1 = 11400714785074694791ull;
static const UINT64 WINDIVERT_PRIME64_2 = 14029467366897019727ull;
static const UINT64 WINDIVERT_PRIME64_3 = 1609587929392839161ull;
static const UINT64 WINDIVERT_PRIME64_4 = 9650029242287828579ull;
static UINT64 WinDivertXXH64Round(UINT64 acc, UINT64 input)
{
acc += WINDIVERT_MUL64(input, WINDIVERT_PRIME64_2);
acc = WINDIVERT_ROTL64(acc, 31);
acc = WINDIVERT_MUL64(acc, WINDIVERT_PRIME64_1);
return acc;
}
static UINT64 WinDivertXXH64MergeRound(UINT64 acc, UINT64 val)
{
val = WinDivertXXH64Round(0, val);
acc ^= val;
acc = WINDIVERT_MUL64(acc, WINDIVERT_PRIME64_1) + WINDIVERT_PRIME64_4;
return acc;
}
static UINT64 WinDivertXXH64Avalanche(UINT64 h64)
{
h64 ^= h64 >> 33;
h64 = WINDIVERT_MUL64(h64, WINDIVERT_PRIME64_2);
h64 ^= h64 >> 29;
h64 = WINDIVERT_MUL64(h64, WINDIVERT_PRIME64_3);
h64 ^= h64 >> 32;
return h64;
}
/*
* WinDivert packet hash function.
*/
static UINT64 WinDivertHashPacket(UINT64 seed,
const WINDIVERT_IPHDR *ip_header, const WINDIVERT_IPV6HDR *ipv6_header,
const WINDIVERT_ICMPHDR *icmp_header,
const WINDIVERT_ICMPV6HDR *icmpv6_header,
const WINDIVERT_TCPHDR *tcp_header, const WINDIVERT_UDPHDR *udp_header)
{
UINT64 h64, v1, v2, v3, v4, v[4];
const UINT64 *data64;
const UINT32 *data32;
UINT i;
static const UINT64 padding64[] = // SHA2 IV
{
0x428A2F9871374491ull, 0xB5C0FBCFE9B5DBA5ull, 0x3956C25B59F111F1ull,
0x923F82A4AB1C5ED5ull, 0xD807AA9812835B01ull, 0x243185BE550C7DC3ull,
0x72BE5D7480DEB1FEull, 0x9BDC06A7C19BF174ull, 0xE49B69C1EFBE4786ull,
};
// Set-up seed & data
v1 = seed ^ padding64[0];
if (ip_header != NULL)
{
data64 = (const UINT64 *)ip_header;
v2 = data64[0] ^ padding64[1];
v3 = data64[1] ^ padding64[2];
data32 = (const UINT32 *)ip_header;
v4 = (UINT64)data32[4] ^ padding64[3];
i = 0;
}
else if (ipv6_header != NULL)
{
data64 = (const UINT64 *)ipv6_header;
v2 = data64[0] ^ padding64[1];
v3 = data64[1] ^ padding64[2];
v4 = data64[2] ^ padding64[3];
v[0] = data64[3] ^ padding64[4];
v[1] = data64[4] ^ padding64[5];
i = 2;
}
else
return 0;
if (tcp_header != NULL)
{
data64 = (const UINT64 *)tcp_header;
v[i] = data64[0] ^ padding64[i+4]; i++;
v[i] = data64[1] ^ padding64[i+4]; i++;
data32 = (const UINT32 *)tcp_header;
if (i <= 3)
{
v[i] = (UINT64)data32[4] ^ padding64[i+4]; i++;
}
else
{
v2 ^= ((UINT64)data32[4] << 32);
}
}
else
{
if (udp_header != NULL)
{
data64 = (const UINT64 *)udp_header;
v[i] = data64[0] ^ padding64[i+4]; i++;
}
else if (icmp_header != NULL)
{
data64 = (const UINT64 *)icmp_header;
v[i] = data64[0] ^ padding64[i+4]; i++;
}
else if (icmpv6_header != NULL)
{
data64 = (const UINT64 *)icmpv6_header;
v[i] = data64[0] ^ padding64[i+4]; i++;
}
}
while (i <= 3)
{
v[i] = seed ^ padding64[i+4]; i++;
}
// Hash
v1 = WinDivertXXH64Round(v[0], v1);
v2 = WinDivertXXH64Round(v[1], v2);
v3 = WinDivertXXH64Round(v[2], v3);
v4 = WinDivertXXH64Round(v[3], v4);
h64 = WINDIVERT_ROTL64(v1, 1) + WINDIVERT_ROTL64(v2, 7) +
WINDIVERT_ROTL64(v3, 12) + WINDIVERT_ROTL64(v4, 18);
h64 = WinDivertXXH64MergeRound(h64, v1);
h64 = WinDivertXXH64MergeRound(h64, v2);
h64 = WinDivertXXH64MergeRound(h64, v3);
h64 = WinDivertXXH64MergeRound(h64, v4);
h64 += 32; // "length"
h64 = WinDivertXXH64Avalanche(h64);
return h64;
}
dll/windivert_helper.c
-4330
View File
File diff suppressed because it is too large Load Diff
dll/windivert_shared.c
-1738
View File
File diff suppressed because it is too large Load Diff
doc/windivert.html
+572 -2239
View File
File diff suppressed because it is too large Load Diff
examples/dirs
+5
View File
@@ -0,0 +1,5 @@
DIRS= \
netdump \
netfilter \
passthru \
webfilter
examples/flowtrack/flowtrack.c
-321
View File
@@ -1,321 +0,0 @@
/*
* flowtrack.c
* (C) 2019, all rights reserved,
*
* This file is part of WinDivert.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/*
* DESCRIPTION:
*
* usage: flowtrack.exe [filter]
*/
#include <winsock2.h>
#include <windows.h>
#include <psapi.h>
#include <shlwapi.h>
#include <stdio.h>
#include <stdlib.h>
#include "windivert.h"
#define MAX_FLOWS 256
#define INET6_ADDRSTRLEN 45
/*
* Flow tracking.
*/
typedef struct FLOW
{
WINDIVERT_ADDRESS addr;
struct FLOW *next;
} FLOW, *PFLOW;
static HANDLE lock;
static PFLOW flows = NULL;
/*
* Draw flows to console in a delayed loop.
*
* This function does minimal error checking.
*/
static DWORD draw(LPVOID arg)
{
const COORD top_left = {0, 0};
HANDLE process, console = GetStdHandle(STD_OUTPUT_HANDLE);
CONSOLE_SCREEN_BUFFER_INFO screen;
char path[MAX_PATH+1];
char addr_str[INET6_ADDRSTRLEN+1];
char *filename;
const char header[] = "PID PROGRAM PROT FLOW";
DWORD rows, columns, written, fill_len, path_len, i;
PFLOW flow;
WINDIVERT_ADDRESS addrs[MAX_FLOWS], *addr;
UINT num_addrs;
while (TRUE)
{
GetConsoleScreenBufferInfo(console, &screen);
SetConsoleCursorPosition(console, top_left);
rows = screen.srWindow.Bottom - screen.srWindow.Top + 1;
columns = screen.srWindow.Right - screen.srWindow.Left + 1;
// Copy a snapshot of the current flows:
WaitForSingleObject(lock, INFINITE);
flow = flows;
num_addrs = 0;
for (i = 0; flow != NULL && i < rows && i < MAX_FLOWS; i++)
{
memcpy(&addrs[i], &flow->addr, sizeof(addrs[i]));
num_addrs++;
flow = flow->next;
}
ReleaseMutex(lock);
// Print the flows:
SetConsoleTextAttribute(console, BACKGROUND_RED | BACKGROUND_GREEN |
BACKGROUND_BLUE);
WriteConsole(console, header, sizeof(header)-1, &written, NULL);
fill_len = columns - (sizeof(header)-1);
if (fill_len > 0)
{
COORD pos = {sizeof(header)-1, 0};
FillConsoleOutputCharacterA(console, ' ', fill_len, pos,
&written);
FillConsoleOutputAttribute(console,
BACKGROUND_RED | BACKGROUND_GREEN | BACKGROUND_BLUE,
fill_len, pos, &written);
}
putchar('\n');
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
for (i = 0; i < num_addrs && i < rows-1; i++)
{
COORD pos = {0, i+1};
addr = &addrs[i];
FillConsoleOutputCharacterA(console, ' ', columns, pos, &written);
FillConsoleOutputAttribute(console,
FOREGROUND_GREEN | FOREGROUND_RED | FOREGROUND_BLUE,
columns, pos, &written);
SetConsoleCursorPosition(console, pos);
if (i == rows-2 && (i+1) < num_addrs)
{
fputs("...", stdout);
fflush(stdout);
continue;
}
printf("%-10d ", addr->Flow.ProcessId);
process = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE,
addr->Flow.ProcessId);
path_len = 0;
if (process != NULL)
{
path_len = GetProcessImageFileName(process, path, sizeof(path));
CloseHandle(process);
}
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
if (path_len != 0)
{
filename = PathFindFileName(path);
printf("%-20.20s ", filename);
}
else if (addr->Flow.ProcessId == 4)
{
fputs("Windows ", stdout);
}
else
{
fputs("??? ", stdout);
}
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
switch (addr->Flow.Protocol)
{
case IPPROTO_TCP:
SetConsoleTextAttribute(console, FOREGROUND_GREEN);
printf("TCP ");
break;
case IPPROTO_UDP:
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN);
printf("UDP ");
break;
case IPPROTO_ICMP:
SetConsoleTextAttribute(console, FOREGROUND_RED);
printf("ICMP ");
break;
case IPPROTO_ICMPV6:
SetConsoleTextAttribute(console, FOREGROUND_RED);
printf("ICMPV6 ");
break;
default:
printf("%-6u ", addr->Flow.Protocol);
break;
}
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
WinDivertHelperFormatIPv6Address(addr->Flow.LocalAddr, addr_str,
sizeof(addr_str));
printf("%s:%u %s ", addr_str, addr->Flow.LocalPort,
(addr->Outbound? "---->": "<----"));
WinDivertHelperFormatIPv6Address(addr->Flow.RemoteAddr, addr_str,
sizeof(addr_str));
printf("%s:%u", addr_str, addr->Flow.RemotePort);
fflush(stdout);
}
for (; i < rows-1; i++)
{
COORD pos = {0, i+1};
FillConsoleOutputCharacterA(console, ' ', columns, pos, &written);
FillConsoleOutputAttribute(console,
FOREGROUND_GREEN | FOREGROUND_RED | FOREGROUND_BLUE,
columns, pos, &written);
}
Sleep(1000);
}
}
/*
* Entry.
*/
int __cdecl main(int argc, char **argv)
{
HANDLE handle, thread;
INT16 priority = 776; // Arbitrary.
const char *filter = "true", *err_str;
UINT packet_len;
WINDIVERT_ADDRESS addr;
PFLOW flow, prev;
switch (argc)
{
case 1:
break;
case 2:
filter = argv[1];
break;
default:
fprintf(stderr, "usage: %s [filter]\n", argv[0]);
exit(EXIT_FAILURE);
}
// Open WinDivert FLOW handle:
handle = WinDivertOpen(filter, WINDIVERT_LAYER_FLOW, priority,
WINDIVERT_FLAG_SNIFF | WINDIVERT_FLAG_RECV_ONLY);
if (handle == INVALID_HANDLE_VALUE)
{
if (GetLastError() == ERROR_INVALID_PARAMETER &&
!WinDivertHelperCompileFilter(filter, WINDIVERT_LAYER_FLOW,
NULL, 0, &err_str, NULL))
{
fprintf(stderr, "error: invalid filter \"%s\"\n", err_str);
exit(EXIT_FAILURE);
}
fprintf(stderr, "error: failed to open the WinDivert device (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
// Spawn the draw() thread.
lock = CreateMutex(NULL, FALSE, NULL);
thread = CreateThread(NULL, 1, (LPTHREAD_START_ROUTINE)draw, NULL, 0,
NULL);
if (thread == NULL)
{
fprintf(stderr, "error: failed to create thread (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
CloseHandle(thread);
// Main loop:
while (TRUE)
{
if (!WinDivertRecv(handle, NULL, 0, NULL, &addr))
{
fprintf(stderr, "failed to read packet (%d)\n", GetLastError());
continue;
}
switch (addr.Event)
{
case WINDIVERT_EVENT_FLOW_ESTABLISHED:
// Flow established:
flow = (PFLOW)malloc(sizeof(FLOW));
if (flow == NULL)
{
fprintf(stderr, "error: failed to allocate memory\n");
exit(EXIT_FAILURE);
}
memcpy(&flow->addr, &addr, sizeof(flow->addr));
WaitForSingleObject(lock, INFINITE);
flow->next = flows;
flows = flow;
ReleaseMutex(lock);
break;
case WINDIVERT_EVENT_FLOW_DELETED:
// Flow deleted:
prev = NULL;
WaitForSingleObject(lock, INFINITE);
flow = flows;
while (flow != NULL)
{
if (memcmp(&addr.Flow, &flow->addr.Flow,
sizeof(addr.Flow)) == 0)
{
if (prev != NULL)
{
prev->next = flow->next;
}
else
{
flows = flow->next;
}
break;
}
prev = flow;
flow = flow->next;
}
ReleaseMutex(lock);
free(flow);
}
}
return 0;
}
examples/flowtrack/flowtrack.vcxproj
-73
View File
@@ -1,73 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
flowtrack.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="flowtrack.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<AdditionalIncludeDirectories>..\..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>flowtrack</RootNamespace>
<ProjectName>flowtrack</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<ConfigurationType>Application</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<Link>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..\..\install\MSVC\i386\WinDivert.lib;shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..\..\install\MSVC\amd64\WinDivert.lib;shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
examples/netdump/Makefile
+1
View File
@@ -0,0 +1 @@
!INCLUDE $(NTMAKEENV)\makefile.def
examples/netdump/netdump.c
+48 -85
View File
@@ -1,35 +1,19 @@
/*
* netdump.c
* (C) 2019, all rights reserved,
* (C) 2014, all rights reserved,
*
* This file is part of WinDivert.
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/*
@@ -41,6 +25,7 @@
*
*/
#include <winsock2.h>
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
@@ -48,11 +33,7 @@
#include "windivert.h"
#define ntohs(x) WinDivertHelperNtohs(x)
#define ntohl(x) WinDivertHelperNtohl(x)
#define MAXBUF WINDIVERT_MTU_MAX
#define INET6_ADDRSTRLEN 45
#define MAXBUF 0xFFFF
/*
* Entry.
@@ -71,12 +52,6 @@ int __cdecl main(int argc, char **argv)
PWINDIVERT_ICMPV6HDR icmpv6_header;
PWINDIVERT_TCPHDR tcp_header;
PWINDIVERT_UDPHDR udp_header;
UINT32 src_addr[4], dst_addr[4];
UINT64 hash;
char src_str[INET6_ADDRSTRLEN+1], dst_str[INET6_ADDRSTRLEN+1];
const char *err_str;
LARGE_INTEGER base, freq;
double time_passed;
// Check arguments.
switch (argc)
@@ -93,7 +68,7 @@ int __cdecl main(int argc, char **argv)
fprintf(stderr, "\t%s true\n", argv[0]);
fprintf(stderr, "\t%s \"outbound and tcp.DstPort == 80\" 1000\n",
argv[0]);
fprintf(stderr, "\t%s \"inbound and tcp.Syn\" -400\n", argv[0]);
fprintf(stderr, "\t%s \"inbound and tcp.Syn\" -4000\n", argv[0]);
exit(EXIT_FAILURE);
}
@@ -102,14 +77,12 @@ int __cdecl main(int argc, char **argv)
// Divert traffic matching the filter:
handle = WinDivertOpen(argv[1], WINDIVERT_LAYER_NETWORK, priority,
WINDIVERT_FLAG_SNIFF | WINDIVERT_FLAG_FRAGMENTS);
WINDIVERT_FLAG_SNIFF);
if (handle == INVALID_HANDLE_VALUE)
{
if (GetLastError() == ERROR_INVALID_PARAMETER &&
!WinDivertHelperCompileFilter(argv[1], WINDIVERT_LAYER_NETWORK,
NULL, 0, &err_str, NULL))
if (GetLastError() == ERROR_INVALID_PARAMETER)
{
fprintf(stderr, "error: invalid filter \"%s\"\n", err_str);
fprintf(stderr, "error: filter syntax error\n");
exit(EXIT_FAILURE);
}
fprintf(stderr, "error: failed to open the WinDivert device (%d)\n",
@@ -118,47 +91,34 @@ int __cdecl main(int argc, char **argv)
}
// Max-out the packet queue:
if (!WinDivertSetParam(handle, WINDIVERT_PARAM_QUEUE_LENGTH,
WINDIVERT_PARAM_QUEUE_LENGTH_MAX))
if (!WinDivertSetParam(handle, WINDIVERT_PARAM_QUEUE_LEN, 8192))
{
fprintf(stderr, "error: failed to set packet queue length (%d)\n",
GetLastError());
exit(EXIT_FAILURE);
}
if (!WinDivertSetParam(handle, WINDIVERT_PARAM_QUEUE_TIME,
WINDIVERT_PARAM_QUEUE_TIME_MAX))
if (!WinDivertSetParam(handle, WINDIVERT_PARAM_QUEUE_TIME, 2048))
{
fprintf(stderr, "error: failed to set packet queue time (%d)\n",
GetLastError());
exit(EXIT_FAILURE);
}
if (!WinDivertSetParam(handle, WINDIVERT_PARAM_QUEUE_SIZE,
WINDIVERT_PARAM_QUEUE_SIZE_MAX))
{
fprintf(stderr, "error: failed to set packet queue size (%d)\n",
GetLastError());
exit(EXIT_FAILURE);
}
// Set up timing:
QueryPerformanceFrequency(&freq);
QueryPerformanceCounter(&base);
// Main loop:
while (TRUE)
{
// Read a matching packet.
if (!WinDivertRecv(handle, packet, sizeof(packet), &packet_len, &addr))
if (!WinDivertRecv(handle, packet, sizeof(packet), &addr, &packet_len))
{
fprintf(stderr, "warning: failed to read packet (%d)\n",
GetLastError());
continue;
}
// Print info about the matching packet.
