Alex_McAvoy

想要成为渔夫的猎手

Sniffer GUI数据更新函数

发表于 分类于
本文字数: 14k 阅读时长 ≈ 13 分钟

【概述】

GUI 数据更新函数,是对 GUI 的各控件进行更新数据所使用的

每调用相关函数一次,就对相关的控件进行数据更新

具体可分为:保存文件、读取文件、更新编辑框、编辑框格式化显示、更新树形框这五部分

【保存文件】

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
//保存文件
int CSnifferDlg::Sniffer_saveFile() {
    CFileFind find;
    if (find.FindFile(CString(filePath)) == NULL){
        MessageBox("保存文件遇到未知意外");
        return -1;
    }

    //保存文件对话框
    char szFilter[] = "lix文件(*.lix)|*.lix||";
    CFileDialog openDlg(FALSE, ".lix", 0, 0, szFilter);
    openDlg.m_ofn.lpstrInitialDir = "D:\\";
    if (openDlg.DoModal() == IDOK)
        CopyFile(CString(filePath), openDlg.GetPathName(), TRUE);

    return 1;
}

【读取文件】

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
//读取文件
int CSnifferDlg::Sniffer_readFile(CString path) {
    //处理路径
    int len = path.GetLength() + 1;
    char* charPath = (char *)malloc(len);
    memset(charPath, 0, len);

    if (charPath == NULL)
        return -1;
    for (int i = 0; i < len; i++)
        charPath[i] = (char)path.GetAt(i);

    //打开文件
    pcap_t *fp;
    if ((fp = pcap_open_offline(charPath, errorBufffer)) == NULL) {
        MessageBox("打开文件错误" + CString(errorBufffer));
        return -1;
    }

    struct pcap_pkthdr *data_header;//数据包头
    const u_char *pkt_data = NULL;//收到的字节流数据
    while (pcap_next_ex(fp, &data_header, &pkt_data) >= 0) {
        struct data_packet *data = (struct data_packet*)malloc(sizeof(struct data_packet));
        memset(data, 0, sizeof(struct data_packet));

        if (data == NULL) {
            MessageBox("空间已满,无法接收新的数据包");
            return  -1;
        }

        //分析出错或所接收数据包不在处理范围内
        if (analyse_data_frame(pkt_data, data, &(this->packetCount)) < 0)
            continue;

        //更新各类数据包计数
        this->Sniffer_updatePacket();
        this->Sniffer_updateList(data_header, data, pkt_data);
    }

    pcap_close(fp);
    return 1;
}

【更新编辑框】

1
2
3
4
5
6
7
8
9
10
11
12
13
//更新编辑框
int CSnifferDlg::Sniffer_updateEdit(int index) {
    POSITION localPos = this->m_localDataList.FindIndex(index);
    POSITION netPos = this->m_netDataList.FindIndex(index);

    struct data_packet* localData = (struct data_packet*)(this->m_localDataList.GetAt(localPos));
    u_char * netData = (u_char*)(this->m_netDataList.GetAt(netPos));

    CString buffer;
    print_packet_hex(netData, localData->len, &buffer);//数据格式化显示函数
    this->m_edit.SetWindowText(buffer);
    return 1;
}

【编辑框数据格式化显示】

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
//编辑框数据格式化显示
void CSnifferDlg::print_packet_hex(const u_char* packet, int packet_size, CString *buffer) {
    for (int i = 0; i < packet_size; i += 16) {
        //将数据以16进制形式显示
        buffer->AppendFormat("%04x:  ", (u_int)i);
        int row = (packet_size - i) > 16 ? 16 : (packet_size - i);
        for (int j = 0; j < row; j++)
            buffer->AppendFormat("%02x  ", (u_int)packet[i + j]);

        if (row < 16)//不足16时,用空格补足
            for (int j = row; j < 16; j++)
                buffer->AppendFormat("    ");

        //将数据以字符形式显示
        for (int j = 0; j < row; j++) {
            u_char ch = packet[i + j];
            ch = isprint(ch) ? ch : '.';
            buffer->AppendFormat("%c", ch);
        }
        buffer->Append("\r\n");
        if (row < 16)
            return;
    }
}

【更新树形框】

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
//更新树形框
int CSnifferDlg::Sniffer_updateTree(int index) {
    this->m_treeCtrl.DeleteAllItems();
    POSITION localPos = this->m_localDataList.FindIndex(index);
    struct data_packet* localData = (struct data_packet*)(this->m_localDataList.GetAt(localPos));