WinDivertHelperParsePacket(packet, packet_len, &ip_header, &ipv6_header,
NULL, &icmp_header, &icmpv6_header, &tcp_header, &udp_header, NULL,
NULL, NULL, NULL);
WinDivertHelperParsePacket(packet, packet_len, &ip_header,
&ipv6_header, &icmp_header, &icmpv6_header, &tcp_header,
&udp_header, NULL, NULL);
if (ip_header == NULL && ipv6_header == NULL)
{
fprintf(stderr, "warning: junk packet\n");
@@ -167,51 +127,54 @@ int __cdecl main(int argc, char **argv)
// Dump packet info:
putchar('\n');
SetConsoleTextAttribute(console, FOREGROUND_RED);
time_passed = (double)(addr.Timestamp - base.QuadPart) /
(double)freq.QuadPart;
hash = WinDivertHelperHashPacket(packet, packet_len, 0);
printf("Packet [Timestamp=%.8g, Direction=%s IfIdx=%u SubIfIdx=%u "
"Loopback=%u Hash=0x%.16llX]\n",
time_passed, (addr.Outbound? "outbound": "inbound"),
addr.Network.IfIdx, addr.Network.SubIfIdx, addr.Loopback, hash);
printf("Packet [Direction=%u IfIdx=%u SubIfIdx=%u]\n",
addr.Direction, addr.IfIdx, addr.SubIfIdx);
if (ip_header != NULL)
{
WinDivertHelperFormatIPv4Address(ntohl(ip_header->SrcAddr),
src_str, sizeof(src_str));
WinDivertHelperFormatIPv4Address(ntohl(ip_header->DstAddr),
dst_str, sizeof(dst_str));
UINT8 *src_addr = (UINT8 *)&ip_header->SrcAddr;
UINT8 *dst_addr = (UINT8 *)&ip_header->DstAddr;
SetConsoleTextAttribute(console,
FOREGROUND_GREEN | FOREGROUND_RED);
printf("IPv4 [Version=%u HdrLength=%u TOS=%u Length=%u Id=0x%.4X "
"Reserved=%u DF=%u MF=%u FragOff=%u TTL=%u Protocol=%u "
"Checksum=0x%.4X SrcAddr=%s DstAddr=%s]\n",
"Checksum=0x%.4X SrcAddr=%u.%u.%u.%u DstAddr=%u.%u.%u.%u]\n",
ip_header->Version, ip_header->HdrLength,
ntohs(ip_header->TOS), ntohs(ip_header->Length),
ntohs(ip_header->Id), WINDIVERT_IPHDR_GET_RESERVED(ip_header),
WINDIVERT_IPHDR_GET_DF(ip_header),
WINDIVERT_IPHDR_GET_MF(ip_header),
ntohs(WINDIVERT_IPHDR_GET_FRAGOFF(ip_header)), ip_header->TTL,
ip_header->Protocol, ntohs(ip_header->Checksum), src_str,
dst_str);
ip_header->Protocol, ntohs(ip_header->Checksum),
src_addr[0], src_addr[1], src_addr[2], src_addr[3],
dst_addr[0], dst_addr[1], dst_addr[2], dst_addr[3]);
}
if (ipv6_header != NULL)
{
WinDivertHelperNtohIPv6Address(ipv6_header->SrcAddr, src_addr);
WinDivertHelperNtohIPv6Address(ipv6_header->DstAddr, dst_addr);
WinDivertHelperFormatIPv6Address(src_addr, src_str,
sizeof(src_str));
WinDivertHelperFormatIPv6Address(dst_addr, dst_str,
sizeof(dst_str));
UINT16 *src_addr = (UINT16 *)&ipv6_header->SrcAddr;
UINT16 *dst_addr = (UINT16 *)&ipv6_header->DstAddr;
SetConsoleTextAttribute(console,
FOREGROUND_GREEN | FOREGROUND_RED);
printf("IPv6 [Version=%u TrafficClass=%u FlowLabel=%u Length=%u "
"NextHdr=%u HopLimit=%u SrcAddr=%s DstAddr=%s]\n",
"NextHdr=%u HopLimit=%u SrcAddr=",
ipv6_header->Version,
WINDIVERT_IPV6HDR_GET_TRAFFICCLASS(ipv6_header),
ntohl(WINDIVERT_IPV6HDR_GET_FLOWLABEL(ipv6_header)),
ntohs(ipv6_header->Length), ipv6_header->NextHdr,
ipv6_header->HopLimit, src_str, dst_str);
ipv6_header->HopLimit);
for (i = 0; i < 8; i++)
{
printf("%x%c", ntohs(src_addr[i]), (i == 7? ' ': ':'));
}
fputs("DstAddr=", stdout);
for (i = 0; i < 8; i++)
{
printf("%x", ntohs(dst_addr[i]));
if (i != 7)
{
putchar(':');
}
}
fputs("]\n", stdout);
}
if (icmp_header != NULL)
{
examples/netdump/netdump.vcxproj
+58 -73
View File
@@ -1,73 +1,58 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
netdump.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="netdump.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<AdditionalIncludeDirectories>..\..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>netdump</RootNamespace>
<ProjectName>netdump</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<ConfigurationType>Application</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<Link>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..\..\install\MSVC\i386\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..\..\install\MSVC\amd64\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup>
<ConfigurationType>Application</ConfigurationType>
<TARGETNAME>netdump</TARGETNAME>
<Configuration>Release</Configuration>
</PropertyGroup>
<ItemDefinitionGroup>
<ClCompile>
<AdditionalIncludeDirectories>..\..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;..\..\install\MSVC\WinDivert.lib</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Debug'">
<UseDebugLibraries>True</UseDebugLibraries>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Release'">
<UseDebugLibraries>False</UseDebugLibraries>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props"/>
<ItemGroup>
<ClCompile Include="netdump.c"/>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets"/>
</Project>
examples/netdump/sources
+36
View File
@@ -0,0 +1,36 @@
# sources
# (C) 2014, all rights reserved,
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
!IF "$(_BUILDARCH)" == "x86"
CPU=i386
!ELSE
CPU=$(_BUILDARCH)
!ENDIF
TARGETNAME=netdump
TARGETTYPE=PROGRAM
TARGETPATH=..\..\install\WDDK
TARGETLIBS=\
$(SDK_LIB_PATH)\setupapi.lib \
$(SDK_LIB_PATH)\user32.lib \
$(SDK_LIB_PATH)\ws2_32.lib \
$(TARGETPATH)\$(CPU)\WinDivert.lib
UMTYPE=console
UMENTRY=main
USE_MSVCRT=1
INCLUDES=$(DDK_INC_PATH);$(KMDF_INC_PATH)\$(KMDF_VER_PATH);..\..\include
SOURCES=netdump.c
examples/netfilter/Makefile
+1
View File
@@ -0,0 +1 @@
!INCLUDE $(NTMAKEENV)\makefile.def
examples/netfilter/netfilter.c
+56 -74
View File
@@ -1,35 +1,19 @@
/*
* netfilter.c
* (C) 2019, all rights reserved,
* (C) 2014, all rights reserved,
*
* This file is part of WinDivert.
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/*
@@ -47,6 +31,7 @@
* This program is similar to Linux's iptables with the "-j REJECT" target.
*/
#include <winsock2.h>
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
@@ -54,14 +39,7 @@
#include "windivert.h"
#define ntohs(x) WinDivertHelperNtohs(x)
#define ntohl(x) WinDivertHelperNtohl(x)
#define htons(x) WinDivertHelperHtons(x)
#define htonl(x) WinDivertHelperHtonl(x)
#define MAXBUF WINDIVERT_MTU_MAX
#define INET6_ADDRSTRLEN 45
#define IPPROTO_ICMPV6 58
#define MAXBUF 0xFFFF
/*
* Pre-fabricated packets.
@@ -119,10 +97,7 @@ int __cdecl main(int argc, char **argv)
PWINDIVERT_ICMPV6HDR icmpv6_header;
PWINDIVERT_TCPHDR tcp_header;
PWINDIVERT_UDPHDR udp_header;
UINT32 src_addr[4], dst_addr[4];
char src_str[INET6_ADDRSTRLEN+1], dst_str[INET6_ADDRSTRLEN+1];
UINT payload_len;
const char *err_str;
TCPPACKET reset0;
PTCPPACKET reset = &reset0;
@@ -150,7 +125,7 @@ int __cdecl main(int argc, char **argv)
fprintf(stderr, "\t%s true\n", argv[0]);
fprintf(stderr, "\t%s \"outbound and tcp.DstPort == 80\" 1000\n",
argv[0]);
fprintf(stderr, "\t%s \"inbound and tcp.Syn\" -400\n", argv[0]);
fprintf(stderr, "\t%s \"inbound and tcp.Syn\" -4000\n", argv[0]);
exit(EXIT_FAILURE);
}
@@ -177,11 +152,9 @@ int __cdecl main(int argc, char **argv)
handle = WinDivertOpen(argv[1], WINDIVERT_LAYER_NETWORK, priority, 0);
if (handle == INVALID_HANDLE_VALUE)
{
if (GetLastError() == ERROR_INVALID_PARAMETER &&
!WinDivertHelperCompileFilter(argv[1], WINDIVERT_LAYER_NETWORK,
NULL, 0, &err_str, NULL))
if (GetLastError() == ERROR_INVALID_PARAMETER)
{
fprintf(stderr, "error: invalid filter \"%s\"\n", err_str);
fprintf(stderr, "error: filter syntax error\n");
exit(EXIT_FAILURE);
}
fprintf(stderr, "error: failed to open the WinDivert device (%d)\n",
@@ -193,17 +166,17 @@ int __cdecl main(int argc, char **argv)
while (TRUE)
{
// Read a matching packet.
if (!WinDivertRecv(handle, packet, sizeof(packet), &packet_len,
&recv_addr))
if (!WinDivertRecv(handle, packet, sizeof(packet), &recv_addr,
&packet_len))
{
fprintf(stderr, "warning: failed to read packet\n");
continue;
}
// Print info about the matching packet.
WinDivertHelperParsePacket(packet, packet_len, &ip_header, &ipv6_header,
NULL, &icmp_header, &icmpv6_header, &tcp_header, &udp_header, NULL,
&payload_len, NULL, NULL);
WinDivertHelperParsePacket(packet, packet_len, &ip_header,
&ipv6_header, &icmp_header, &icmpv6_header, &tcp_header,
&udp_header, NULL, &payload_len);
if (ip_header == NULL && ipv6_header == NULL)
{
continue;
@@ -216,21 +189,28 @@ int __cdecl main(int argc, char **argv)
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
if (ip_header != NULL)
{
WinDivertHelperFormatIPv4Address(ntohl(ip_header->SrcAddr),
src_str, sizeof(src_str));
WinDivertHelperFormatIPv4Address(ntohl(ip_header->DstAddr),
dst_str, sizeof(dst_str));
UINT8 *src_addr = (UINT8 *)&ip_header->SrcAddr;
UINT8 *dst_addr = (UINT8 *)&ip_header->DstAddr;
printf("ip.SrcAddr=%u.%u.%u.%u ip.DstAddr=%u.%u.%u.%u ",
src_addr[0], src_addr[1], src_addr[2], src_addr[3],
dst_addr[0], dst_addr[1], dst_addr[2], dst_addr[3]);
}
if (ipv6_header != NULL)
{
WinDivertHelperNtohIPv6Address(ipv6_header->SrcAddr, src_addr);
WinDivertHelperNtohIPv6Address(ipv6_header->DstAddr, dst_addr);
WinDivertHelperFormatIPv6Address(src_addr, src_str,
sizeof(src_str));
WinDivertHelperFormatIPv6Address(dst_addr, dst_str,
sizeof(dst_str));
UINT16 *src_addr = (UINT16 *)&ipv6_header->SrcAddr;
UINT16 *dst_addr = (UINT16 *)&ipv6_header->DstAddr;
fputs("ipv6.SrcAddr=", stdout);
for (i = 0; i < 8; i++)
{
printf("%x%c", ntohs(src_addr[i]), (i == 7? ' ': ':'));
}
fputs(" ipv6.DstAddr=", stdout);
for (i = 0; i < 8; i++)
{
printf("%x%c", ntohs(dst_addr[i]), (i == 7? ' ': ':'));
}
putchar(' ');
}
printf("ip.SrcAddr=%s ip.DstAddr=%s ", src_str, dst_str);
if (icmp_header != NULL)
{
printf("icmp.Type=%u icmp.Code=%u ",
@@ -287,12 +267,13 @@ int __cdecl main(int argc, char **argv)
htonl(ntohl(tcp_header->SeqNum) + 1):
htonl(ntohl(tcp_header->SeqNum) + payload_len));
memcpy(&send_addr, &recv_addr, sizeof(send_addr));
send_addr.Outbound = !recv_addr.Outbound;
WinDivertHelperCalcChecksums((PVOID)reset, sizeof(TCPPACKET),
&send_addr, 0);
0);
memcpy(&send_addr, &recv_addr, sizeof(send_addr));
send_addr.Direction = !recv_addr.Direction;
if (!WinDivertSend(handle, (PVOID)reset, sizeof(TCPPACKET),
NULL, &send_addr))
&send_addr, NULL))
{
fprintf(stderr, "warning: failed to send TCP reset (%d)\n",
GetLastError());
@@ -314,12 +295,13 @@ int __cdecl main(int argc, char **argv)
htonl(ntohl(tcp_header->SeqNum) + 1):
htonl(ntohl(tcp_header->SeqNum) + payload_len));
memcpy(&send_addr, &recv_addr, sizeof(send_addr));
send_addr.Outbound = !recv_addr.Outbound;
WinDivertHelperCalcChecksums((PVOID)resetv6,
sizeof(TCPV6PACKET), &send_addr, 0);
sizeof(TCPV6PACKET), 0);
memcpy(&send_addr, &recv_addr, sizeof(send_addr));
send_addr.Direction = !recv_addr.Direction;
if (!WinDivertSend(handle, (PVOID)resetv6, sizeof(TCPV6PACKET),
NULL, &send_addr))
&send_addr, NULL))
{
fprintf(stderr, "warning: failed to send TCP (IPV6) "
"reset (%d)\n", GetLastError());
@@ -340,12 +322,12 @@ int __cdecl main(int argc, char **argv)
dnr->ip.SrcAddr = ip_header->DstAddr;
dnr->ip.DstAddr = ip_header->SrcAddr;
WinDivertHelperCalcChecksums((PVOID)dnr, icmp_length, 0);
memcpy(&send_addr, &recv_addr, sizeof(send_addr));
send_addr.Outbound = !recv_addr.Outbound;
WinDivertHelperCalcChecksums((PVOID)dnr, icmp_length,
&send_addr, 0);
if (!WinDivertSend(handle, (PVOID)dnr, icmp_length, NULL,
&send_addr))
send_addr.Direction = !recv_addr.Direction;
if (!WinDivertSend(handle, (PVOID)dnr, icmp_length, &send_addr,
NULL))
{
fprintf(stderr, "warning: failed to send ICMP message "
"(%d)\n", GetLastError());
@@ -363,12 +345,12 @@ int __cdecl main(int argc, char **argv)
memcpy(dnrv6->ipv6.DstAddr, ipv6_header->SrcAddr,
sizeof(dnrv6->ipv6.DstAddr));
WinDivertHelperCalcChecksums((PVOID)dnrv6, icmpv6_length, 0);
memcpy(&send_addr, &recv_addr, sizeof(send_addr));
send_addr.Outbound = !recv_addr.Outbound;
WinDivertHelperCalcChecksums((PVOID)dnrv6, icmpv6_length,
&send_addr, 0);
send_addr.Direction = !recv_addr.Direction;
if (!WinDivertSend(handle, (PVOID)dnrv6, icmpv6_length,
NULL, &send_addr))
&send_addr, NULL))
{
fprintf(stderr, "warning: failed to send ICMPv6 message "
"(%d)\n", GetLastError());
examples/netfilter/netfilter.vcxproj
+58 -73
View File
@@ -1,73 +1,58 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
netfilter.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="netfilter.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<AdditionalIncludeDirectories>..\..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>netfilter</RootNamespace>
<ProjectName>netfilter</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<ConfigurationType>Application</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<Link>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..\..\install\MSVC\i386\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..\..\install\MSVC\amd64\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup>
<ConfigurationType>Application</ConfigurationType>
<TARGETNAME>netfilter</TARGETNAME>
<Configuration>Release</Configuration>
</PropertyGroup>
<ItemDefinitionGroup>
<ClCompile>
<AdditionalIncludeDirectories>..\..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;..\..\install\MSVC\WinDivert.lib</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Debug'">
<UseDebugLibraries>True</UseDebugLibraries>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Release'">
<UseDebugLibraries>False</UseDebugLibraries>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props"/>
<ItemGroup>
<ClCompile Include="netfilter.c"/>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets"/>
</Project>
examples/netfilter/sources
+36
View File
@@ -0,0 +1,36 @@
# sources
# (C) 2014, all rights reserved,
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
!IF "$(_BUILDARCH)" == "x86"
CPU=i386
!ELSE
CPU=$(_BUILDARCH)
!ENDIF
TARGETNAME=netfilter
TARGETTYPE=PROGRAM
TARGETPATH=..\..\install\WDDK
TARGETLIBS=\
$(SDK_LIB_PATH)\setupapi.lib \
$(SDK_LIB_PATH)\user32.lib \
$(SDK_LIB_PATH)\ws2_32.lib \
$(TARGETPATH)\$(CPU)\WinDivert.lib
UMTYPE=console
UMENTRY=main
USE_MSVCRT=1
INCLUDES=$(DDK_INC_PATH);$(KMDF_INC_PATH)\$(KMDF_VER_PATH);..\..\include
SOURCES=netfilter.c
examples/passthru/Makefile
+1
View File
@@ -0,0 +1 @@
!INCLUDE $(NTMAKEENV)\makefile.def
examples/passthru/passthru.c
+30 -105
View File
@@ -1,35 +1,19 @@
/*
* passthru.c
* (C) 2019, all rights reserved,
* (C) 2014, all rights reserved,
*
* This file is part of WinDivert.
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/*
@@ -37,7 +21,7 @@
* This program does nothing except divert packets and re-inject them. This is
* useful for performance testing.
*
* usage: passthru.exe [windivert-filter] [num-threads] [batch-size] [priority]
* usage: netdump.exe windivert-filter num-threads
*/
#include <winsock2.h>
@@ -47,13 +31,7 @@
#include "windivert.h"
#define MTU 1500
typedef struct
{
HANDLE handle;
int batch;
} CONFIG, *PCONFIG;
#define MAXBUF 0xFFFF
static DWORD passthru(LPVOID arg);
@@ -62,54 +40,23 @@ static DWORD passthru(LPVOID arg);
*/
int __cdecl main(int argc, char **argv)
{
const char *filter = "true";
int threads = 1, batch = 1, priority = 0;
int i;
int num_threads, i;
HANDLE handle, thread;
CONFIG config;
if (argc > 5)
if (argc != 3)
{
fprintf(stderr, "usage: %s [filter] [num-threads] [batch-size] "
"[priority]\n", argv[0]);
fprintf(stderr, "usage: %s filter num-threads\n", argv[0]);
exit(EXIT_FAILURE);
}
if (argc >= 2)
num_threads = atoi(argv[2]);
if (num_threads < 1 || num_threads > 64)
{
filter = argv[1];
}
if (argc >= 3)
{
threads = atoi(argv[2]);
if (threads < 1 || threads > 64)
{
fprintf(stderr, "error: invalid number of threads\n");
exit(EXIT_FAILURE);
}
}
if (argc >= 4)
{
batch = atoi(argv[3]);
if (batch <= 0 || batch > WINDIVERT_BATCH_MAX)
{
fprintf(stderr, "error: invalid batch size\n");
exit(EXIT_FAILURE);
}
}
if (argc >= 5)
{
priority = atoi(argv[4]);
if (priority < WINDIVERT_PRIORITY_LOWEST ||
priority > WINDIVERT_PRIORITY_HIGHEST)
{
fprintf(stderr, "error: invalid priority value\n");
exit(EXIT_FAILURE);
}
fprintf(stderr, "error: invalid number of threads\n");
exit(EXIT_FAILURE);
}
// Divert traffic matching the filter:
handle = WinDivertOpen(filter, WINDIVERT_LAYER_NETWORK, (INT16)priority,
0);
handle = WinDivertOpen(argv[1], WINDIVERT_LAYER_NETWORK, 0, 0);
if (handle == INVALID_HANDLE_VALUE)
{
if (GetLastError() == ERROR_INVALID_PARAMETER)
@@ -123,22 +70,20 @@ int __cdecl main(int argc, char **argv)
}
// Start the threads
config.handle = handle;
config.batch = batch;
for (i = 1; i < threads; i++)
for (i = 1; i < num_threads; i++)
{
thread = CreateThread(NULL, 1, (LPTHREAD_START_ROUTINE)passthru,
(LPVOID)&config, 0, NULL);
(LPVOID)handle, 0, NULL);
if (thread == NULL)
{
fprintf(stderr, "error: failed to start passthru thread (%d)\n",
fprintf(stderr, "error: failed to start passthru thread (%u)\n",
GetLastError());
exit(EXIT_FAILURE);
}
}
// Main thread:
passthru((LPVOID)&config);
passthru((LPVOID)handle);
return 0;
}
@@ -146,44 +91,24 @@ int __cdecl main(int argc, char **argv)
// Passthru thread.
static DWORD passthru(LPVOID arg)
{
UINT8 *packet;
UINT packet_len, recv_len, addr_len;
WINDIVERT_ADDRESS *addr;
PCONFIG config = (PCONFIG)arg;
HANDLE handle;
int batch;
handle = config->handle;
batch = config->batch;
packet_len = batch * MTU;
packet_len =
(packet_len < WINDIVERT_MTU_MAX? WINDIVERT_MTU_MAX: packet_len);
packet = (UINT8 *)malloc(packet_len);
addr = (WINDIVERT_ADDRESS *)malloc(batch * sizeof(WINDIVERT_ADDRESS));
if (packet == NULL || addr == NULL)
{
fprintf(stderr, "error: failed to allocate buffer (%d)\n",
GetLastError());
exit(EXIT_FAILURE);
}
unsigned char packet[MAXBUF];
UINT packet_len;
WINDIVERT_ADDRESS addr;
HANDLE handle = (HANDLE)arg;
// Main loop:
while (TRUE)
{
// Read a matching packet.
addr_len = batch * sizeof(WINDIVERT_ADDRESS);
if (!WinDivertRecvEx(handle, packet, packet_len, &recv_len, 0,
addr, &addr_len, NULL))
if (!WinDivertRecv(handle, packet, sizeof(packet), &addr, &packet_len))
{
fprintf(stderr, "warning: failed to read packet (%d)\n",
GetLastError());
continue;
}
// Re-inject the matching packet.
if (!WinDivertSendEx(handle, packet, recv_len, NULL, 0, addr,
addr_len, NULL))
if (!WinDivertSend(handle, packet, packet_len, &addr, NULL))
{
fprintf(stderr, "warning: failed to reinject packet (%d)\n",
GetLastError());
examples/passthru/passthru.vcxproj
+58 -73
View File
@@ -1,73 +1,58 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
passthru.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="passthru.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<AdditionalIncludeDirectories>..\..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>passthru</RootNamespace>
<ProjectName>passthru</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<ConfigurationType>Application</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<Link>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..\..\install\MSVC\i386\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..\..\install\MSVC\amd64\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup>
<ConfigurationType>Application</ConfigurationType>
<TARGETNAME>passthru</TARGETNAME>
<Configuration>Release</Configuration>
</PropertyGroup>
<ItemDefinitionGroup>
<ClCompile>
<AdditionalIncludeDirectories>..\..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;..\..\install\MSVC\WinDivert.lib</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Debug'">
<UseDebugLibraries>True</UseDebugLibraries>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Release'">
<UseDebugLibraries>False</UseDebugLibraries>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props"/>
<ItemGroup>
<ClCompile Include="passthru.c"/>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets"/>
</Project>
examples/passthru/sources
+36
View File
@@ -0,0 +1,36 @@
# sources
# (C) 2014, all rights reserved,
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
!IF "$(_BUILDARCH)" == "x86"
CPU=i386
!ELSE
CPU=$(_BUILDARCH)
!ENDIF
TARGETNAME=passthru
TARGETTYPE=PROGRAM
TARGETPATH=..\..\install\WDDK
TARGETLIBS=\
$(SDK_LIB_PATH)\setupapi.lib \
$(SDK_LIB_PATH)\user32.lib \
$(SDK_LIB_PATH)\ws2_32.lib \
$(TARGETPATH)\$(CPU)\WinDivert.lib
UMTYPE=console
UMENTRY=main
USE_MSVCRT=1
INCLUDES=$(DDK_INC_PATH);$(KMDF_INC_PATH)\$(KMDF_VER_PATH);..\..\include
SOURCES=passthru.c
examples/socketdump/socketdump.c
-247
View File
@@ -1,247 +0,0 @@
/*
* socketdump.c
* (C) 2019, all rights reserved,
*
* This file is part of WinDivert.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/*
* DESCRIPTION:
*
* usage: socketdump.exe [filter]
* socketdump.exe --block [filter]
*/
#include <winsock2.h>
#include <windows.h>
#include <psapi.h>
#include <shlwapi.h>
#include <stdio.h>
#include <stdlib.h>
#include "windivert.h"
#define INET6_ADDRSTRLEN 45
/*
* Entry.
*/
int __cdecl main(int argc, char **argv)
{
HANDLE handle, process, console;
INT16 priority = 1121; // Arbitrary.
const char *filter = "true", *err_str;
char path[MAX_PATH+1];
char local_str[INET6_ADDRSTRLEN+1], remote_str[INET6_ADDRSTRLEN+1];
char *filename;
DWORD path_len;
WINDIVERT_ADDRESS addr;
BOOL block = FALSE;
switch (argc)
{
case 1:
break;
case 2:
if (strcmp(argv[1], "--block") == 0)
{
block = TRUE;
}
else
{
filter = argv[1];
}
break;
case 3:
if (strcmp(argv[1], "--block") == 0)
{
block = TRUE;
filter = argv[2];
break;
}
// Fallthrough:
default:
fprintf(stderr, "usage: %s [filter]\n", argv[0]);
fprintf(stderr, " %s --block [filter]\n", argv[0]);
exit(EXIT_FAILURE);
}
// Open WinDivert SOCKET handle:
handle = WinDivertOpen(filter, WINDIVERT_LAYER_SOCKET, priority,
(block? 0: WINDIVERT_FLAG_SNIFF) | WINDIVERT_FLAG_RECV_ONLY);
if (handle == INVALID_HANDLE_VALUE)
{
if (GetLastError() == ERROR_INVALID_PARAMETER &&
!WinDivertHelperCompileFilter(filter, WINDIVERT_LAYER_SOCKET,
NULL, 0, &err_str, NULL))
{
fprintf(stderr, "error: invalid filter \"%s\"\n", err_str);
exit(EXIT_FAILURE);
}
fprintf(stderr, "error: failed to open the WinDivert device (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
// Main loop:
console = GetStdHandle(STD_OUTPUT_HANDLE);
while (TRUE)
{
if (!WinDivertRecv(handle, NULL, 0, NULL, &addr))
{
fprintf(stderr, "failed to read packet (%d)\n", GetLastError());
continue;
}
switch (addr.Event)
{
case WINDIVERT_EVENT_SOCKET_BIND:
SetConsoleTextAttribute(console, FOREGROUND_GREEN);
printf("BIND");
break;
case WINDIVERT_EVENT_SOCKET_LISTEN:
SetConsoleTextAttribute(console, FOREGROUND_GREEN);
printf("LISTEN");
break;
case WINDIVERT_EVENT_SOCKET_CONNECT:
SetConsoleTextAttribute(console, FOREGROUND_GREEN);
printf("CONNECT");
break;
case WINDIVERT_EVENT_SOCKET_ACCEPT:
SetConsoleTextAttribute(console, FOREGROUND_GREEN);
printf("ACCEPT");
break;
case WINDIVERT_EVENT_SOCKET_CLOSE:
SetConsoleTextAttribute(console, FOREGROUND_RED);
printf("CLOSE");
break;
default:
SetConsoleTextAttribute(console, FOREGROUND_BLUE);
printf("???");
break;
}
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN |
FOREGROUND_BLUE);
printf(" pid=");
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
printf("%u", addr.Socket.ProcessId);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN |
FOREGROUND_BLUE);
printf(" program=");
process = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE,
addr.Socket.ProcessId);
path_len = 0;
if (process != NULL)
{
path_len = GetProcessImageFileName(process, path, sizeof(path));
CloseHandle(process);
}
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
if (path_len != 0)
{
filename = PathFindFileName(path);
printf("%s", filename);
}
else if (addr.Socket.ProcessId == 4)
{
printf("Windows");
}
else
{
printf("???");
}
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN |
FOREGROUND_BLUE);
printf(" endpoint=");
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
printf("%lu", addr.Socket.EndpointId);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN |
FOREGROUND_BLUE);
printf(" parent=");
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
printf("%lu", addr.Socket.ParentEndpointId);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN |
FOREGROUND_BLUE);
printf(" protocol=");
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
switch (addr.Socket.Protocol)
{
case IPPROTO_TCP:
printf("TCP");
break;
case IPPROTO_UDP:
printf("UDP");
break;
case IPPROTO_ICMP:
printf("ICMP");
break;
case IPPROTO_ICMPV6:
printf("ICMPV6");
break;
default:
printf("%u", addr.Socket.Protocol);
break;
}
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN |
FOREGROUND_BLUE);
WinDivertHelperFormatIPv6Address(addr.Socket.LocalAddr, local_str,
sizeof(local_str));
if (addr.Socket.LocalPort != 0 || strcmp(local_str, "::") != 0)
{
printf(" local=");
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
printf("[%s]:%u", local_str, addr.Socket.LocalPort);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN |
FOREGROUND_BLUE);
}
WinDivertHelperFormatIPv6Address(addr.Socket.RemoteAddr, remote_str,
sizeof(remote_str));
if (addr.Socket.RemotePort != 0 || strcmp(remote_str, "::") != 0)
{
printf(" remote=");
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
printf("[%s]:%u", remote_str, addr.Socket.RemotePort);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN |
FOREGROUND_BLUE);
}
putchar('\n');
}
return 0;
}
examples/socketdump/socketdump.vcxproj
-73
View File
@@ -1,73 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
socketdump.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="socketdump.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<AdditionalIncludeDirectories>..\..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>socketdump</RootNamespace>
<ProjectName>socketdump</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<ConfigurationType>Application</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<Link>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..\..\install\MSVC\i386\WinDivert.lib;shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..\..\install\MSVC\amd64\WinDivert.lib;shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
examples/streamdump/streamdump.c
-462
View File
@@ -1,462 +0,0 @@
/*
* streamdump.c
* (C) 2019, all rights reserved,
*
* This file is part of WinDivert.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/*
* DESCRIPTION:
*
* This program demonstrates how to handle streams using WinDivert.
*
* The program works by "reflecting" outbound TCP connections into inbound
* TCP connections that are handled by a simple proxy server.
*
* usage: streamdump.exe port
*/
#include <winsock2.h>
#include <windows.h>
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include "windivert.h"
#define MAXBUF WINDIVERT_MTU_MAX
#define PROXY_PORT 34010
#define ALT_PORT 43010
#define MAX_LINE 65
/*
* Proxy server configuration.
*/
typedef struct
{
UINT16 proxy_port;
UINT16 alt_port;
} PROXY_CONFIG, *PPROXY_CONFIG;
typedef struct
{
SOCKET s;
UINT16 alt_port;
struct in_addr dest;
} PROXY_CONNECTION_CONFIG, *PPROXY_CONNECTION_CONFIG;
typedef struct
{
BOOL inbound;
SOCKET s;
SOCKET t;
} PROXY_TRANSFER_CONFIG, *PPROXY_TRANSFER_CONFIG;
/*
* Lock to sync output.
*/
static HANDLE lock;
/*
* Prototypes.
*/
static DWORD proxy(LPVOID arg);
static DWORD proxy_connection_handler(LPVOID arg);
static DWORD proxy_transfer_handler(LPVOID arg);
/*
* Error handling.
*/
static void message(const char *msg, ...)
{
va_list args;
va_start(args, msg);
WaitForSingleObject(lock, INFINITE);
vfprintf(stderr, msg, args);
putc('\n', stderr);
ReleaseMutex(lock);
va_end(args);
}
#define error(msg, ...) \
do { \
message("error: " msg, ## __VA_ARGS__); \
exit(EXIT_FAILURE); \
} while (FALSE)
#define warning(msg, ...) \
message("warning: " msg, ## __VA_ARGS__)
/*
* Entry.
*/
int __cdecl main(int argc, char **argv)
{
HANDLE handle, thread;
UINT16 port, proxy_port, alt_port;
int r;
char filter[256];
INT16 priority = 123; // Arbitrary.
PPROXY_CONFIG config;
unsigned char packet[MAXBUF];
UINT packet_len;
WINDIVERT_ADDRESS addr;
PWINDIVERT_IPHDR ip_header;
PWINDIVERT_TCPHDR tcp_header;
DWORD len;
// Init.
if (argc != 2)
{
fprintf(stderr, "usage: %s dest-port\n", argv[0]);
exit(EXIT_FAILURE);
}
port = (UINT16)atoi(argv[1]);
if (port < 0 || port > 0xFFFF)
{
fprintf(stderr, "error: invalid port number (%d)\n", port);
exit(EXIT_FAILURE);
}
proxy_port = (port == PROXY_PORT? PROXY_PORT+1: PROXY_PORT);
alt_port = (port == ALT_PORT? ALT_PORT+1: ALT_PORT);
lock = CreateMutex(NULL, FALSE, NULL);
if (lock == NULL)
{
fprintf(stderr, "error: failed to create mutex (%d)\n",
GetLastError());
exit(EXIT_FAILURE);
}
// Divert all traffic to/from `port', `proxy_port' and `alt_port'.
r = snprintf(filter, sizeof(filter),
"tcp and "
"(tcp.DstPort == %d or tcp.DstPort == %d or tcp.DstPort == %d or "
"tcp.SrcPort == %d or tcp.SrcPort == %d or tcp.SrcPort == %d)",
port, proxy_port, alt_port, port, proxy_port, alt_port);
if (r < 0 || r >= sizeof(filter))
{
error("failed to create filter string");
}
handle = WinDivertOpen(filter, WINDIVERT_LAYER_NETWORK, priority, 0);
if (handle == INVALID_HANDLE_VALUE)
{
error("failed to open the WinDivert device (%d)", GetLastError());
}
// Spawn proxy thread,
config = (PPROXY_CONFIG)malloc(sizeof(PROXY_CONFIG));
if (config == NULL)
{
error("failed to allocate memory");
}
config->proxy_port = proxy_port;
config->alt_port = alt_port;
thread = CreateThread(NULL, 1, (LPTHREAD_START_ROUTINE)proxy,
(LPVOID)config, 0, NULL);
if (thread == NULL)
{
error("failed to create thread (%d)", GetLastError());
}
CloseHandle(thread);
// Main loop:
while (TRUE)
{
if (!WinDivertRecv(handle, packet, sizeof(packet), &packet_len, &addr))
{
warning("failed to read packet (%d)", GetLastError());
continue;
}
WinDivertHelperParsePacket(packet, packet_len, &ip_header, NULL, NULL,
NULL, NULL, &tcp_header, NULL, NULL, NULL, NULL, NULL);
if (ip_header == NULL || tcp_header == NULL)
{
warning("failed to parse packet (%d)", GetLastError());
continue;
}
if (addr.Outbound)
{
if (tcp_header->DstPort == htons(port))
{
// Reflect: PORT ---> PROXY
UINT32 dst_addr = ip_header->DstAddr;
tcp_header->DstPort = htons(proxy_port);
ip_header->DstAddr = ip_header->SrcAddr;
ip_header->SrcAddr = dst_addr;
addr.Outbound = FALSE;
}
else if (tcp_header->SrcPort == htons(proxy_port))
{
// Reflect: PROXY ---> PORT
UINT32 dst_addr = ip_header->DstAddr;
tcp_header->SrcPort = htons(port);
ip_header->DstAddr = ip_header->SrcAddr;
ip_header->SrcAddr = dst_addr;
addr.Outbound = FALSE;
}
else if (tcp_header->DstPort == htons(alt_port))
{
// Redirect: ALT ---> PORT
tcp_header->DstPort = htons(port);
}
}
else
{
if (tcp_header->SrcPort == htons(port))
{
// Redirect: PORT ---> ALT
tcp_header->SrcPort = htons(alt_port);
}
}
WinDivertHelperCalcChecksums(packet, packet_len, &addr, 0);
if (!WinDivertSend(handle, packet, packet_len, NULL, &addr))
{
warning("failed to send packet (%d)", GetLastError());
continue;
}
}
return 0;
}
/*
* Proxy server thread.
*/
static DWORD proxy(LPVOID arg)
{
PPROXY_CONFIG config = (PPROXY_CONFIG)arg;
UINT16 proxy_port = config->proxy_port;
UINT16 alt_port = config->alt_port;
int on = 1;
WSADATA wsa_data;
WORD wsa_version = MAKEWORD(2, 2);
struct sockaddr_in addr;
SOCKET s;
HANDLE thread;
free(config);
if (WSAStartup(wsa_version, &wsa_data) != 0)
{
error("failed to start WSA (%d)", GetLastError());
}
s = socket(AF_INET, SOCK_STREAM, 0);
if (s == INVALID_SOCKET)
{
error("failed to create socket (%d)", WSAGetLastError());
}
if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (const char*)&on, sizeof(int))
== SOCKET_ERROR)
{
error("failed to re-use address (%d)", GetLastError());
}
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(proxy_port);
if (bind(s, (SOCKADDR *)&addr, sizeof(addr)) == SOCKET_ERROR)
{
error("failed to bind socket (%d)", WSAGetLastError());
}
if (listen(s, 16) == SOCKET_ERROR)
{
error("failed to listen socket (%d)", WSAGetLastError());
}
while (TRUE)
{
// Wait for a new connection.
PPROXY_CONNECTION_CONFIG config;
int size = sizeof(addr);
SOCKET t = accept(s, (SOCKADDR *)&addr, &size);
if (t == INVALID_SOCKET)
{
warning("failed to accept socket (%d)", WSAGetLastError());
continue;
}
// Spawn proxy connection handler thread.
config = (PPROXY_CONNECTION_CONFIG)
malloc(sizeof(PROXY_CONNECTION_CONFIG));
if (config == NULL)
{
error("failed to allocate memory");
}
config->s = t;
config->alt_port = alt_port;
config->dest = addr.sin_addr;
thread = CreateThread(NULL, 1,
(LPTHREAD_START_ROUTINE)proxy_connection_handler,
(LPVOID)config, 0, NULL);
if (thread == NULL)
{
warning("failed to create thread (%d)", GetLastError());
closesocket(t);
free(config);
continue;
}
CloseHandle(thread);
}
}
/*
* Proxy connection handler thread.
*/
static DWORD proxy_connection_handler(LPVOID arg)
{
PPROXY_TRANSFER_CONFIG config1, config2;
HANDLE thread;
PPROXY_CONNECTION_CONFIG config = (PPROXY_CONNECTION_CONFIG)arg;
SOCKET s = config->s, t;
UINT16 alt_port = config->alt_port;
struct in_addr dest = config->dest;
struct sockaddr_in addr;
free(config);
t = socket(AF_INET, SOCK_STREAM, 0);
if (t == INVALID_SOCKET)
{
warning("failed to create socket (%d)", WSAGetLastError());
closesocket(s);
return 0;
}
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(alt_port);
addr.sin_addr = dest;
if (connect(t, (SOCKADDR *)&addr, sizeof(addr)) == SOCKET_ERROR)
{
warning("failed to connect socket (%d)", WSAGetLastError());
closesocket(s);
closesocket(t);
return 0;
}
config1 = (PPROXY_TRANSFER_CONFIG)malloc(sizeof(PROXY_TRANSFER_CONFIG));
config2 = (PPROXY_TRANSFER_CONFIG)malloc(sizeof(PROXY_TRANSFER_CONFIG));
if (config1 == NULL || config2 == NULL)
{
error("failed to allocate memory");
}
config1->inbound = FALSE;
config2->inbound = TRUE;
config2->t = config1->s = s;
config2->s = config1->t = t;
thread = CreateThread(NULL, 1,
(LPTHREAD_START_ROUTINE)proxy_transfer_handler, (LPVOID)config1, 0,
NULL);
if (thread == NULL)
{
warning("failed to create thread (%d)", GetLastError());
closesocket(s);
closesocket(t);
free(config1);
free(config2);
return 0;
}
proxy_transfer_handler((LPVOID)config2);
WaitForSingleObject(thread, INFINITE);
CloseHandle(thread);
closesocket(s);
closesocket(t);
return 0;
}
/*
* Handle the transfer of data from one socket to another.