    CString str;
    str.Format("第%d个数据包", index + 1);
    HTREEITEM root = this->m_treeCtrl.GetRootItem();
    HTREEITEM data = this->m_treeCtrl.InsertItem(str, root);

    /****************链路层****************/
    HTREEITEM frame = this->m_treeCtrl.InsertItem("链路层", data);

    str.Format("源MAC:");
    for (int i = 0; i < 6; i++) {
        if (i <= 4)
            str.AppendFormat("%02x-", localData->ethh->src[i]);
        else
            str.AppendFormat("%02x", localData->ethh->src[i]);
    }
    this->m_treeCtrl.InsertItem(str, frame);

    str.Format("目的MAC:");
    for (int i = 0; i < 6; i++) {
        if (i <= 4)
            str.AppendFormat("%02x-", localData->ethh->dest[i]);
        else
            str.AppendFormat("%02x", localData->ethh->dest[i]);
    }
    this->m_treeCtrl.InsertItem(str, frame);

    str.Format("类型:0x%02x", localData->ethh->type);
    this->m_treeCtrl.InsertItem(str, frame);

    /****************网络层****************/
    //ARP头
    if (localData->ethh->type == PROTO_ARP) {
        HTREEITEM arp = this->m_treeCtrl.InsertItem("ARP头", data);
        str.Format("硬件类型:%d", localData->arph->hard_type);
        this->m_treeCtrl.InsertItem(str, arp);
        str.Format("协议类型:0x%02x", localData->arph->pro_type);
        this->m_treeCtrl.InsertItem(str, arp);
        str.Format("硬件地址长度:%d", localData->arph->hard_len);
        this->m_treeCtrl.InsertItem(str, arp);
        str.Format("协议地址长度:%d", localData->arph->pro_len);
        this->m_treeCtrl.InsertItem(str, arp);
        str.Format("操作码:%d", localData->arph->oper);
        this->m_treeCtrl.InsertItem(str, arp);

        str.Format("发送方MAC:");
        for (int i = 0; i < 6; i++) {
            if (i <= 4)  
                str.AppendFormat("%02x-", localData->arph->src_mac[i]);
            else  
                str.AppendFormat("%02x", localData->arph->src_mac[i]);
        }
        this->m_treeCtrl.InsertItem(str, arp);

        str.Format("发送方IP:");
        for (int i = 0; i < 4; i++) {
            if (i <= 2)  
                str.AppendFormat("%d.", localData->arph->src_ip[i]);
            else  
                str.AppendFormat("%d", localData->arph->src_ip[i]);
        }
        this->m_treeCtrl.InsertItem(str, arp);

        str.Format("接收方MAC:");
        for (int i = 0; i < 6; i++) {
            if (i <= 4)  
                str.AppendFormat("%02x-", localData->arph->dest_mac[i]);
            else  
                str.AppendFormat("%02x", localData->arph->dest_mac[i]);
        }
        this->m_treeCtrl.InsertItem(str, arp);

        str.Format("接收方IP:");
        for (int i = 0; i < 4; i++) {
            if (i <= 2)  
                str.AppendFormat("%d.", localData->arph->dest_ip[i]);
            else  
                str.AppendFormat("%d", localData->arph->dest_ip[i]);
        }
        this->m_treeCtrl.InsertItem(str, arp);
    }
    
    //IPv4头
    if (localData->ethh->type == PROTO_IP_V4) { 
        HTREEITEM ip = this->m_treeCtrl.InsertItem("IPv4头", data);

        str.Format("版本:%d", localData->ip4h->version);
        this->m_treeCtrl.InsertItem(str, ip);
        str.Format("IP头长:%d", localData->ip4h->ihl);
        this->m_treeCtrl.InsertItem(str, ip);
        str.Format("服务类型:%d", localData->ip4h->tos);
        this->m_treeCtrl.InsertItem(str, ip);
        str.Format("总长度:%d", localData->ip4h->total_len);
        this->m_treeCtrl.InsertItem(str, ip);
        str.Format("标识:0x%02x", localData->ip4h->id);
        this->m_treeCtrl.InsertItem(str, ip);
        str.Format("段偏移:%d", localData->ip4h->frag_off);
        this->m_treeCtrl.InsertItem(str, ip);
        str.Format("生存期:%d", localData->ip4h->ttl);
        this->m_treeCtrl.InsertItem(str, ip);
        str.Format("协议:%d", localData->ip4h->proto);
        this->m_treeCtrl.InsertItem(str, ip);
        str.Format("头部校验和:0x%02x", localData->ip4h->check);
        this->m_treeCtrl.InsertItem(str, ip);