*/
static DWORD proxy_transfer_handler(LPVOID arg)
{
PPROXY_TRANSFER_CONFIG config = (PPROXY_TRANSFER_CONFIG)arg;
BOOL inbound = config->inbound;
SOCKET s = config->s, t = config->t;
char buf[8192];
int len, len2, i;
HANDLE console;
free(config);
while (TRUE)
{
// Read data from s.
len = recv(s, buf, sizeof(buf), 0);
if (len == SOCKET_ERROR)
{
warning("failed to recv from socket (%d)", WSAGetLastError());
shutdown(s, SD_BOTH);
shutdown(t, SD_BOTH);
return 0;
}
if (len == 0)
{
shutdown(s, SD_RECEIVE);
shutdown(t, SD_SEND);
return 0;
}
// Dump stream information to the screen.
console = GetStdHandle(STD_OUTPUT_HANDLE);
WaitForSingleObject(lock, INFINITE);
printf("[%.4d] ", len);
SetConsoleTextAttribute(console,
(inbound? FOREGROUND_RED: FOREGROUND_GREEN));
for (i = 0; i < len && i < MAX_LINE; i++)
{
putchar((isprint(buf[i])? buf[i]: '.'));
}
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
printf("%s\n", (len > MAX_LINE? "...": ""));
ReleaseMutex(lock);
// Send data to t.
for (i = 0; i < len; )
{
len2 = send(t, buf+i, len-i, 0);
if (len2 == SOCKET_ERROR)
{
warning("failed to send to socket (%d)", WSAGetLastError());
shutdown(s, SD_BOTH);
shutdown(t, SD_BOTH);
return 0;
}
i += len2;
}
}
return 0;
}
examples/streamdump/streamdump.vcxproj
-73
View File
@@ -1,73 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
streamdump.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="streamdump.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<AdditionalIncludeDirectories>..\..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>streamdump</RootNamespace>
<ProjectName>streamdump</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<ConfigurationType>Application</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<Link>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..\..\install\MSVC\i386\WinDivert.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..\..\install\MSVC\amd64\WinDivert.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
examples/webfilter/Makefile
+1
View File
@@ -0,0 +1 @@
!INCLUDE $(NTMAKEENV)\makefile.def
examples/webfilter/sources
+36
View File
@@ -0,0 +1,36 @@
# sources
# (C) 2014, all rights reserved,
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
!IF "$(_BUILDARCH)" == "x86"
CPU=i386
!ELSE
CPU=$(_BUILDARCH)
!ENDIF
TARGETNAME=webfilter
TARGETTYPE=PROGRAM
TARGETPATH=..\..\install\WDDK
TARGETLIBS=\
$(SDK_LIB_PATH)\setupapi.lib \
$(SDK_LIB_PATH)\user32.lib \
$(SDK_LIB_PATH)\ws2_32.lib \
$(TARGETPATH)\$(CPU)\WinDivert.lib
UMTYPE=console
UMENTRY=main
USE_MSVCRT=1
INCLUDES=$(DDK_INC_PATH);$(KMDF_INC_PATH)\$(KMDF_VER_PATH);..\..\include
SOURCES=webfilter.c
examples/webfilter/webfilter.c
+24 -47
View File
@@ -1,35 +1,19 @@
/*
* webfilter.c
* (C) 2019, all rights reserved,
* (C) 2014, all rights reserved,
*
* This file is part of WinDivert.
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/*
@@ -42,19 +26,15 @@
* blockpage to the browser.
*/
#include <winsock2.h>
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include "windivert.h"
#define ntohs(x) WinDivertHelperNtohs(x)
#define ntohl(x) WinDivertHelperNtohl(x)
#define htons(x) WinDivertHelperHtons(x)
#define htonl(x) WinDivertHelperHtonl(x)
#define MAXBUF WINDIVERT_MTU_MAX
#define MAXURL 4096
#define MAXBUF 0xFFFF
#define MAXURL 4096
/*
* URL and blacklist representation.
@@ -180,7 +160,6 @@ int __cdecl main(int argc, char **argv)
// Open the Divert device:
handle = WinDivertOpen(
"outbound && " // Outbound traffic only
"!loopback && " // No loopback traffic
"ip && " // Only IPv4 supported
"tcp.DstPort == 80 && " // HTTP (port 80) only
"tcp.PayloadLength > 0", // TCP data packets only
@@ -197,21 +176,19 @@ int __cdecl main(int argc, char **argv)
// Main loop:
while (TRUE)
{
if (!WinDivertRecv(handle, packet, sizeof(packet), &packet_len, &addr))
if (!WinDivertRecv(handle, packet, sizeof(packet), &addr, &packet_len))
{
fprintf(stderr, "warning: failed to read packet (%d)\n",
GetLastError());
continue;
}
WinDivertHelperParsePacket(packet, packet_len, &ip_header, NULL,
NULL, NULL, NULL, &tcp_header, NULL, &payload, &payload_len,
NULL, NULL);
if (ip_header == NULL || tcp_header == NULL || payload == NULL ||
if (!WinDivertHelperParsePacket(packet, packet_len, &ip_header, NULL,
NULL, NULL, &tcp_header, NULL, &payload, &payload_len) ||
!BlackListPayloadMatch(blacklist, payload, (UINT16)payload_len))
{
// Packet does not match the blacklist; simply reinject it.
if (!WinDivertSend(handle, packet, packet_len, NULL, &addr))
if (!WinDivertSend(handle, packet, packet_len, &addr, NULL))
{
fprintf(stderr, "warning: failed to reinject packet (%d)\n",
GetLastError());
@@ -230,8 +207,8 @@ int __cdecl main(int argc, char **argv)
reset->tcp.DstPort = htons(80);
reset->tcp.SeqNum = tcp_header->SeqNum;
reset->tcp.AckNum = tcp_header->AckNum;
WinDivertHelperCalcChecksums((PVOID)reset, sizeof(PACKET), &addr, 0);
if (!WinDivertSend(handle, (PVOID)reset, sizeof(PACKET), NULL, &addr))
WinDivertHelperCalcChecksums((PVOID)reset, sizeof(PACKET), 0);
if (!WinDivertSend(handle, (PVOID)reset, sizeof(PACKET), &addr, NULL))
{
fprintf(stderr, "warning: failed to send reset packet (%d)\n",
GetLastError());
@@ -244,10 +221,10 @@ int __cdecl main(int argc, char **argv)
blockpage->header.tcp.SeqNum = tcp_header->AckNum;
blockpage->header.tcp.AckNum =
htonl(ntohl(tcp_header->SeqNum) + payload_len);
addr.Outbound = !addr.Outbound; // Reverse direction.
WinDivertHelperCalcChecksums((PVOID)blockpage, blockpage_len, &addr, 0);
if (!WinDivertSend(handle, (PVOID)blockpage, blockpage_len, NULL,
&addr))
WinDivertHelperCalcChecksums((PVOID)blockpage, blockpage_len, 0);
addr.Direction = !addr.Direction; // Reverse direction.
if (!WinDivertSend(handle, (PVOID)blockpage, blockpage_len, &addr,
NULL))
{
fprintf(stderr, "warning: failed to send block page packet (%d)\n",
GetLastError());
@@ -263,8 +240,8 @@ int __cdecl main(int argc, char **argv)
htonl(ntohl(tcp_header->AckNum) + sizeof(block_data) - 1);
finish->tcp.AckNum =
htonl(ntohl(tcp_header->SeqNum) + payload_len);
WinDivertHelperCalcChecksums((PVOID)finish, sizeof(PACKET), &addr, 0);
if (!WinDivertSend(handle, (PVOID)finish, sizeof(PACKET), NULL, &addr))
WinDivertHelperCalcChecksums((PVOID)finish, sizeof(PACKET), 0);
if (!WinDivertSend(handle, (PVOID)finish, sizeof(PACKET), &addr, NULL))
{
fprintf(stderr, "warning: failed to send finish packet (%d)\n",
GetLastError());
examples/webfilter/webfilter.vcxproj
+58 -73
View File
@@ -1,73 +1,58 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
webfilter.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="webfilter.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<AdditionalIncludeDirectories>..\..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>webfilter</RootNamespace>
<ProjectName>webfilter</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<ConfigurationType>Application</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<Link>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..\..\install\MSVC\i386\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..\..\install\MSVC\amd64\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup>
<ConfigurationType>Application</ConfigurationType>
<TARGETNAME>webfilter</TARGETNAME>
<Configuration>Release</Configuration>
</PropertyGroup>
<ItemDefinitionGroup>
<ClCompile>
<AdditionalIncludeDirectories>..\..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;..\..\install\MSVC\WinDivert.lib</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<PlatformToolset>v110</PlatformToolset>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Debug'">
<UseDebugLibraries>True</UseDebugLibraries>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='Release'">
<UseDebugLibraries>False</UseDebugLibraries>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props"/>
<ItemGroup>
<ClCompile Include="webfilter.c"/>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets"/>
</Project>
examples/windivertctl/windivertctl.c
-392
View File
@@ -1,392 +0,0 @@
/*
* windivertctl.c
* (C) 2019, all rights reserved,
*
* This file is part of WinDivert.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/*
* DESCRIPTION:
*
* usage: windivertctl.exe list
*/
#include <winsock2.h>
#include <windows.h>
#include <psapi.h>
#include <shlwapi.h>
#include <stdio.h>
#include <stdlib.h>
#include "windivert.h"
#define MAX_PACKET 0xFFFF
#define MAX_FILTER_LEN 30000
/*
* Modes.
*/
typedef enum
{
LIST,
WATCH,
KILL,
UNINSTALL
} MODE;
/*
* Entry.
*/
int __cdecl main(int argc, char **argv)
{
HANDLE handle, process, console, mutex;
INT16 priority = -333; // Arbitrary.
UINT packet_len;
static UINT8 packet[MAX_PACKET];
static char path[MAX_PATH+1];
static char filter_str[MAX_FILTER_LEN];
DWORD path_len;
BOOL or;
WINDIVERT_ADDRESS addr;
ULONGLONG freq, start_count;
LARGE_INTEGER li;
MODE mode;
SC_HANDLE manager = NULL, service = NULL;
SERVICE_STATUS status;
const char *filter = "true";
const char *err_str = NULL;
if (argc != 2 && argc != 3)
{
usage:
fprintf(stderr, "usage: %s (list|watch|kill) [filter]\n", argv[0]);
fprintf(stderr, " %s uninstall\n", argv[0]);
exit(EXIT_FAILURE);
}
if (strcmp(argv[1], "list") == 0)
{
mode = LIST;
}
else if (strcmp(argv[1], "watch") == 0)
{
mode = WATCH;
}
else if (strcmp(argv[1], "kill") == 0)
{
mode = KILL;
}
else if (strcmp(argv[1], "uninstall") == 0)
{
if (argc != 2)
{
goto usage;
}
mode = UNINSTALL;
}
else
{
goto usage;
}
if (argc == 3)
{
filter = argv[2];
}
// Time management
QueryPerformanceFrequency(&li);
freq = li.QuadPart;
QueryPerformanceCounter(&li);
start_count = li.QuadPart;
// Open WinDivert REFLECT handle:
handle = WinDivertOpen(filter, WINDIVERT_LAYER_REFLECT, priority,
WINDIVERT_FLAG_SNIFF | WINDIVERT_FLAG_RECV_ONLY |
(mode == WATCH? 0: WINDIVERT_FLAG_NO_INSTALL));
if (handle == INVALID_HANDLE_VALUE)
{
if (mode != WATCH && GetLastError() == ERROR_SERVICE_DOES_NOT_EXIST)
{
// WinDivert driver is not running, so no open handles.
return 0;
}
if (GetLastError() == ERROR_INVALID_PARAMETER &&
!WinDivertHelperCompileFilter(filter, WINDIVERT_LAYER_REFLECT,
NULL, 0, &err_str, NULL))
{
fprintf(stderr, "error: invalid filter \"%s\"\n", err_str);
exit(EXIT_FAILURE);
}
fprintf(stderr, "error: failed to open the WinDivert device (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
if (mode != WATCH && !WinDivertShutdown(handle, WINDIVERT_SHUTDOWN_BOTH))
{
fprintf(stderr, "error: failed to shutdown WinDivert handle (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
if (!WinDivertSetParam(handle, WINDIVERT_PARAM_QUEUE_LENGTH,
WINDIVERT_PARAM_QUEUE_LENGTH_MAX) ||
!WinDivertSetParam(handle, WINDIVERT_PARAM_QUEUE_SIZE,
WINDIVERT_PARAM_QUEUE_SIZE_MAX) ||
!WinDivertSetParam(handle, WINDIVERT_PARAM_QUEUE_TIME,
WINDIVERT_PARAM_QUEUE_TIME_MAX))
{
fprintf(stderr, "error: failed to set WinDivert handle params (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
// Main loop:
console = GetStdHandle(STD_OUTPUT_HANDLE);
while (TRUE)
{
if (!WinDivertRecv(handle, packet, sizeof(packet), &packet_len, &addr))
{
if (mode != WATCH && GetLastError() == ERROR_NO_DATA)
{
break;
}
fprintf(stderr, "failed to receive event (%d)\n", GetLastError());
continue;
}
switch (addr.Event)
{
case WINDIVERT_EVENT_REFLECT_OPEN:
// Open handle:
if (mode == KILL || mode == UNINSTALL)
{
SetConsoleTextAttribute(console, FOREGROUND_RED);
fputs("KILL", stdout);
}
else
{
SetConsoleTextAttribute(console, FOREGROUND_GREEN);
fputs("OPEN", stdout);
}
break;
case WINDIVERT_EVENT_REFLECT_CLOSE:
// Close handle:
if (mode != WATCH)
{
continue;
}
SetConsoleTextAttribute(console, FOREGROUND_RED);
fputs("CLOSE", stdout);
break;
default:
fputs("???", stdout);
break;
}
process = OpenProcess(
PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_TERMINATE,
FALSE, addr.Reflect.ProcessId);
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
fputs(" time=", stdout);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
printf("%.3fs", (double)(addr.Reflect.Timestamp - (INT64)start_count) /
(double)freq);
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
fputs(" pid=", stdout);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
printf("%u", addr.Reflect.ProcessId);
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
fputs(" exe=", stdout);
path_len = 0;
if (process != NULL)
{
path_len = GetProcessImageFileName(process, path, sizeof(path));
if (mode == KILL || mode == UNINSTALL)
{
TerminateProcess(process, 0);
}
CloseHandle(process);
}
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
printf("%s", (path_len != 0? path: "???"));
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
fputs(" layer=", stdout);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
switch (addr.Reflect.Layer)
{
case WINDIVERT_LAYER_NETWORK:
fputs("NETWORK", stdout);
break;
case WINDIVERT_LAYER_NETWORK_FORWARD:
fputs("NETWORK_FORWARD", stdout);
break;
case WINDIVERT_LAYER_FLOW:
fputs("FLOW", stdout);
break;
case WINDIVERT_LAYER_SOCKET:
fputs("SOCKET", stdout);
break;
case WINDIVERT_LAYER_REFLECT:
fputs("REFLECT", stdout);
break;
default:
fputs("???", stdout);
break;
}
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
fputs(" flags=", stdout);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
if (addr.Reflect.Flags == 0)
{
fputs("0", stdout);
}
else
{
or = FALSE;
if ((addr.Reflect.Flags & WINDIVERT_FLAG_SNIFF) != 0)
{
fputs("SNIFF", stdout);
or = TRUE;
}
if ((addr.Reflect.Flags & WINDIVERT_FLAG_DROP) != 0)
{
printf("%sDROP", (or? "|": ""));
or = TRUE;
}
if ((addr.Reflect.Flags & WINDIVERT_FLAG_RECV_ONLY) != 0)
{
printf("%sRECV_ONLY", (or? "|": ""));
or = TRUE;
}
if ((addr.Reflect.Flags & WINDIVERT_FLAG_SEND_ONLY) != 0)
{
printf("%sSEND_ONLY", (or? "|": ""));
or = TRUE;
}
if ((addr.Reflect.Flags & WINDIVERT_FLAG_NO_INSTALL) != 0)
{
printf("%sNO_INSTALL", (or? "|": ""));
or = TRUE;
}
}
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
fputs(" priority=", stdout);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
printf("%d", addr.Reflect.Priority);
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
fputs(" filter=", stdout);
SetConsoleTextAttribute(console, FOREGROUND_RED | FOREGROUND_GREEN);
if (WinDivertHelperFormatFilter((char *)packet, addr.Reflect.Layer,
filter_str, sizeof(filter_str)))
{
printf("\"%s\"", filter_str);
}
else
{
printf("\"%s\"", (char *)packet);
}
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
putchar('\n');
}
if (!WinDivertClose(handle))
{
fprintf(stderr, "error: failed to close WinDivert handle (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
if (mode == UNINSTALL)
{
// Stop & delete the WinDivert service:
mutex = CreateMutex(NULL, FALSE, "WinDivertDriverInstallMutex");
if (mutex == NULL)
{
fprintf(stderr, "error: failed to create WinDivert driver "
"install mutex (%d)\n", GetLastError());
return EXIT_FAILURE;
}
switch (WaitForSingleObject(mutex, INFINITE))
{
case WAIT_OBJECT_0: case WAIT_ABANDONED:
break;
default:
fprintf(stderr, "error: failed to acquire WinDivert driver "
"install mutex (%d)\n", GetLastError());
return EXIT_FAILURE;
}
manager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
if (manager == NULL)
{
fprintf(stderr, "error: failed to open service manager (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
service = OpenService(manager, "WinDivert", SERVICE_ALL_ACCESS);
if (service == NULL)
{
fprintf(stderr, "error: failed to open WinDivert service (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
if (!ControlService(service, SERVICE_CONTROL_STOP, &status))
{
fprintf(stderr, "error: failed to stop WinDivert service (%d)\n",
GetLastError());
return EXIT_FAILURE;
}
if (status.dwCurrentState != SERVICE_STOPPED)
{
fprintf(stderr, "error: failed to stop WinDivert service");
return EXIT_FAILURE;
}
CloseServiceHandle(service);
CloseServiceHandle(manager);
SetConsoleTextAttribute(console, FOREGROUND_GREEN);
fputs("UNINSTALL", stdout);
SetConsoleTextAttribute(console,
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
puts(" WinDivert");
ReleaseMutex(mutex);
CloseHandle(mutex);
}
return 0;
}
examples/windivertctl/windivertctl.vcxproj
-73
View File
@@ -1,73 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
windivertctl.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="windivertctl.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<AdditionalIncludeDirectories>..\..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>windivertctl</RootNamespace>
<ProjectName>windivertctl</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<ConfigurationType>Application</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<Link>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..\..\install\MSVC\i386\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..\..\install\MSVC\amd64\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
include/windivert.h
+133 -317
View File
@@ -1,35 +1,19 @@
/*
* windivert.h
* (C) 2019, all rights reserved,
* (C) 2014, all rights reserved,
*
* This file is part of WinDivert.
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
#ifndef __WINDIVERT_H
@@ -40,12 +24,11 @@
#endif /* WINDIVERT_KERNEL */
#ifndef WINDIVERTEXPORT
#define WINDIVERTEXPORT extern __declspec(dllimport)
#define WINDIVERTEXPORT __declspec(dllimport)
#endif /* WINDIVERTEXPORT */
#ifdef __MINGW32__
#define __in
#define __in_opt
#define __out
#define __out_opt
#define __inout
@@ -70,163 +53,50 @@ extern "C" {
/****************************************************************************/
/*
* WinDivert layers.
*/
typedef enum
{
WINDIVERT_LAYER_NETWORK = 0, /* Network layer. */
WINDIVERT_LAYER_NETWORK_FORWARD = 1,/* Network layer (forwarded packets) */
WINDIVERT_LAYER_FLOW = 2, /* Flow layer. */
WINDIVERT_LAYER_SOCKET = 3, /* Socket layer. */
WINDIVERT_LAYER_REFLECT = 4, /* Reflect layer. */
} WINDIVERT_LAYER, *PWINDIVERT_LAYER;
/*
* WinDivert NETWORK and NETWORK_FORWARD layer data.
* Divert address.
*/
typedef struct
{
UINT32 IfIdx; /* Packet's interface index. */
UINT32 SubIfIdx; /* Packet's sub-interface index. */
} WINDIVERT_DATA_NETWORK, *PWINDIVERT_DATA_NETWORK;
/*
* WinDivert FLOW layer data.
*/
typedef struct
{
UINT64 EndpointId; /* Endpoint ID. */
UINT64 ParentEndpointId; /* Parent endpoint ID. */
UINT32 ProcessId; /* Process ID. */
UINT32 LocalAddr[4]; /* Local address. */
UINT32 RemoteAddr[4]; /* Remote address. */
UINT16 LocalPort; /* Local port. */
UINT16 RemotePort; /* Remote port. */
UINT8 Protocol; /* Protocol. */
} WINDIVERT_DATA_FLOW, *PWINDIVERT_DATA_FLOW;
/*
* WinDivert SOCKET layer data.
*/
typedef struct
{
UINT64 EndpointId; /* Endpoint ID. */
UINT64 ParentEndpointId; /* Parent Endpoint ID. */
UINT32 ProcessId; /* Process ID. */
UINT32 LocalAddr[4]; /* Local address. */
UINT32 RemoteAddr[4]; /* Remote address. */
UINT16 LocalPort; /* Local port. */
UINT16 RemotePort; /* Remote port. */
UINT8 Protocol; /* Protocol. */
} WINDIVERT_DATA_SOCKET, *PWINDIVERT_DATA_SOCKET;
/*
* WinDivert REFLECTION layer data.
*/
typedef struct
{
INT64 Timestamp; /* Handle open time. */
UINT32 ProcessId; /* Handle process ID. */
WINDIVERT_LAYER Layer; /* Handle layer. */
UINT64 Flags; /* Handle flags. */
INT16 Priority; /* Handle priority. */
} WINDIVERT_DATA_REFLECT, *PWINDIVERT_DATA_REFLECT;
/*
* WinDivert address.
*/
#ifdef _MSC_VER
#pragma warning(push)
#pragma warning(disable: 4201)
#endif
typedef struct
{
INT64 Timestamp; /* Packet's timestamp. */
UINT32 Layer:8; /* Packet's layer. */
UINT32 Event:8; /* Packet event. */
UINT32 Sniffed:1; /* Packet was sniffed? */
UINT32 Outbound:1; /* Packet is outound? */
UINT32 Loopback:1; /* Packet is loopback? */
UINT32 Impostor:1; /* Packet is impostor? */
UINT32 IPv6:1; /* Packet is IPv6? */
UINT32 IPChecksum:1; /* Packet has valid IPv4 checksum? */
UINT32 TCPChecksum:1; /* Packet has valid TCP checksum? */
UINT32 UDPChecksum:1; /* Packet has valid UDP checksum? */
UINT32 Reserved1:8;
UINT32 Reserved2;
union
{
WINDIVERT_DATA_NETWORK Network; /* Network layer data. */
WINDIVERT_DATA_FLOW Flow; /* Flow layer data. */
WINDIVERT_DATA_SOCKET Socket; /* Socket layer data. */
WINDIVERT_DATA_REFLECT Reflect; /* Reflect layer data. */
UINT8 Reserved3[64];
};
UINT8 Direction; /* Packet's direction. */
} WINDIVERT_ADDRESS, *PWINDIVERT_ADDRESS;
#ifdef _MSC_VER
#pragma warning(pop)
#endif
#define WINDIVERT_DIRECTION_OUTBOUND 0
#define WINDIVERT_DIRECTION_INBOUND 1
/*
* WinDivert events.
* Divert layers.
*/
typedef enum
{
WINDIVERT_EVENT_NETWORK_PACKET = 0, /* Network packet. */
WINDIVERT_EVENT_FLOW_ESTABLISHED = 1,
/* Flow established. */
WINDIVERT_EVENT_FLOW_DELETED = 2, /* Flow deleted. */
WINDIVERT_EVENT_SOCKET_BIND = 3, /* Socket bind. */
WINDIVERT_EVENT_SOCKET_CONNECT = 4, /* Socket connect. */
WINDIVERT_EVENT_SOCKET_LISTEN = 5, /* Socket listen. */
WINDIVERT_EVENT_SOCKET_ACCEPT = 6, /* Socket accept. */
WINDIVERT_EVENT_SOCKET_CLOSE = 7, /* Socket close. */
WINDIVERT_EVENT_REFLECT_OPEN = 8, /* WinDivert handle opened. */
WINDIVERT_EVENT_REFLECT_CLOSE = 9, /* WinDivert handle closed. */
} WINDIVERT_EVENT, *PWINDIVERT_EVENT;
WINDIVERT_LAYER_NETWORK = 0, /* Network layer. */
WINDIVERT_LAYER_NETWORK_FORWARD = 1 /* Network layer (forwarded packets) */
} WINDIVERT_LAYER, *PWINDIVERT_LAYER;
/*
* WinDivert flags.
* Divert flags.
*/
#define WINDIVERT_FLAG_SNIFF 0x0001
#define WINDIVERT_FLAG_DROP 0x0002
#define WINDIVERT_FLAG_RECV_ONLY 0x0004
#define WINDIVERT_FLAG_READ_ONLY WINDIVERT_FLAG_RECV_ONLY
#define WINDIVERT_FLAG_SEND_ONLY 0x0008
#define WINDIVERT_FLAG_WRITE_ONLY WINDIVERT_FLAG_SEND_ONLY
#define WINDIVERT_FLAG_NO_INSTALL 0x0010
#define WINDIVERT_FLAG_FRAGMENTS 0x0020
#define WINDIVERT_FLAG_SNIFF 1
#define WINDIVERT_FLAG_DROP 2
#define WINDIVERT_FLAG_NO_CHECKSUM 1024
/*
* WinDivert parameters.
* Divert parameters.
*/
typedef enum
{
WINDIVERT_PARAM_QUEUE_LENGTH = 0, /* Packet queue length. */
WINDIVERT_PARAM_QUEUE_TIME = 1, /* Packet queue time. */
WINDIVERT_PARAM_QUEUE_SIZE = 2, /* Packet queue size. */
WINDIVERT_PARAM_VERSION_MAJOR = 3, /* Driver version (major). */
WINDIVERT_PARAM_VERSION_MINOR = 4, /* Driver version (minor). */
WINDIVERT_PARAM_QUEUE_LEN = 0, /* Packet queue length. */
WINDIVERT_PARAM_QUEUE_TIME = 1 /* Packet queue time. */
} WINDIVERT_PARAM, *PWINDIVERT_PARAM;
#define WINDIVERT_PARAM_MAX WINDIVERT_PARAM_VERSION_MINOR
/*
* WinDivert shutdown parameter.
*/
typedef enum
{
WINDIVERT_SHUTDOWN_RECV = 0x1, /* Shutdown recv. */
WINDIVERT_SHUTDOWN_SEND = 0x2, /* Shutdown send. */
WINDIVERT_SHUTDOWN_BOTH = 0x3, /* Shutdown recv and send. */
} WINDIVERT_SHUTDOWN, *PWINDIVERT_SHUTDOWN;
#define WINDIVERT_SHUTDOWN_MAX WINDIVERT_SHUTDOWN_BOTH
#define WINDIVERT_PARAM_MAX WINDIVERT_PARAM_QUEUE_TIME
#ifndef WINDIVERT_KERNEL
/*
* Open a WinDivert handle.
*/
WINDIVERTEXPORT HANDLE WinDivertOpen(
extern WINDIVERTEXPORT HANDLE WinDivertOpen(
__in const char *filter,
__in WINDIVERT_LAYER layer,
__in INT16 priority,
@@ -235,66 +105,57 @@ WINDIVERTEXPORT HANDLE WinDivertOpen(
/*
* Receive (read) a packet from a WinDivert handle.
*/
WINDIVERTEXPORT BOOL WinDivertRecv(
extern WINDIVERTEXPORT BOOL WinDivertRecv(
__in HANDLE handle,
__out_opt VOID *pPacket,
__out PVOID pPacket,
__in UINT packetLen,
__out_opt UINT *pRecvLen,
__out_opt WINDIVERT_ADDRESS *pAddr);
__out_opt PWINDIVERT_ADDRESS pAddr,
__out_opt UINT *readLen);
/*
* Receive (read) a packet from a WinDivert handle.
*/
WINDIVERTEXPORT BOOL WinDivertRecvEx(
extern WINDIVERTEXPORT BOOL WinDivertRecvEx(
__in HANDLE handle,
__out_opt VOID *pPacket,
__out PVOID pPacket,
__in UINT packetLen,
__out_opt UINT *pRecvLen,
__in UINT64 flags,
__out WINDIVERT_ADDRESS *pAddr,
__inout_opt UINT *pAddrLen,
__out_opt PWINDIVERT_ADDRESS pAddr,
__out_opt UINT *readLen,
__inout_opt LPOVERLAPPED lpOverlapped);
/*
* Send (write/inject) a packet to a WinDivert handle.
*/
WINDIVERTEXPORT BOOL WinDivertSend(
extern WINDIVERTEXPORT BOOL WinDivertSend(
__in HANDLE handle,
__in const VOID *pPacket,
__in PVOID pPacket,
__in UINT packetLen,
__out_opt UINT *pSendLen,
__in const WINDIVERT_ADDRESS *pAddr);
__in PWINDIVERT_ADDRESS pAddr,
__out_opt UINT *writeLen);
/*
* Send (write/inject) a packet to a WinDivert handle.
*/
WINDIVERTEXPORT BOOL WinDivertSendEx(
extern WINDIVERTEXPORT BOOL WinDivertSendEx(
__in HANDLE handle,
__in const VOID *pPacket,
__in PVOID pPacket,
__in UINT packetLen,
__out_opt UINT *pSendLen,
__in UINT64 flags,
__in const WINDIVERT_ADDRESS *pAddr,
__in UINT addrLen,
__in PWINDIVERT_ADDRESS pAddr,
__out_opt UINT *writeLen,
__inout_opt LPOVERLAPPED lpOverlapped);
/*
* Shutdown a WinDivert handle.
*/
WINDIVERTEXPORT BOOL WinDivertShutdown(
__in HANDLE handle,
__in WINDIVERT_SHUTDOWN how);
/*
* Close a WinDivert handle.
*/
WINDIVERTEXPORT BOOL WinDivertClose(
extern WINDIVERTEXPORT BOOL WinDivertClose(
__in HANDLE handle);
/*
* Set a WinDivert handle parameter.
*/
WINDIVERTEXPORT BOOL WinDivertSetParam(
extern WINDIVERTEXPORT BOOL WinDivertSetParam(
__in HANDLE handle,
__in WINDIVERT_PARAM param,
__in UINT64 value);
@@ -302,39 +163,15 @@ WINDIVERTEXPORT BOOL WinDivertSetParam(
/*
* Get a WinDivert handle parameter.
*/
WINDIVERTEXPORT BOOL WinDivertGetParam(
extern WINDIVERTEXPORT BOOL WinDivertGetParam(
__in HANDLE handle,
__in WINDIVERT_PARAM param,
__out UINT64 *pValue);
#endif /* WINDIVERT_KERNEL */
/*
* WinDivert constants.
*/
#define WINDIVERT_PRIORITY_HIGHEST 30000
#define WINDIVERT_PRIORITY_LOWEST (-WINDIVERT_PRIORITY_HIGHEST)
#define WINDIVERT_PARAM_QUEUE_LENGTH_DEFAULT 4096
#define WINDIVERT_PARAM_QUEUE_LENGTH_MIN 32
#define WINDIVERT_PARAM_QUEUE_LENGTH_MAX 16384
#define WINDIVERT_PARAM_QUEUE_TIME_DEFAULT 2000 /* 2s */
#define WINDIVERT_PARAM_QUEUE_TIME_MIN 100 /* 100ms */
#define WINDIVERT_PARAM_QUEUE_TIME_MAX 16000 /* 16s */
#define WINDIVERT_PARAM_QUEUE_SIZE_DEFAULT 4194304 /* 4MB */
#define WINDIVERT_PARAM_QUEUE_SIZE_MIN 65535 /* 64KB */
#define WINDIVERT_PARAM_QUEUE_SIZE_MAX 33554432 /* 32MB */
#define WINDIVERT_BATCH_MAX 0xFF /* 255 */
#define WINDIVERT_MTU_MAX (40 + 0xFFFF)
/****************************************************************************/
/* WINDIVERT HELPER API */
/****************************************************************************/
#ifdef _MSC_VER
#pragma warning(push)
#pragma warning(disable: 4214)
#endif
/*
* IPv4/IPv6/ICMP/ICMPv6/TCP/UDP header definitions.
*/
@@ -469,12 +306,8 @@ typedef struct
UINT16 Checksum;
} WINDIVERT_UDPHDR, *PWINDIVERT_UDPHDR;
#ifdef _MSC_VER
#pragma warning(pop)
#endif
/*
* Flags for WinDivertHelperCalcChecksums()
* Flags for DivertHelperCalcChecksums()
*/
#define WINDIVERT_HELPER_NO_IP_CHECKSUM 1
#define WINDIVERT_HELPER_NO_ICMP_CHECKSUM 2
@@ -482,144 +315,127 @@ typedef struct
#define WINDIVERT_HELPER_NO_TCP_CHECKSUM 8
#define WINDIVERT_HELPER_NO_UDP_CHECKSUM 16
#ifndef WINDIVERT_KERNEL
/*
* Hash a packet.
*/
WINDIVERTEXPORT UINT64 WinDivertHelperHashPacket(
__in const VOID *pPacket,
__in UINT packetLen,
__in UINT64 seed
#ifdef __cplusplus
= 0
#endif
);
/*
* Parse IPv4/IPv6/ICMP/ICMPv6/TCP/UDP headers from a raw packet.
*/
WINDIVERTEXPORT BOOL WinDivertHelperParsePacket(
__in const VOID *pPacket,
extern WINDIVERTEXPORT BOOL WinDivertHelperParsePacket(
__in PVOID pPacket,
__in UINT packetLen,
__out_opt PWINDIVERT_IPHDR *ppIpHdr,
__out_opt PWINDIVERT_IPV6HDR *ppIpv6Hdr,
__out_opt UINT8 *pProtocol,
__out_opt PWINDIVERT_ICMPHDR *ppIcmpHdr,
__out_opt PWINDIVERT_ICMPV6HDR *ppIcmpv6Hdr,
__out_opt PWINDIVERT_TCPHDR *ppTcpHdr,
__out_opt PWINDIVERT_UDPHDR *ppUdpHdr,
__out_opt PVOID *ppData,
__out_opt UINT *pDataLen,
__out_opt PVOID *ppNext,
__out_opt UINT *pNextLen);
__out_opt UINT *pDataLen);
/*
* Parse an IPv4 address.
*/
WINDIVERTEXPORT BOOL WinDivertHelperParseIPv4Address(
extern WINDIVERTEXPORT BOOL WinDivertHelperParseIPv4Address(
__in const char *addrStr,
__out_opt UINT32 *pAddr);
/*
* Parse an IPv6 address.
*/
WINDIVERTEXPORT BOOL WinDivertHelperParseIPv6Address(
extern WINDIVERTEXPORT BOOL WinDivertHelperParseIPv6Address(
__in const char *addrStr,
__out_opt UINT32 *pAddr);
/*
* Format an IPv4 address.
*/
WINDIVERTEXPORT BOOL WinDivertHelperFormatIPv4Address(
__in UINT32 addr,
__out char *buffer,
__in UINT bufLen);
/*
* Format an IPv6 address.
*/
WINDIVERTEXPORT BOOL WinDivertHelperFormatIPv6Address(
__in const UINT32 *pAddr,
__out char *buffer,
__in UINT bufLen);
/*
* Calculate IPv4/IPv6/ICMP/ICMPv6/TCP/UDP checksums.
*/
WINDIVERTEXPORT BOOL WinDivertHelperCalcChecksums(
__inout VOID *pPacket,
extern WINDIVERTEXPORT UINT WinDivertHelperCalcChecksums(
__inout PVOID pPacket,
__in UINT packetLen,
__out_opt WINDIVERT_ADDRESS *pAddr,
__in UINT64 flags);
/*
* Decrement the TTL/HopLimit.
*/
WINDIVERTEXPORT BOOL WinDivertHelperDecrementTTL(
__inout VOID *pPacket,
__in UINT packetLen);
/****************************************************************************/
/* WINDIVERT LEGACY API */
/****************************************************************************/
/*
* Compile the given filter string.
* Deprecated API:
*/
WINDIVERTEXPORT BOOL WinDivertHelperCompileFilter(
__in const char *filter,
__in WINDIVERT_LAYER layer,
__out_opt char *object,
__in UINT objLen,
__out_opt const char **errorStr,
__out_opt UINT *errorPos);
typedef WINDIVERT_ADDRESS DIVERT_ADDRESS;
typedef PWINDIVERT_ADDRESS PDIVERT_ADDRESS;
#define DIVERT_DIRECTION_OUTBOUND WINDIVERT_DIRECTION_OUTBOUND
#define DIVERT_DIRECTION_INBOUND WINDIVERT_DIRECTION_INBOUND
typedef WINDIVERT_LAYER DIVERT_LAYER;
typedef PWINDIVERT_LAYER PDIVERT_LAYER;
#define DIVERT_FLAG_SNIFF WINDIVERT_FLAG_SNIFF
#define DIVERT_FLAG_DROP WINDIVERT_FLAG_DROP
typedef WINDIVERT_PARAM DIVERT_PARAM;
typedef PWINDIVERT_PARAM PDIVERT_PARAM;
typedef WINDIVERT_IPHDR DIVERT_IPHDR;
typedef PWINDIVERT_IPHDR PDIVERT_IPHDR;
typedef WINDIVERT_IPV6HDR DIVERT_IPV6HDR;
typedef PWINDIVERT_IPV6HDR PDIVERT_IPV6HDR;
typedef WINDIVERT_ICMPHDR DIVERT_ICMPHDR;
typedef PWINDIVERT_ICMPHDR PDIVERT_ICMPHDR;
typedef WINDIVERT_ICMPV6HDR DIVERT_ICMPV6HDR;
typedef PWINDIVERT_ICMPV6HDR PDIVERT_ICMPV6HDR;
typedef WINDIVERT_TCPHDR DIVERT_TCPHDR;
typedef PWINDIVERT_TCPHDR PDIVERT_TCPHDR;
typedef WINDIVERT_UDPHDR DIVERT_UDPHDR;
typedef PWINDIVERT_UDPHDR PDIVERT_UDPHDR;
#define DIVERT_HELPER_NO_IP_CHECKSUM WINDIVERT_HELPER_NO_IP_CHECKSUM
#define DIVERT_HELPER_NO_ICMP_CHECKSUM WINDIVERT_HELPER_NO_ICMP_CHECKSUM
#define DIVERT_HELPER_NO_ICMPV6_CHECKSUM WINDIVERT_HELPER_NO_ICMPV6_CHECKSUM
#define DIVERT_HELPER_NO_TCP_CHECKSUM WINDIVERT_HELPER_NO_TCP_CHECKSUM
#define DIVERT_HELPER_NO_UDP_CHECKSUM WINDIVERT_HELPER_NO_UDP_CHECKSUM
/*
* Evaluate the given filter string.
*/
WINDIVERTEXPORT BOOL WinDivertHelperEvalFilter(
extern WINDIVERTEXPORT HANDLE DivertOpen(
__in const char *filter,
__in const VOID *pPacket,
__in DIVERT_LAYER layer,
__in INT16 priority,
__in UINT64 flags);
extern WINDIVERTEXPORT BOOL DivertRecv(
__in HANDLE handle,
__out PVOID pPacket,
__in UINT packetLen,
__in const WINDIVERT_ADDRESS *pAddr);
/*
* Format the given filter string.
*/
WINDIVERTEXPORT BOOL WinDivertHelperFormatFilter(
__in const char *filter,
__in WINDIVERT_LAYER layer,
__out char *buffer,
__in UINT bufLen);
/*
* Byte ordering.
*/
WINDIVERTEXPORT UINT16 WinDivertHelperNtohs(
__in UINT16 x);
WINDIVERTEXPORT UINT16 WinDivertHelperHtons(
__in UINT16 x);
WINDIVERTEXPORT UINT32 WinDivertHelperNtohl(
__in UINT32 x);
WINDIVERTEXPORT UINT32 WinDivertHelperHtonl(
__in UINT32 x);
WINDIVERTEXPORT UINT64 WinDivertHelperNtohll(
__in UINT64 x);
WINDIVERTEXPORT UINT64 WinDivertHelperHtonll(
__in UINT64 x);
WINDIVERTEXPORT void WinDivertHelperNtohIPv6Address(
__in const UINT *inAddr,
__out UINT *outAddr);
WINDIVERTEXPORT void WinDivertHelperHtonIPv6Address(
__in const UINT *inAddr,
__out UINT *outAddr);
/*
* Old names to be removed in the next version.
*/
WINDIVERTEXPORT void WinDivertHelperNtohIpv6Address(
__in const UINT *inAddr,
__out UINT *outAddr);
WINDIVERTEXPORT void WinDivertHelperHtonIpv6Address(
__in const UINT *inAddr,
__out UINT *outAddr);
__out_opt PDIVERT_ADDRESS pAddr,
__out_opt UINT *readLen);
extern WINDIVERTEXPORT BOOL DivertSend(
__in HANDLE handle,
__in PVOID pPacket,
__in UINT packetLen,
__in PDIVERT_ADDRESS pAddr,
__out_opt UINT *writeLen);
extern WINDIVERTEXPORT BOOL DivertClose(
__in HANDLE handle);
extern WINDIVERTEXPORT BOOL DivertSetParam(
__in HANDLE handle,
__in DIVERT_PARAM param,
__in UINT64 value);
extern WINDIVERTEXPORT BOOL DivertGetParam(
__in HANDLE handle,
__in DIVERT_PARAM param,
__out UINT64 *pValue);
extern WINDIVERTEXPORT BOOL DivertHelperParsePacket(
__in PVOID pPacket,
__in UINT packetLen,
__out_opt PDIVERT_IPHDR *ppIpHdr,
__out_opt PDIVERT_IPV6HDR *ppIpv6Hdr,
__out_opt PDIVERT_ICMPHDR *ppIcmpHdr,
__out_opt PDIVERT_ICMPV6HDR *ppIcmpv6Hdr,
__out_opt PDIVERT_TCPHDR *ppTcpHdr,
__out_opt PDIVERT_UDPHDR *ppUdpHdr,
__out_opt PVOID *ppData,
__out_opt UINT *pDataLen);
extern WINDIVERTEXPORT BOOL DivertHelperParseIPv4Address(
__in const char *addrStr,
__out_opt UINT32 *pAddr);
extern WINDIVERTEXPORT BOOL DivertHelperParseIPv6Address(
__in const char *addrStr,
__out_opt UINT32 *pAddr);
extern WINDIVERTEXPORT UINT DivertHelperCalcChecksums(
__inout PVOID pPacket,
__in UINT packetLen,
__in UINT64 flags);
#endif /* WINDIVERT_KERNEL */
include/windivert_device.h
+67 -184
View File
@@ -1,54 +1,35 @@
/*
* windivert_device.h
* (C) 2019, all rights reserved,
* (C) 2014, all rights reserved,
*
* This file is part of WinDivert.