        str.Format("源IP:");
        struct in_addr in;
        in.S_un.S_addr = localData->ip4h->src_addr;
        str.AppendFormat(CString(inet_ntoa(in)));
        this->m_treeCtrl.InsertItem(str, ip);

        str.Format("目的IP:");
        in.S_un.S_addr = localData->ip4h->dest_addr;
        str.AppendFormat(CString(inet_ntoa(in)));
        this->m_treeCtrl.InsertItem(str, ip);

        /****************传输层****************/
        //ICMPv4头
        if (localData->ip4h->proto == V4_PROTO_ICMP_V4) {
            HTREEITEM icmp = this->m_treeCtrl.InsertItem("ICMPv4头", data);

            str.Format("类型:%d", localData->icmp4h->type);
            this->m_treeCtrl.InsertItem(str, icmp);
            str.Format("代码:%d", localData->icmp4h->code);
            this->m_treeCtrl.InsertItem(str, icmp);
            str.Format("序号:%d", localData->icmp4h->seq);
            this->m_treeCtrl.InsertItem(str, icmp);
            str.Format("校验和:%d", localData->icmp4h->check);
            this->m_treeCtrl.InsertItem(str, icmp);
        }
        
        //TCP头
        if (localData->ip4h->proto == V4_PROTO_TCP) {
            HTREEITEM tcp = this->m_treeCtrl.InsertItem("TCP协议头", data);

            str.Format("  源端口:%d", localData->tcph->src_port);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  目的端口:%d", localData->tcph->dest_port);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  序列号:0x%02x", localData->tcph->seq);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  确认号:%d", localData->tcph->ack_seq);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  头部长度:%d", localData->tcph->doff);

            HTREEITEM flag = this->m_treeCtrl.InsertItem(" +标志位", tcp);
            str.Format("cwr %d", localData->tcph->cwr);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("ece %d", localData->tcph->ece);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("urg %d", localData->tcph->urg);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("ack %d", localData->tcph->ack);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("psh %d", localData->tcph->psh);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("rst %d", localData->tcph->rst);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("syn %d", localData->tcph->syn);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("fin %d", localData->tcph->fin);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("  紧急指针:%d", localData->tcph->urg_ptr);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  校验和:0x%02x", localData->tcph->check);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  选项:%d", localData->tcph->opt);
            this->m_treeCtrl.InsertItem(str, tcp);
        }
         
        //UDP头
        if (localData->ip4h->proto == V4_PROTO_UDP) {
            HTREEITEM udp = this->m_treeCtrl.InsertItem("UDP协议头", data);

            str.Format("源端口:%d", localData->udph->sport);
            this->m_treeCtrl.InsertItem(str, udp);
            str.Format("目的端口:%d", localData->udph->dport);
            this->m_treeCtrl.InsertItem(str, udp);
            str.Format("总长度:%d", localData->udph->len);
            this->m_treeCtrl.InsertItem(str, udp);
            str.Format("校验和:0x%02x", localData->udph->check);
            this->m_treeCtrl.InsertItem(str, udp);
        }
    }
    
    //IPv6头
    if (localData->ethh->type == PROTO_IP_V6) {
        HTREEITEM ip6 = this->m_treeCtrl.InsertItem("IPv6头", data);

        str.Format("版本:%d", localData->ip6h->flowtype);
        this->m_treeCtrl.InsertItem(str, ip6);
        str.Format("流类型:%d", localData->ip6h->version);
        this->m_treeCtrl.InsertItem(str, ip6);
        str.Format("流标签:%d", localData->ip6h->flowid);
        this->m_treeCtrl.InsertItem(str, ip6);
        str.Format("有效载荷长度:%d", localData->ip6h->plen);
        this->m_treeCtrl.InsertItem(str, ip6);
        str.Format("下一个首部:0x%02x", localData->ip6h->next_head);
        this->m_treeCtrl.InsertItem(str, ip6);
        str.Format("跳限制:%d", localData->ip6h->hop_limit);
        this->m_treeCtrl.InsertItem(str, ip6);
        