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
#ifndef __WINDIVERT_DEVICE_H
#define __WINDIVERT_DEVICE_H
/*
* NOTE: This is the low-level interface to the WinDivert device driver.
* NOTE: This is the low-level interface to the divert device driver.
* This interface should not be used directly, instead use the high-level
* interface provided by the WinDivert API.
* interface provided by the divert API.
*/
#define WINDIVERT_KERNEL
#include "windivert.h"
#define WINDIVERT_VERSION_MAJOR 2
#define WINDIVERT_VERSION_MINOR 2
#define WINDIVERT_MAGIC_DLL 0x4C4C447669645724ull
#define WINDIVERT_MAGIC_SYS 0x5359537669645723ull
#define WINDIVERT_VERSION 1
#define WINDIVERT_VERSION_MINOR 1
#define WINDIVERT_STR2(s) #s
#define WINDIVERT_STR(s) WINDIVERT_STR2(s)
@@ -56,13 +37,14 @@
#define WINDIVERT_LSTR(s) WINDIVERT_LSTR2(s)
#define WINDIVERT_VERSION_LSTR \
WINDIVERT_LSTR(WINDIVERT_VERSION_MAJOR) L"." \
WINDIVERT_LSTR(WINDIVERT_VERSION) L"." \
WINDIVERT_LSTR(WINDIVERT_VERSION_MINOR)
#define WINDIVERT_DEVICE_NAME \
L"WinDivert"
#define WINDIVERT_LAYER_NAME \
WINDIVERT_DEVICE_NAME WINDIVERT_VERSION_LSTR
L"WinDivert" WINDIVERT_VERSION_LSTR
#define WINDIVERT_IOCTL_VERSION 3
#define WINDIVERT_IOCTL_MAGIC 0xE8D3
#define WINDIVERT_FILTER_FIELD_ZERO 0
#define WINDIVERT_FILTER_FIELD_INBOUND 1
@@ -122,36 +104,8 @@
#define WINDIVERT_FILTER_FIELD_UDP_LENGTH 55
#define WINDIVERT_FILTER_FIELD_UDP_CHECKSUM 56
#define WINDIVERT_FILTER_FIELD_UDP_PAYLOADLENGTH 57
#define WINDIVERT_FILTER_FIELD_LOOPBACK 58
#define WINDIVERT_FILTER_FIELD_IMPOSTOR 59
#define WINDIVERT_FILTER_FIELD_PROCESSID 60
#define WINDIVERT_FILTER_FIELD_LOCALADDR 61
#define WINDIVERT_FILTER_FIELD_REMOTEADDR 62
#define WINDIVERT_FILTER_FIELD_LOCALPORT 63
#define WINDIVERT_FILTER_FIELD_REMOTEPORT 64
#define WINDIVERT_FILTER_FIELD_PROTOCOL 65
#define WINDIVERT_FILTER_FIELD_ENDPOINTID 66
#define WINDIVERT_FILTER_FIELD_PARENTENDPOINTID 67
#define WINDIVERT_FILTER_FIELD_LAYER 68
#define WINDIVERT_FILTER_FIELD_PRIORITY 69
#define WINDIVERT_FILTER_FIELD_EVENT 70
#define WINDIVERT_FILTER_FIELD_PACKET 71
#define WINDIVERT_FILTER_FIELD_PACKET16 72
#define WINDIVERT_FILTER_FIELD_PACKET32 73
#define WINDIVERT_FILTER_FIELD_TCP_PAYLOAD 74
#define WINDIVERT_FILTER_FIELD_TCP_PAYLOAD16 75
#define WINDIVERT_FILTER_FIELD_TCP_PAYLOAD32 76
#define WINDIVERT_FILTER_FIELD_UDP_PAYLOAD 77
#define WINDIVERT_FILTER_FIELD_UDP_PAYLOAD16 78
#define WINDIVERT_FILTER_FIELD_UDP_PAYLOAD32 79
#define WINDIVERT_FILTER_FIELD_LENGTH 80
#define WINDIVERT_FILTER_FIELD_TIMESTAMP 81
#define WINDIVERT_FILTER_FIELD_RANDOM8 82
#define WINDIVERT_FILTER_FIELD_RANDOM16 83
#define WINDIVERT_FILTER_FIELD_RANDOM32 84
#define WINDIVERT_FILTER_FIELD_FRAGMENT 85
#define WINDIVERT_FILTER_FIELD_MAX \
WINDIVERT_FILTER_FIELD_FRAGMENT
WINDIVERT_FILTER_FIELD_UDP_PAYLOADLENGTH
#define WINDIVERT_FILTER_TEST_EQ 0
#define WINDIVERT_FILTER_TEST_NEQ 1
@@ -161,165 +115,94 @@
#define WINDIVERT_FILTER_TEST_GEQ 5
#define WINDIVERT_FILTER_TEST_MAX WINDIVERT_FILTER_TEST_GEQ
#define WINDIVERT_FILTER_MAXLEN 256
#define WINDIVERT_FILTER_MAXLEN 128
#define WINDIVERT_FILTER_RESULT_ACCEPT 0x7FFE
#define WINDIVERT_FILTER_RESULT_REJECT 0x7FFF
#define WINDIVERT_FILTER_RESULT_ACCEPT (WINDIVERT_FILTER_MAXLEN+1)
#define WINDIVERT_FILTER_RESULT_REJECT (WINDIVERT_FILTER_MAXLEN+2)
/*
* WinDivert layers.
*/
#define WINDIVERT_LAYER_MAX WINDIVERT_LAYER_REFLECT
/*
* WinDivert events.
*/
#define WINDIVERT_EVENT_MAX \
WINDIVERT_EVENT_REFLECT_CLOSE
#define WINDIVERT_LAYER_DEFAULT WINDIVERT_LAYER_NETWORK
#define WINDIVERT_LAYER_MAX \
WINDIVERT_LAYER_NETWORK_FORWARD
/*
* WinDivert flags.
*/
#define WINDIVERT_FLAGS_ALL \
(WINDIVERT_FLAG_SNIFF | WINDIVERT_FLAG_DROP | WINDIVERT_FLAG_RECV_ONLY |\
WINDIVERT_FLAG_SEND_ONLY | WINDIVERT_FLAG_NO_INSTALL | \
WINDIVERT_FLAG_FRAGMENTS)
(WINDIVERT_FLAG_SNIFF | WINDIVERT_FLAG_DROP | \
WINDIVERT_FLAG_NO_CHECKSUM)
#define WINDIVERT_FLAGS_EXCLUDE(flags, flag1, flag2) \
(((flags) & ((flag1) | (flag2))) != ((flag1) | (flag2)))
#define WINDIVERT_FLAGS_VALID(flags) \
((((flags) & ~WINDIVERT_FLAGS_ALL) == 0) && \
WINDIVERT_FLAGS_EXCLUDE(flags, WINDIVERT_FLAG_SNIFF, \
WINDIVERT_FLAG_DROP) && \
WINDIVERT_FLAGS_EXCLUDE(flags, WINDIVERT_FLAG_RECV_ONLY, \
WINDIVERT_FLAG_SEND_ONLY))
/*
* WinDivert filter flags.
*/
#define WINDIVERT_FILTER_FLAG_INBOUND 0x0000000000000010ull
#define WINDIVERT_FILTER_FLAG_OUTBOUND 0x0000000000000020ull
#define WINDIVERT_FILTER_FLAG_IP 0x0000000000000040ull
#define WINDIVERT_FILTER_FLAG_IPV6 0x0000000000000080ull
#define WINDIVERT_FILTER_FLAG_EVENT_FLOW_DELETED 0x0000000000000100ull
#define WINDIVERT_FILTER_FLAG_EVENT_SOCKET_BIND 0x0000000000000200ull
#define WINDIVERT_FILTER_FLAG_EVENT_SOCKET_CONNECT 0x0000000000000400ull
#define WINDIVERT_FILTER_FLAG_EVENT_SOCKET_LISTEN 0x0000000000000800ull
#define WINDIVERT_FILTER_FLAG_EVENT_SOCKET_ACCEPT 0x0000000000001000ull
#define WINDIVERT_FILTER_FLAG_EVENT_SOCKET_CLOSE 0x0000000000002000ull
#define WINDIVERT_FILTER_FLAGS_ALL \
(WINDIVERT_FILTER_FLAG_INBOUND | \
WINDIVERT_FILTER_FLAG_OUTBOUND | \
WINDIVERT_FILTER_FLAG_IP | \
WINDIVERT_FILTER_FLAG_IPV6 | \
WINDIVERT_FILTER_FLAG_EVENT_FLOW_DELETED | \
WINDIVERT_FILTER_FLAG_EVENT_SOCKET_BIND | \
WINDIVERT_FILTER_FLAG_EVENT_SOCKET_CONNECT | \
WINDIVERT_FILTER_FLAG_EVENT_SOCKET_LISTEN | \
WINDIVERT_FILTER_FLAG_EVENT_SOCKET_ACCEPT | \
WINDIVERT_FILTER_FLAG_EVENT_SOCKET_CLOSE)
WINDIVERT_FLAG_DROP))
/*
* WinDivert priorities.
*/
#define WINDIVERT_PRIORITY_MAX WINDIVERT_PRIORITY_HIGHEST
#define WINDIVERT_PRIORITY_MIN WINDIVERT_PRIORITY_LOWEST
#define WINDIVERT_PRIORITY(priority16) \
((UINT32)((INT32)(priority16) + 0x7FFF + 1))
#define WINDIVERT_PRIORITY_DEFAULT WINDIVERT_PRIORITY(0)
#define WINDIVERT_PRIORITY_MAX WINDIVERT_PRIORITY(1000)
#define WINDIVERT_PRIORITY_MIN WINDIVERT_PRIORITY(-1000)
/*
* WinDivert timestamps.
* WinDivert parameters.
*/
#define WINDIVERT_TIMESTAMP_MAX 0x7FFFFFFFFFFFFFFFull
#define WINDIVERT_PARAM_QUEUE_LEN_DEFAULT 1024
#define WINDIVERT_PARAM_QUEUE_LEN_MIN 1
#define WINDIVERT_PARAM_QUEUE_LEN_MAX 8192
#define WINDIVERT_PARAM_QUEUE_TIME_DEFAULT 512
#define WINDIVERT_PARAM_QUEUE_TIME_MIN 128
#define WINDIVERT_PARAM_QUEUE_TIME_MAX 2048
/*
* WinDivert message definitions.
*/
#pragma pack(push, 1)
typedef union
struct windivert_ioctl_s
{
struct
{
UINT64 addr; // WINDIVERT_ADDRESS pointer.
UINT64 addr_len_ptr; // sizeof(addr) pointer.
} recv;
struct
{
UINT64 addr; // WINDIVERT_ADDRESS pointer.
UINT64 addr_len; // sizeof(addr).
} send;
struct
{
UINT32 layer; // Handle layer.
UINT32 priority; // Handle priority.
UINT64 flags; // Handle flags.
} initialize;
struct
{
UINT64 flags; // Filter flags.
} startup;
struct
{
UINT32 how; // WINDIVERT_SHUTDOWN_*
} shutdown;
struct
{
UINT32 param; // WINDIVERT_PARAM_*
} get_param;
struct
{
UINT64 val; // Value pointer.
UINT32 param; // WINDIVERT_PARAM_*
} set_param;
} WINDIVERT_IOCTL, *PWINDIVERT_IOCTL;
UINT16 magic; // WINDIVERT_IOCTL_MAGIC
UINT8 version; // WINDIVERT_IOCTL_VERSION
UINT8 arg8; // 8-bit argument
UINT64 arg; // 64-bit argument
};
typedef struct windivert_ioctl_s *windivert_ioctl_t;
/*
* WinDivert initialization structure.
* WinDivert IOCTL structures.
*/
typedef struct
struct windivert_ioctl_filter_s
{
UINT64 magic; // Magic number (in/out).
UINT32 major; // Driver major version (in/out).
UINT32 minor; // Driver minor version (in/out).
UINT32 bits; // 32 or 64 (in/out).
UINT32 reserved32[3];
UINT64 reserved64[4];
} WINDIVERT_VERSION, *PWINDIVERT_VERSION;
/*
* WinDivert filter structure.
*/
typedef struct
{
UINT32 field:11; // WINDIVERT_FILTER_FIELD_*
UINT32 test:5; // WINDIVERT_FILTER_TEST_*
UINT32 success:16; // Success continuation.
UINT32 failure:16; // Fail continuation.
UINT32 neg:1; // Argument negative?
UINT32 reserved:15;
UINT8 field; // WINDIVERT_FILTER_FIELD_IP_*
UINT8 test; // WINDIVERT_FILTER_TEST_*
UINT16 success; // Success continuation.
UINT16 failure; // Fail continuation.
UINT32 arg[4]; // Argument.
} WINDIVERT_FILTER, *PWINDIVERT_FILTER;
};
typedef struct windivert_ioctl_filter_s *windivert_ioctl_filter_t;
#pragma pack(pop)
/*
* IOCTL codes.
*/
#define IOCTL_WINDIVERT_INITIALIZE \
CTL_CODE(FILE_DEVICE_NETWORK, 0x921, METHOD_OUT_DIRECT, FILE_READ_DATA |\
FILE_WRITE_DATA)
#define IOCTL_WINDIVERT_STARTUP \
CTL_CODE(FILE_DEVICE_NETWORK, 0x922, METHOD_IN_DIRECT, FILE_READ_DATA | \
FILE_WRITE_DATA)
#define IOCTL_WINDIVERT_RECV \
CTL_CODE(FILE_DEVICE_NETWORK, 0x923, METHOD_OUT_DIRECT, FILE_READ_DATA)
CTL_CODE(FILE_DEVICE_NETWORK, 0x908, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
#define IOCTL_WINDIVERT_SEND \
CTL_CODE(FILE_DEVICE_NETWORK, 0x924, METHOD_IN_DIRECT, FILE_READ_DATA | \
FILE_WRITE_DATA)
CTL_CODE(FILE_DEVICE_NETWORK, 0x909, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
#define IOCTL_WINDIVERT_START_FILTER \
CTL_CODE(FILE_DEVICE_NETWORK, 0x90A, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
#define IOCTL_WINDIVERT_SET_LAYER \
CTL_CODE(FILE_DEVICE_NETWORK, 0x90B, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
#define IOCTL_WINDIVERT_SET_PRIORITY \
CTL_CODE(FILE_DEVICE_NETWORK, 0x90C, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
#define IOCTL_WINDIVERT_SET_FLAGS \
CTL_CODE(FILE_DEVICE_NETWORK, 0x90D, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
#define IOCTL_WINDIVERT_SET_PARAM \
CTL_CODE(FILE_DEVICE_NETWORK, 0x925, METHOD_IN_DIRECT, FILE_READ_DATA | \
FILE_WRITE_DATA)
CTL_CODE(FILE_DEVICE_NETWORK, 0x90E, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
#define IOCTL_WINDIVERT_GET_PARAM \
CTL_CODE(FILE_DEVICE_NETWORK, 0x926, METHOD_OUT_DIRECT, FILE_READ_DATA)
#define IOCTL_WINDIVERT_SHUTDOWN \
CTL_CODE(FILE_DEVICE_NETWORK, 0x927, METHOD_IN_DIRECT, FILE_READ_DATA | \
FILE_WRITE_DATA)
CTL_CODE(FILE_DEVICE_NETWORK, 0x90F, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
#endif /* __WINDIVERT_DEVICE_H */
inf/windivert32.inf
-42
View File
@@ -1,42 +0,0 @@
[Version]
Signature = "$Windows NT$"
Class = WFPCALLOUTS
ClassGuid = {57465043-616C-6C6F-7574-5F636C617373}
Provider = %Basil%
CatalogFile = WinDivert32.Cat
DriverVer = 08/08/2019,2.2.0
[SourceDisksNames]
1 = %DiskName%
[SourceDisksFiles]
WinDivert32.sys = 1
[DestinationDirs]
DefaultDestDir = 12 ; %windir%\system32\drivers
WinDivertCalloutDriver.DriverFiles = 12 ; %windir%\system32\drivers
[DefaultInstall]
OptionDesc = %Description%
CopyFiles = WinDivertCalloutDriver.DriverFiles
[DefaultInstall.Services]
AddService = %ServiceName%,,WinDivertCalloutDriver.Service
[WinDivertCalloutDriver.DriverFiles]
WinDivert32.sys,,,0x00000040 ; COPYFLG_OVERWRITE_OLDER_ONLY
[WinDivertCalloutDriver.Service]
DisplayName = %ServiceName%
Description = %ServiceDesc%
ServiceType = 1 ; SERVICE_KERNEL_DRIVER
StartType = 0 ; SERVICE_BOOT_START
ErrorControl = 1 ; SERVICE_ERROR_NORMAL
ServiceBinary = %12%\WinDivert32.sys
[Strings]
Basil = "Basil"
DiskName = "WinDivert Installation Disk"
Description = "WinDivert Driver"
ServiceName = "WinDivert"
ServiceDesc = "WinDivert Driver"
inf/windivert64.inf
-42
View File
@@ -1,42 +0,0 @@
[Version]
Signature = "$Windows NT$"
Class = WFPCALLOUTS
ClassGuid = {57465043-616C-6C6F-7574-5F636C617373}
Provider = %Basil%
CatalogFile = WinDivert64.Cat
DriverVer = 08/08/2019,2.2.0
[SourceDisksNames]
1 = %DiskName%
[SourceDisksFiles]
WinDivert64.sys = 1
[DestinationDirs]
DefaultDestDir = 12 ; %windir%\system32\drivers
WinDivertCalloutDriver.DriverFiles = 12 ; %windir%\system32\drivers
[DefaultInstall]
OptionDesc = %Description%
CopyFiles = WinDivertCalloutDriver.DriverFiles
[DefaultInstall.Services]
AddService = %ServiceName%,,WinDivertCalloutDriver.Service
[WinDivertCalloutDriver.DriverFiles]
WinDivert64.sys,,,0x00000040 ; COPYFLG_OVERWRITE_OLDER_ONLY
[WinDivertCalloutDriver.Service]
DisplayName = %ServiceName%
Description = %ServiceDesc%
ServiceType = 1 ; SERVICE_KERNEL_DRIVER
StartType = 0 ; SERVICE_BOOT_START
ErrorControl = 1 ; SERVICE_ERROR_NORMAL
ServiceBinary = %12%\WinDivert64.sys
[Strings]
Basil = "Basil"
DiskName = "WinDivert Installation Disk"
Description = "WinDivert Driver"
ServiceName = "WinDivert"
ServiceDesc = "WinDivert Driver"
mingw-build.sh
+24 -73
View File
@@ -1,49 +1,28 @@
#!/bin/bash
#
# mingw-build.sh
# (C) 2019, all rights reserved,
# (C) 2014, all rights reserved,
#
# This file is part of WinDivert.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WinDivert is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the
# Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
# License for more details.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# WinDivert is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation; either version 2 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc., 51
# Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# Script for MinGW/Linux cross compilation.
# NOTE: run msvc-build.bat before this script.
# NOTE: run wddk-build.bat before this script.
set -e
ENVS="i686-w64-mingw32 x86_64-w64-mingw32"
if [ "$1" = "debug" ]
then
EXTRA_OPTS="-lmsvcrt -include stdio.h"
fi
for ENV in $ENVS
do
if [ $ENV = "i686-w64-mingw32" ]
@@ -56,19 +35,18 @@ do
BITS=64
MANGLE=
fi
HAVE_SYS=yes
if [ ! -d install/MSVC/$CPU ]
if [ ! -d install/WDDK/$CPU ]
then
echo "WARNING: missing MSVC build; run msvc-build.bat first"
HAVE_SYS=no
echo "WARNING: missing WDDK build; run wddk-build.bat first"
echo "SKIP WDDK-$CPU"
continue
fi
echo "BUILD MINGW-$CPU"
echo "BUILD WDDK-$CPU"
CC="$ENV-gcc"
COPTS="-fno-ident -shared -Wall -Wno-pointer-to-int-cast -Os -Iinclude/
COPTS="-shared -Wall -Wno-pointer-to-int-cast -O2 -Iinclude/
-Wl,--enable-stdcall-fixup -Wl,--entry=${MANGLE}WinDivertDllEntry"
CLIBS="-lkernel32 -ladvapi32 $EXTRA_OPTS"
CLIBS="-lgcc -lmsvcrt -lkernel32 -ladvapi32"
STRIP="$ENV-strip"
DLLTOOL="$ENV-dlltool"
if [ -x "`which $CC`" ]
then
echo "\tmake install/MINGW/$CPU..."
@@ -78,51 +56,24 @@ do
$CC $COPTS -o "install/MINGW/$CPU/WinDivert.dll" \
dll/windivert.o dll/windivert.def -nostdlib $CLIBS
$STRIP "install/MINGW/$CPU/WinDivert.dll"
echo "\tbuild install/MINGW/$CPU/WinDivert.lib..."
$DLLTOOL --dllname install/MINGW/$CPU/WinDivert.dll \
--def dll/windivert.def \
--output-lib install/MINGW/$CPU/WinDivert.lib 2>/dev/null
echo "\tbuild install/MINGW/$CPU/netdump.exe..."
$CC -s -O2 -Iinclude/ examples/netdump/netdump.c \
-o "install/MINGW/$CPU/netdump.exe" -lWinDivert \
-o "install/MINGW/$CPU/netdump.exe" -lWinDivert -lws2_32 \
-L"install/MINGW/$CPU/"
echo "\tbuild install/MINGW/$CPU/netfilter.exe..."
$CC -s -O2 -Iinclude/ examples/netfilter/netfilter.c \
-o "install/MINGW/$CPU/netfilter.exe" -lWinDivert \
-o "install/MINGW/$CPU/netfilter.exe" -lWinDivert -lws2_32 \
-L"install/MINGW/$CPU/"
echo "\tbuild install/MINGW/$CPU/passthru.exe..."
$CC -s -O2 -Iinclude/ examples/passthru/passthru.c \
-o "install/MINGW/$CPU/passthru.exe" -lWinDivert \
-o "install/MINGW/$CPU/passthru.exe" -lWinDivert -lws2_32 \
-L"install/MINGW/$CPU/"
echo "\tbuild install/MINGW/$CPU/webfilter.exe..."
$CC -s -O2 -Iinclude/ examples/webfilter/webfilter.c \
-o "install/MINGW/$CPU/webfilter.exe" -lWinDivert \
-L"install/MINGW/$CPU/"
echo "\tbuild install/MINGW/$CPU/streamdump.exe..."
$CC -s -O2 -Iinclude/ examples/streamdump/streamdump.c \
-o "install/MINGW/$CPU/streamdump.exe" -lWinDivert -lws2_32 \
-L"install/MINGW/$CPU/"
echo "\tbuild install/MINGW/$CPU/flowtrack.exe..."
$CC -s -O2 -Iinclude/ examples/flowtrack/flowtrack.c \
-o "install/MINGW/$CPU/flowtrack.exe" -lWinDivert -lpsapi \
-lshlwapi -L"install/MINGW/$CPU/"
echo "\tbuild install/MINGW/$CPU/windivertctl.exe..."
$CC -s -O2 -Iinclude/ examples/windivertctl/windivertctl.c \
-o "install/MINGW/$CPU/windivertctl.exe" -lWinDivert \
-lpsapi -lshlwapi -L"install/MINGW/$CPU/"
echo "\tbuild install/MINGW/$CPU/socketdump.exe..."
$CC -s -O2 -Iinclude/ examples/socketdump/socketdump.c \
-o "install/MINGW/$CPU/socketdump.exe" -lWinDivert \
-lpsapi -lshlwapi -L"install/MINGW/$CPU/"
echo "\tbuild install/MINGW/$CPU/test.exe..."
$CC -s -O2 -Iinclude/ test/test.c \
-o "install/MINGW/$CPU/test.exe" -lWinDivert \
-L"install/MINGW/$CPU/"
if [ $HAVE_SYS = yes ]
then
echo "\tcopy install/MINGW/$CPU/WinDivert$BITS.sys..."
cp install/MSVC/$CPU/WinDivert$BITS.sys install/MINGW/$CPU
fi
-o "install/MINGW/$CPU/webfilter.exe" -lWinDivert -lws2_32 \
-L"install/MINGW/$CPU/"
echo "\tcopy install/MINGW/$CPU/WinDivert$BITS.sys..."
cp install/WDDK/$CPU/WinDivert$BITS.sys install/MINGW/$CPU
else
echo "WARNING: $CC not found"
fi
msvc-build.bat
+65 -128
View File
@@ -1,150 +1,87 @@
:: msvc-build.bat
:: (C) 2019, all rights reserved,
:: (C) 2014, all rights reserved,
::
:: This file is part of WinDivert.
:: This program is free software: you can redistribute it and/or modify
:: it under the terms of the GNU Lesser General Public License as published by
:: the Free Software Foundation, either version 3 of the License, or
:: (at your option) any later version.
::
:: WinDivert is free software: you can redistribute it and/or modify it under
:: the terms of the GNU Lesser General Public License as published by the
:: Free Software Foundation, either version 3 of the License, or (at your
:: option) any later version.
::
:: This program is distributed in the hope that it will be useful, but
:: WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
:: or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
:: License for more details.
:: This program is distributed in the hope that it will be useful,
:: but WITHOUT ANY WARRANTY; without even the implied warranty of
:: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
:: GNU Lesser General Public License for more details.
::
:: You should have received a copy of the GNU Lesser General Public License
:: along with this program. If not, see <http://www.gnu.org/licenses/>.
::
:: WinDivert is free software; you can redistribute it and/or modify it under
:: the terms of the GNU General Public License as published by the Free
:: Software Foundation; either version 2 of the License, or (at your option)
:: any later version.
::
:: This program is distributed in the hope that it will be useful, but
:: WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
:: or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
:: for more details.
::
:: You should have received a copy of the GNU General Public License along
:: with this program; if not, write to the Free Software Foundation, Inc., 51
:: Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
:: Script for MSVC (Microsoft Visual Studio 2012) compilation.
:: NOTE: run wddk-build.bat before this script.
@echo off
msbuild sys\windivert.vcxproj ^
/p:Configuration=Release ^
/p:platform=Win32 ^
/p:SignMode=Off ^
/p:OutDir=..\install\MSVC\i386\ ^
/p:AssemblyName=WinDivert32
:: Determine target CPU.
msbuild sys\windivert.vcxproj ^
/p:Configuration=Release ^
/p:platform=x64 ^
/p:SignMode=Off ^
/p:OutDir=..\install\MSVC\amd64\ ^
/p:AssemblyName=WinDivert64
cl 2>&1 | findstr "x86" > NUL
msbuild dll\windivert.vcxproj ^
/p:Configuration=Release ^
/p:platform=Win32 ^
/p:OutDir=..\install\MSVC\i386\
move dll\WinDivert.lib install\MSVC\i386\.
if %ERRORLEVEL% == 0 (
set TARGET=i386
set PLATFORM=Win32
set BITS=32
) ELSE (
set TARGET=amd64
set PLATFORM=x64
set BITS=64
)
msbuild dll\windivert.vcxproj ^
/p:Configuration=Release ^
/p:platform=x64 ^
/p:OutDir=..\install\MSVC\amd64\
move dll\WinDivert.lib install\MSVC\amd64\.
set WDDK_INSTALL=install\WDDK\%TARGET%\
set MSVC_INSTALL=install\MSVC\%TARGET%\
msbuild examples\flowtrack\flowtrack.vcxproj ^
/p:Configuration=Release ^
/p:Platform=Win32 ^
/p:OutDir=..\..\install\MSVC\i386\
if not exist %WDDK_INSTALL% (
echo ERROR: Missing WDDK build; run wddk-build.bat first
exit /B
)
mkdir %MSVC_INSTALL%
msbuild examples\flowtrack\flowtrack.vcxproj ^
/p:Configuration=Release ^
/p:Platform=x64 ^
/p:OutDir=..\..\install\MSVC\amd64\
:: Build WinDivert.dll
cd dll
msbuild /p:Platform=%PLATFORM% /p:OutDir=build\
copy /Y build\WinDivert.dll ..\%MSVC_INSTALL%
copy /Y build\WinDivert.lib ..\%MSVC_INSTALL%
copy /Y build\WinDivert.lib ..\%MSVC_INSTALL%..
rd /s /q build\
cd ..
msbuild examples\netdump\netdump.vcxproj ^
/p:Configuration=Release ^
/p:Platform=Win32 ^
/p:OutDir=..\..\install\MSVC\i386\
:: Build netdump
cd examples\netdump
msbuild /p:Platform=%PLATFORM% /p:OutDir=build\
copy /Y build\netdump.exe ..\..\%MSVC_INSTALL%
rd /s /q build\
cd ..\..
msbuild examples\netdump\netdump.vcxproj ^
/p:Configuration=Release ^
/p:Platform=x64 ^
/p:OutDir=..\..\install\MSVC\amd64\
:: Build netfilter
cd examples\netfilter
msbuild /p:Platform=%PLATFORM% /p:OutDir=build\
copy /Y build\netfilter.exe ..\..\%MSVC_INSTALL%
rd /s /q build\
cd ..\..
msbuild examples\netfilter\netfilter.vcxproj ^
/p:Configuration=Release ^
/p:Platform=Win32 ^
/p:OutDir=..\..\install\MSVC\i386\
:: Build passthru
cd examples\passthru
msbuild /p:Platform=%PLATFORM% /p:OutDir=build\
copy /Y build\passthru.exe ..\..\%MSVC_INSTALL%
rd /s /q build\
cd ..\..
msbuild examples\netfilter\netfilter.vcxproj ^
/p:Configuration=Release ^
/p:Platform=x64 ^
/p:OutDir=..\..\install\MSVC\amd64\
:: Build webfilter
cd examples\webfilter
msbuild /p:Platform=%PLATFORM% /p:OutDir=build\
copy /Y build\webfilter.exe ..\..\%MSVC_INSTALL%
rd /s /q build\
cd ..\..
msbuild examples\passthru\passthru.vcxproj ^
/p:Configuration=Release ^
/p:Platform=Win32 ^
/p:OutDir=..\..\install\MSVC\i386\
:: Copy files
copy /Y %WDDK_INSTALL%\WinDivert%BITS%.sys %MSVC_INSTALL%
msbuild examples\passthru\passthru.vcxproj ^
/p:Configuration=Release ^
/p:Platform=x64 ^
/p:OutDir=..\..\install\MSVC\amd64\
msbuild examples\socketdump\socketdump.vcxproj ^
/p:Configuration=Release ^
/p:Platform=Win32 ^
/p:OutDir=..\..\install\MSVC\i386\
msbuild examples\socketdump\socketdump.vcxproj ^
/p:Configuration=Release ^
/p:Platform=x64 ^
/p:OutDir=..\..\install\MSVC\amd64\
msbuild examples\streamdump\streamdump.vcxproj ^
/p:Configuration=Release ^
/p:Platform=Win32 ^
/p:OutDir=..\..\install\MSVC\i386\
msbuild examples\streamdump\streamdump.vcxproj ^
/p:Configuration=Release ^
/p:Platform=x64 ^
/p:OutDir=..\..\install\MSVC\amd64\
msbuild examples\webfilter\webfilter.vcxproj ^
/p:Configuration=Release ^
/p:Platform=Win32 ^
/p:OutDir=..\..\install\MSVC\i386\
msbuild examples\webfilter\webfilter.vcxproj ^
/p:Configuration=Release ^
/p:Platform=x64 ^
/p:OutDir=..\..\install\MSVC\amd64\
msbuild examples\windivertctl\windivertctl.vcxproj ^
/p:Configuration=Release ^
/p:Platform=Win32 ^
/p:OutDir=..\..\install\MSVC\i386\
msbuild examples\windivertctl\windivertctl.vcxproj ^
/p:Configuration=Release ^
/p:Platform=x64 ^
/p:OutDir=..\..\install\MSVC\amd64\
msbuild test\test.vcxproj ^
/p:Configuration=Release ^
/p:Platform=Win32 ^
/p:OutDir=..\install\MSVC\i386\
msbuild test\test.vcxproj ^
/p:Configuration=Release ^
/p:Platform=x64 ^
/p:OutDir=..\install\MSVC\amd64\
:: Clean-up
del %MSVC_INSTALL%..\WinDivert.lib
release-build.sh
+104 -147
View File
@@ -1,165 +1,122 @@
#!/bin/bash
#
# release-build.sh
# (C) 2019, all rights reserved,
# (C) 2014, all rights reserved,
#
# This file is part of WinDivert.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WinDivert is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the
# Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
# License for more details.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# WinDivert is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation; either version 2 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc., 51
# Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# Script for building WinDivert binary packages. This script assumes the
# binaries are already built and are in the install/ subdirectory.
set -e
LABEL=
if [ $# -ge 1 ]
then
LABEL="-$1"
fi
TARGET=MINGW
WINDIVERT32_SYS=install/$TARGET/i386/WinDivert32.sys
if [ $# -ge 2 ]
then
WINDIVERT32_SYS=$2
fi
WINDIVERT64_SYS=install/$TARGET/amd64/WinDivert64.sys
if [ $# -ge 3 ]
then
WINDIVERT64_SYS=$3
fi
VERSION=`cat ./VERSION`
NAME=WinDivert-$VERSION
echo "BUILD $NAME$LABEL"
INSTALL=install/$NAME$LABEL
echo "\tmake $INSTALL..."
rm -rf $INSTALL
mkdir -p $INSTALL
echo "\tcopy $INSTALL/README..."
cp README $INSTALL
echo "\tcopy $INSTALL/CHANGELOG..."
cp CHANGELOG $INSTALL
echo "\tcopy $INSTALL/LICENSE..."
cp LICENSE $INSTALL
echo "\tcopy $INSTALL/VERSION..."
cp VERSION $INSTALL
echo "\tmake $INSTALL/include..."
mkdir -p $INSTALL/include
echo "\tcopy $INSTALL/include/windivert.h..."
cp include/windivert.h $INSTALL/include
echo "\tmake $INSTALL/doc..."
mkdir -p $INSTALL/doc
echo "\tcopy $INSTALL/doc/WinDivert.html..."
cp doc/windivert.html $INSTALL/doc/WinDivert.html
echo "\tmake $INSTALL/x86..."
mkdir -p $INSTALL/x86
echo "\tcopy $INSTALL/x86/WinDivert32.sys..."
cp "$WINDIVERT32_SYS" $INSTALL/x86
if ! grep "DigiCert High Assurance EV Root" $INSTALL/x86/WinDivert32.sys \
2>&1 >/dev/null
then
echo "\t\033[33mWARNING\033[0m: unsigned WinDivert32.sys..."
fi
if [ -e "$WINDIVERT64_SYS" ]
then
echo "\tcopy $INSTALL/x64/WinDivert64.sys..."
cp "$WINDIVERT64_SYS" $INSTALL/x86
fi
echo "\tcopy $INSTALL/x86/WinDivert.lib..."
cp install/$TARGET/i386/WinDivert.lib $INSTALL/x86
echo "\tcopy $INSTALL/x86/WinDivert.dll..."
cp install/$TARGET/i386/WinDivert.dll $INSTALL/x86
echo "\tcopy $INSTALL/x86/netdump.exe..."
cp install/$TARGET/i386/netdump.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/netfilter.exe..."
cp install/$TARGET/i386/netfilter.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/passtru.exe..."
cp install/$TARGET/i386/passthru.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/webfilter.exe..."
cp install/$TARGET/i386/webfilter.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/streamdump.exe..."
cp install/$TARGET/i386/streamdump.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/flowtrack.exe..."
cp install/$TARGET/i386/flowtrack.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/socketdump.exe..."
cp install/$TARGET/i386/socketdump.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/windivertctl.exe..."
cp install/$TARGET/i386/windivertctl.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/test.exe..."
cp install/$TARGET/i386/test.exe $INSTALL/x86
if [ -d "install/$TARGET/amd64" ]
then
echo "\tmake $INSTALL/amd64..."
mkdir -p $INSTALL/x64
echo "\tcopy $INSTALL/amd64/WinDivert64.sys..."
cp "$WINDIVERT64_SYS" $INSTALL/x64
if ! grep "DigiCert High Assurance EV Root" \
$INSTALL/x64/WinDivert64.sys 2>&1 >/dev/null
for TARGET in WDDK MSVC MINGW
do
if [ ! -d "install/$TARGET" ]
then
echo "\t\033[33mWARNING\033[0m: unsigned WinDivert64.sys..."
echo "SKIP $NAME-$TARGET"
continue
fi
echo "\tcopy $INSTALL/x64/WinDivert.lib..."
cp install/$TARGET/amd64/WinDivert.lib $INSTALL/x64
echo "\tcopy $INSTALL/x64/WinDivert.dll..."
cp install/$TARGET/amd64/WinDivert.dll $INSTALL/x64
echo "\tcopy $INSTALL/x64/netdump.exe..."
cp install/$TARGET/amd64/netdump.exe $INSTALL/x64
echo "\tcopy $INSTALL/x64/netfilter.exe..."
cp install/$TARGET/amd64/netfilter.exe $INSTALL/x64
echo "\tcopy $INSTALL/x64/passtru.exe..."
cp install/$TARGET/amd64/passthru.exe $INSTALL/x64
echo "\tcopy $INSTALL/x64/webfilter.exe..."
cp install/$TARGET/amd64/webfilter.exe $INSTALL/x64
echo "\tcopy $INSTALL/x64/streamdump.exe..."
cp install/$TARGET/amd64/streamdump.exe $INSTALL/x64
echo "\tcopy $INSTALL/x64/flowtrack.exe..."
cp install/$TARGET/amd64/flowtrack.exe $INSTALL/x64
echo "\tcopy $INSTALL/x64/socketdump.exe..."
cp install/$TARGET/amd64/socketdump.exe $INSTALL/x64
echo "\tcopy $INSTALL/x64/windivertctl.exe..."
cp install/$TARGET/amd64/windivertctl.exe $INSTALL/x64
echo "\tcopy $INSTALL/x64/test.exe..."
cp install/$TARGET/amd64/test.exe $INSTALL/x64
else
echo "\tWARNING: skipping missing AMD64 build..."
fi
PACKAGE=$NAME$LABEL.zip
echo "\tbuilding $PACKAGE..."