        str.Format("源地址:");
        for (int i = 0; i < 8; i++) {
            if (i <= 6)  
                str.AppendFormat("%02x:", localData->ip6h->src_addr[i]);
            else  
                str.AppendFormat("%02x", localData->ip6h->src_addr[i]);
        }
        this->m_treeCtrl.InsertItem(str, ip6);
        
        str.Format("目的地址:");
        for (int i = 0; i < 8; i++) {
            if (i <= 6)  
                str.AppendFormat("%02x:", localData->ip6h->src_addr[i]);
            else  
                str.AppendFormat("%02x", localData->ip6h->src_addr[i]);
        }
        this->m_treeCtrl.InsertItem(str, ip6);

        /****************传输层****************/
        //IPv6头
        if (localData->ip6h->next_head == V6_PROTO_ICMP_V6) {
            HTREEITEM icmp6 = this->m_treeCtrl.InsertItem("ICMPv6协议头", data);
            str.Format("类型:%d", localData->icmp6h->type);
            this->m_treeCtrl.InsertItem(str, icmp6);
            str.Format("代码:%d", localData->icmp6h->code);
            this->m_treeCtrl.InsertItem(str, icmp6);
            str.Format("序号:%d", localData->icmp6h->seq);
            this->m_treeCtrl.InsertItem(str, icmp6);
            str.Format("校验和:%d", localData->icmp6h->check);
            this->m_treeCtrl.InsertItem(str, icmp6);
            str.Format("选项-类型:%d", localData->icmp6h->op_type);
            this->m_treeCtrl.InsertItem(str, icmp6);
            str.Format("选项-长度%d", localData->icmp6h->op_len);
            this->m_treeCtrl.InsertItem(str, icmp6);
            str.Format("选项-链路层地址:");
            for (int i = 0; i < 6; i++) {
                if (i <= 4)  
                    str.AppendFormat("%02x-", localData->icmp6h->op_eth_addr[i]);
                else  
                    str.AppendFormat("%02x", localData->icmp6h->op_eth_addr[i]);
            }
            this->m_treeCtrl.InsertItem(str, icmp6);
        }
        
        //TCP头
        if (localData->ip6h->next_head == V6_PROTO_TCP) {
            HTREEITEM tcp = this->m_treeCtrl.InsertItem("TCP协议头", data);
            str.Format("  源端口:%d", localData->tcph->src_port);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  目的端口:%d", localData->tcph->dest_port);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  序列号:0x%02x", localData->tcph->seq);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  确认号:%d", localData->tcph->ack_seq);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  头部长度:%d", localData->tcph->doff);
            HTREEITEM flag = this->m_treeCtrl.InsertItem("标志位", tcp);
            str.Format("cwr %d", localData->tcph->cwr);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("ece %d", localData->tcph->ece);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("urg %d", localData->tcph->urg);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("ack %d", localData->tcph->ack);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("psh %d", localData->tcph->psh);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("rst %d", localData->tcph->rst);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("syn %d", localData->tcph->syn);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("fin %d", localData->tcph->fin);
            this->m_treeCtrl.InsertItem(str, flag);
            str.Format("  紧急指针:%d", localData->tcph->urg_ptr);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  校验和:0x%02x", localData->tcph->check);
            this->m_treeCtrl.InsertItem(str, tcp);
            str.Format("  选项:%d", localData->tcph->opt);
            this->m_treeCtrl.InsertItem(str, tcp);
        }
        
        //UDP头
        if (localData->ip6h->next_head == V6_PROTO_UDP) {
            HTREEITEM udp = this->m_treeCtrl.InsertItem("UDP协议头", data);
            str.Format("源端口:%d", localData->udph->sport);
            this->m_treeCtrl.InsertItem(str, udp);
            str.Format("目的端口:%d", localData->udph->dport);
            this->m_treeCtrl.InsertItem(str, udp);
            str.Format("总长度:%d", localData->udph->len);
            this->m_treeCtrl.InsertItem(str, udp);
            str.Format("校验和:0x%02x", localData->udph->check);
            this->m_treeCtrl.InsertItem(str, udp);
        }
    }
    return 1;
}
感谢您对我的支持,让我继续努力分享有用的技术与知识点!