(
cd install;
zip -r $PACKAGE $NAME$LABEL > /dev/null
)
echo -n "\tclean $INSTALL..."
rm -rf $INSTALL
echo "DONE"
echo "BUILD $NAME-$TARGET"
INSTALL=install/$NAME-$TARGET
echo "\tmake $INSTALL..."
mkdir -p $INSTALL
echo "\tcopy $INSTALL/README..."
cp README $INSTALL
echo "\tcopy $INSTALL/CHANGELOG..."
cp CHANGELOG $INSTALL
echo "\tcopy $INSTALL/LICENSE..."
cp LICENSE $INSTALL
echo "\tcopy $INSTALL/VERSION..."
cp VERSION $INSTALL
echo "\tmake $INSTALL/include..."
mkdir -p $INSTALL/include
echo "\tcopy $INSTALL/include/windivert.h..."
cp include/windivert.h $INSTALL/include
echo "\tmake $INSTALL/doc..."
mkdir -p $INSTALL/doc
echo "\tcopy $INSTALL/doc/WinDivert.html..."
cp doc/windivert.html $INSTALL/doc/WinDivert.html
echo "\tmake $INSTALL/x86..."
mkdir -p $INSTALL/x86
echo "\tcopy $INSTALL/x86/WinDivert32.sys..."
cp install/$TARGET/i386/WinDivert32.sys $INSTALL/x86
if ! grep "DigiCert High Assurance EV Root" $INSTALL/x86/WinDivert32.sys \
2>&1 >/dev/null
then
echo "\t\033[33mWARNING\033[0m: unsigned WinDivert32.sys..."
fi
if [ $TARGET != MINGW ]
then
echo "\tcopy $INSTALL/x86/WinDivert.lib..."
cp install/$TARGET/i386/WinDivert.lib $INSTALL/x86
fi
echo "\tcopy $INSTALL/x86/WinDivert.dll..."
cp install/$TARGET/i386/WinDivert.dll $INSTALL/x86
echo "\tcopy $INSTALL/x86/netdump.exe..."
cp install/$TARGET/i386/netdump.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/netfilter.exe..."
cp install/$TARGET/i386/netfilter.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/passtru.exe..."
cp install/$TARGET/i386/passthru.exe $INSTALL/x86
echo "\tcopy $INSTALL/x86/webfilter.exe..."
cp install/$TARGET/i386/webfilter.exe $INSTALL/x86
if [ -d "install/$TARGET/amd64" ]
then
echo "\tmake $INSTALL/amd64..."
mkdir -p $INSTALL/amd64
echo "\tcopy $INSTALL/amd64/WinDivert64.sys..."
cp install/$TARGET/amd64/WinDivert64.sys $INSTALL/amd64
if ! grep "DigiCert High Assurance EV Root" \
$INSTALL/amd64/WinDivert64.sys 2>&1 >/dev/null
then
echo -e "\t\033[33mWARNING\033[0m: unsigned WinDivert64.sys..."
fi
if [ $TARGET != MINGW ]
then
echo "\tcopy $INSTALL/amd64/WinDivert.lib..."
cp install/$TARGET/amd64/WinDivert.lib $INSTALL/amd64
fi
echo "\tcopy $INSTALL/amd64/WinDivert.dll..."
cp install/$TARGET/amd64/WinDivert.dll $INSTALL/amd64
echo "\tcopy $INSTALL/amd64/netdump.exe..."
cp install/$TARGET/amd64/netdump.exe $INSTALL/amd64
echo "\tcopy $INSTALL/amd64/netfilter.exe..."
cp install/$TARGET/amd64/netfilter.exe $INSTALL/amd64
echo "\tcopy $INSTALL/amd64/passtru.exe..."
cp install/$TARGET/amd64/passthru.exe $INSTALL/amd64
echo "\tcopy $INSTALL/amd64/webfilter.exe..."
cp install/$TARGET/amd64/webfilter.exe $INSTALL/amd64
else
echo "\tWARNING: skipping missing AMD64 build..."
fi
PACKAGE=$NAME-$TARGET.tar.gz
echo "\tbuilding $PACKAGE..."
(
cd install;
tar cvz --owner root --group root -f $PACKAGE $NAME-$TARGET > /dev/null
)
PACKAGE=$NAME-$TARGET.zip
echo "\tbuilding $PACKAGE..."
(
cd install;
zip -r $PACKAGE $NAME-$TARGET > /dev/null
)
echo -n "\tclean $INSTALL..."
rm -rf $INSTALL
echo "DONE"
done
sys/sources
+16 -1
View File
@@ -1,3 +1,18 @@
# sources
# (C) 2014, all rights reserved,
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
!IF "$(_BUILDARCH)" == "x86"
CPU=i386
@@ -19,6 +34,6 @@ NTTARGETFILES=
KMDF_VERSION_MAJOR=1
C_DEFINES=$(C_DEFINES) -DBINARY_COMPATIBLE=0 -DNT -DUNICODE -D_UNICODE \
-DNDIS60 -DNDIS_SUPPORT_NDIS60
INCLUDES=$(DDK_INC_PATH);..\include;..\dll
INCLUDES=$(DDK_INC_PATH);..\include
SOURCES=windivert.rc windivert.c
sys/windivert.c
+2124 -4973
View File
File diff suppressed because it is too large Load Diff
sys/windivert.inf
+9
View File
@@ -0,0 +1,9 @@
[Version]
Signature="$WINDOWS NT$"
[windivert.NT.Wdf]
KmdfService = windivert, windivert_WdfSection
[windivert_WdfSection]
KmdfLibraryVersion = 1.9
sys/windivert.rc
+16 -34
View File
@@ -1,59 +1,41 @@
/*
* windivert.rc
* (C) 2019, all rights reserved,
* (C) 2014, all rights reserved,
*
* This file is part of WinDivert.
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
#include <windows.h>
#include <ntverp.h>
#include "windivert_log.rc"
#define VER_FILETYPE VFT_DRV
#define VER_FILESUBTYPE VFT2_DRV_NETWORK
#define VER_FILEDESCRIPTION_STR \
"The WinDivert 2.2 driver " \
"[URL: https://reqrypt.org/windivert.html] " \
"[Bitcoin: 1C5vZVSbizPeZ8ydTYhUfm4LA2cNwBfcYh]"
"WinDivert" \
" (web: http://reqrypt.org/windivert.html)" \
" (donate: 1C5vZVSbizPeZ8ydTYhUfm4LA2cNwBfcYh)"
#define VER_INTERNALNAME_STR "WinDivert.sys"
#define VER_ORIGINALFILENAME_STR "WinDivert.sys"
#define VER_PRODUCTVERSION 2.2
#define VER_PRODUCTVERSION_STR "2.2"
#define VER_PRODUCTVERSION 1.1.8
#define VER_PRODUCTVERSION_STR "1.1.8"
#define VER_COMPANYNAME_STR "Basil"
#define VER_LEGALCOPYRIGHT_YEARS "2011-2019"
#define VER_LEGALCOPYRIGHT_YEARS "2011-2015"
#define VER_LEGALCOPYRIGHT_STR \
"Copyright \251 " VER_COMPANYNAME_STR " " VER_LEGALCOPYRIGHT_YEARS
#define VER_FILEVERSION VER_PRODUCTVERSION
#define VER_FILEVERSION_STR VER_PRODUCTVERSION_STR
#define VER_PRODUCTNAME_STR "WinDivert 2.2 driver"
#define VER_PRODUCTNAME_STR "WinDivert driver"
#include "common.ver"
sys/windivert.vcxproj
-93
View File
@@ -1,93 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
windivert.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<MessageCompile Include="windivert_log.mc">
<RCFilePath>.</RCFilePath>
<HeaderFilePath>.</HeaderFilePath>
</MessageCompile>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="windivert.rc" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="windivert.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MaxSpeed</Optimization>
<AdditionalIncludeDirectories>..\include;..\dll;.</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
<MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>
<RootNamespace>WinDivert</RootNamespace>
<ProjectName>WinDivert</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<TargetVersion>Windows7</TargetVersion>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>KMDF</DriverType>
<DriverTargetPlatform>Desktop</DriverTargetPlatform>
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
<EnableInf2cat>false</EnableInf2cat>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<ClCompile>
<WppEnabled>false</WppEnabled>
<PreprocessorDefinitions Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">_X86_=1;i386=1;STD_CALL;%(PreprocessorDefinitions);NDIS60;UNICODE;_UNICODE;NDIS_SUPPORT_NDIS60;NT;BINARY_COMPATIBLE=0</PreprocessorDefinitions>
<PreprocessorDefinitions Condition="'$(Configuration)|$(Platform)'=='Release|x64'">_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);NDIS60;UNICODE;_UNICODE;NDIS_SUPPORT_NDIS60;NT;BINARY_COMPATIBLE=0</PreprocessorDefinitions>
</ClCompile>
<Link>
<AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib;$(DDK_LIB_PATH)\wdmsec.lib;$(DDK_LIB_PATH)\ndis.lib;$(DDK_LIB_PATH)\fwpkclnt.lib;$(SDK_LIB_PATH)\uuid.lib</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
sys/windivert_log.mc
-59
View File
@@ -1,59 +0,0 @@
;/*
; * windivert_log.mc
; * (C) 2019, all rights reserved,
; *
; * This file is part of WinDivert.
; *
; * WinDivert is free software: you can redistribute it and/or modify it under
; * the terms of the GNU Lesser General Public License as published by the
; * Free Software Foundation, either version 3 of the License, or (at your
; * option) any later version.
; *
; * This program is distributed in the hope that it will be useful, but
; * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
; * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
; * License for more details.
; *
; * You should have received a copy of the GNU Lesser General Public License
; * along with this program. If not, see <http://www.gnu.org/licenses/>.
; *
; * WinDivert is free software; you can redistribute it and/or modify it under
; * the terms of the GNU General Public License as published by the Free
; * Software Foundation; either version 2 of the License, or (at your option)
; * any later version.
; *
; * This program is distributed in the hope that it will be useful, but
; * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
; * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
; * for more details.
; *
; * You should have received a copy of the GNU General Public License along
; * with this program; if not, write to the Free Software Foundation, Inc., 51
; * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
; */
MessageIdTypedef=NTSTATUS
SeverityNames = (
Success = 0x0:STATUS_SEVERITY_SUCCESS
Informational = 0x1:STATUS_SEVERITY_INFORMATIONAL
Warning = 0x2:STATUS_SEVERITY_WARNING
Error = 0x3:STATUS_SEVERITY_ERROR
)
FacilityNames = (
System = 0x0:FACILITY_SYSTEM
Runtime = 0x2:FACILITY_RUNTIME
Stubs = 0x3:FACILITY_STUBS
Io = 0x4:FACILITY_IO_ERROR_CODE
WinDivert = 0x574:FACILITY_WINDIVERT
)
MessageId=0x312D
Facility=WinDivert
Severity=Informational
SymbolicName=WINDIVERT_INFO_EVENT
Language=English
%2 %3 (processId=%4)
.
test/build.sh
+13 -32
View File
@@ -1,45 +1,26 @@
#!/bin/bash
#
# build.sh
# (C) 2019, all rights reserved,
# (C) 2014, all rights reserved,
#
# This file is part of WinDivert.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WinDivert is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the
# Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
# License for more details.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# WinDivert is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation; either version 2 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc., 51
# Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# Script for MinGW/Linux cross compilation.
# NOTE: run wddk-build.bat before this script.
CC=i686-w64-mingw32-gcc
$CC -fno-ident -s -O2 -I../include/ test.c \
-o ../install/MINGW/i386/test.exe -lWinDivert -L"../install/MINGW/i386/"
CC=x86_64-w64-mingw32-gcc
$CC -fno-ident -s -O2 -I../include/ test.c -o ../install/MINGW/amd64/test.exe \
-lWinDivert -L"../install/MINGW/amd64/"
$CC -s -O2 -I../include/ test.c -o test.exe -lWinDivert \
-L"../install/MINGW/amd64/"
test/test.c
+129 -1176
View File
File diff suppressed because it is too large Load Diff
test/test.vcxproj
-73
View File
@@ -1,73 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
test.vcxproj
(C) 2019, all rights reserved,
This file is part of WinDivert.
WinDivert is free software: you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
WinDivert is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="test.c">
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>MinSpace</Optimization>
<BasicRuntimeChecks>Default</BasicRuntimeChecks>
<AdditionalIncludeDirectories>..\include</AdditionalIncludeDirectories>
</ClCompile>
</ItemGroup>
<PropertyGroup Label="Globals">
<RootNamespace>test</RootNamespace>
<ProjectName>test</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props"/>
<PropertyGroup Label="Configuration">
<PlatformToolset>v140</PlatformToolset>
<ConfigurationType>Application</ConfigurationType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ItemDefinitionGroup>
<Link>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..\install\MSVC\i386\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..\install\MSVC\amd64\WinDivert.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
</Project>
test/test_data.c
+21 -90
View File
@@ -1,43 +1,27 @@
/*
* test_data.c
* (C) 2019, all rights reserved,
* (C) 2014, all rights reserved,
*
* This file is part of WinDivert.
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* WinDivert is free software: you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* WinDivert is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., 51
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
// IPV4 ICMP ECHO REQUEST
static const unsigned char echo_request[] =
static unsigned char echo_request[] =
{
0x45, 0x00, 0x00, 0x54, 0x12, 0x34, 0x40, 0x00,
0x40, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x01,
0x08, 0x08, 0x08, 0x08, 0x08, 0x00, 0x3c, 0xd2,
0x08, 0x08, 0x08, 0x08, 0x08, 0x00, 0x00, 0x00,
0x0d, 0x56, 0x00, 0x01, 0x8b, 0xa6, 0x60, 0x54,
0x00, 0x00, 0x00, 0x00, 0xf9, 0x08, 0x0a, 0x00,
0x00, 0x00, 0x00, 0x00, 0x10, 0x11, 0x12, 0x13,
@@ -49,13 +33,13 @@ static const unsigned char echo_request[] =
};
// IPV4 TCP HTTP GET REQUEST
static const unsigned char http_request[] =
static unsigned char http_request[] =
{
0x45, 0x00, 0x02, 0x09, 0x48, 0x2d, 0x40, 0x00,
0x40, 0x06, 0x00, 0x00, 0x0a, 0x0a, 0x0a, 0x0a,
0x5d, 0xb8, 0xd8, 0x77, 0xa3, 0x1a, 0x00, 0x50,
0x53, 0x38, 0xcc, 0xc2, 0x56, 0x37, 0xb3, 0x55,
0x80, 0x18, 0x00, 0x73, 0x02, 0xa4, 0x00, 0x00,
0x80, 0x18, 0x00, 0x73, 0x00, 0x00, 0x00, 0x00,
0x01, 0x01, 0x08, 0x0a, 0x00, 0x2c, 0x85, 0x1b,
0x1b, 0x7f, 0x3a, 0x71, 0x47, 0x45, 0x54, 0x20,
0x2f, 0x20, 0x48, 0x54, 0x54, 0x50, 0x2f, 0x31,
@@ -120,12 +104,12 @@ static const unsigned char http_request[] =
};
// IPV4 DNS REQUEST
static const unsigned char dns_request[] =
static unsigned char dns_request[] =
{
0x45, 0x00, 0x00, 0x39, 0x20, 0x90, 0x00, 0x00,
0x49, 0x11, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x01,
0x08, 0x08, 0x04, 0x04, 0xe0, 0x45, 0x00, 0x35,
0x00, 0x25, 0x22, 0xa7, 0x17, 0x08, 0x01, 0x00,
0x00, 0x25, 0x00, 0x00, 0x17, 0x08, 0x01, 0x00,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x07, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65,
0x03, 0x63, 0x6f, 0x6d, 0x00, 0x00, 0x01, 0x00,
@@ -133,7 +117,7 @@ static const unsigned char dns_request[] =
};
// IPV6 TCP SYN
static const unsigned char ipv6_tcp_syn[] =
static unsigned char ipv6_tcp_syn[] =
{
0x60, 0x00, 0x00, 0x00, 0x00, 0x28, 0x06, 0x40,
0x12, 0x34, 0x56, 0x78, 0x00, 0x01, 0x00, 0x00,
@@ -142,20 +126,20 @@ static const unsigned char ipv6_tcp_syn[] =
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0xc3, 0x7e, 0x00, 0x17, 0xe1, 0xd7, 0xc8, 0xaa,
0x00, 0x00, 0x00, 0x00, 0xa0, 0x02, 0xaa, 0xaa,
0xc3, 0x5e, 0x00, 0x00, 0x02, 0x04, 0xff, 0xc4,
0x00, 0x00, 0x00, 0x00, 0x02, 0x04, 0xff, 0xc4,
0x04, 0x02, 0x08, 0x0a, 0xff, 0xff, 0x91, 0x86,
0x00, 0x00, 0x00, 0x00, 0x01, 0x03, 0x03, 0x07
};
// IPV6 ICMPV6 ECHO REPLY
static const unsigned char ipv6_echo_reply[] =
static unsigned char ipv6_echo_reply[] =
{
0x60, 0x00, 0x00, 0x00, 0x00, 0x40, 0x3a, 0x1f,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x81, 0x00, 0x6e, 0xd6, 0x10, 0x72, 0x00, 0x03,
0x81, 0x00, 0x00, 0x00, 0x10, 0x72, 0x00, 0x03,
0xa4, 0xd5, 0x69, 0x54, 0x00, 0x00, 0x00, 0x00,
0xab, 0x75, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
@@ -166,7 +150,7 @@ static const unsigned char ipv6_echo_reply[] =
};
// IPV6 EXTENSION HEADERS UDP
static const unsigned char ipv6_exthdrs_udp[] =
static unsigned char ipv6_exthdrs_udp[] =
{
0x60, 0x00, 0x00, 0x00, 0x00, 0x2d, 0x00, 0x64,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -176,61 +160,8 @@ static const unsigned char ipv6_exthdrs_udp[] =
0x3c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x3c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x12, 0x34, 0xaa, 0xaa, 0x00, 0x15, 0xef, 0xf4,
0x12, 0x34, 0xaa, 0xaa, 0x00, 0x15, 0x00, 0x00,
0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x57, 0x6f,
0x72, 0x6c, 0x64, 0x21, 0x01
};
// IPV4 FRAGMENT #0
static const unsigned char ipv4_fragment_0[] =
{
0x45, 0x00, 0x00, 0x1C, 0x12, 0x34, 0x20, 0x00,
0x40, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x01,
0x08, 0x08, 0x08, 0x08, 0x08, 0x00, 0x3c, 0xd2,
0x0d, 0x56, 0x00, 0x01
};
// IPV4 FRAGMENT #1
static const unsigned char ipv4_fragment_1[] =
{
0x45, 0x00, 0x00, 0x4C, 0x12, 0x34, 0x00, 0x01,
0x40, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x01,
0x08, 0x08, 0x08, 0x08, 0x8b, 0xa6, 0x60, 0x54,
0x00, 0x00, 0x00, 0x00, 0xf9, 0x08, 0x0a, 0x00,
0x00, 0x00, 0x00, 0x00, 0x10, 0x11, 0x12, 0x13,
0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b,
0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
0x34, 0x35, 0x36, 0x37
};
// IPV6 FRAGMENT #0
static const unsigned char ipv6_fragment_0[] =
{
0x60, 0x00, 0x00, 0x00, 0x00, 0x20, 0x2c, 0x1f,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x3a, 0x00, 0x00, 0x01, 0xc7, 0xf6, 0xce, 0x53,
0x81, 0x00, 0x6e, 0xd6, 0x10, 0x72, 0x00, 0x03,
0xa4, 0xd5, 0x69, 0x54, 0x00, 0x00, 0x00, 0x00,
0xab, 0x75, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
// IPV6 FRAGMENT #1
static const unsigned char ipv6_fragment_1[] =
{
0x60, 0x00, 0x00, 0x00, 0x00, 0x30, 0x2c, 0x1f,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x3a, 0x00, 0x00, 0x18, 0xc7, 0xf6, 0xce, 0x53,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
};
wddk-build.bat
+9 -25
View File
@@ -1,35 +1,19 @@
:: wddk-build.bat
:: (C) 2019, all rights reserved,
:: (C) 2014, all rights reserved,
::
:: This file is part of WinDivert.
:: This program is free software: you can redistribute it and/or modify
:: it under the terms of the GNU Lesser General Public License as published by
:: the Free Software Foundation, either version 3 of the License, or
:: (at your option) any later version.
::
:: WinDivert is free software: you can redistribute it and/or modify it under
:: the terms of the GNU Lesser General Public License as published by the
:: Free Software Foundation, either version 3 of the License, or (at your
:: option) any later version.
::
:: This program is distributed in the hope that it will be useful, but
:: WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
:: or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
:: License for more details.
:: This program is distributed in the hope that it will be useful,
:: but WITHOUT ANY WARRANTY; without even the implied warranty of
:: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
:: GNU Lesser General Public License for more details.
::
:: You should have received a copy of the GNU Lesser General Public License
:: along with this program. If not, see <http://www.gnu.org/licenses/>.
::
:: WinDivert is free software; you can redistribute it and/or modify it under
:: the terms of the GNU General Public License as published by the Free
:: Software Foundation; either version 2 of the License, or (at your option)
:: any later version.
::
:: This program is distributed in the hope that it will be useful, but
:: WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
:: or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
:: for more details.
::
:: You should have received a copy of the GNU General Public License along
:: with this program; if not, write to the Free Software Foundation, Inc., 51
:: Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
::
:: Script for WDDK compilation.
:: NOTE: Use this script to build the driver