#include <windows.h>
#include <fwpmtypes.h>
#include <fwpmu.h>
#include <stdio.h>
#include <winsock.h>
#pragma comment (lib, "fwpuclnt.lib")
#pragma comment (lib, "Ws2_32.lib")
#define EXIT_ON_ERROR(err) if((err) != ERROR_SUCCESS) {goto CLEANUP;}
FILETIME ft;
DWORD InitFilterConditions(
__in_opt PCWSTR appPath,
__in_opt const SOCKADDR* localAddr,
__in_opt UINT8 ipProtocol,
__in UINT32 numCondsIn,
__out_ecount_part(numCondsIn, *numCondsOut) FWPM_FILTER_CONDITION0* conds,
__out UINT32* numCondsOut,
__deref_out FWP_BYTE_BLOB** appId
)
{
*numCondsOut = 0;
return ERROR_SUCCESS;
}
DWORD FindRecentEvents(
__in HANDLE engine,
__in_opt PCWSTR appPath,
__in_opt const SOCKADDR* localAddr,
__in_opt UINT8 ipProtocol,
__in UINT32 seconds,
__deref_out_ecount(*numEvents) FWPM_NET_EVENT0*** events,
__out UINT32* numEvents
)
{
DWORD result = ERROR_SUCCESS;
FWPM_NET_EVENT_ENUM_TEMPLATE0 enumTempl;
ULARGE_INTEGER ulTime;
FWPM_FILTER_CONDITION0 conds[4];
UINT32 numConds;
FWP_BYTE_BLOB* appBlob = NULL;
HANDLE enumHandle = NULL;
memset(&enumTempl, 0, sizeof(enumTempl));
// Use the current time as the end time of the window.
GetSystemTimeAsFileTime(&(enumTempl.endTime));
// Subtract the number of seconds specified by the caller to find the start
// time.
ulTime.LowPart = enumTempl.endTime.dwLowDateTime;
ulTime.HighPart = enumTempl.endTime.dwHighDateTime;
ulTime.QuadPart -= seconds * 10000000ui64;
enumTempl.startTime.dwLowDateTime = ulTime.LowPart;
enumTempl.startTime.dwHighDateTime = ulTime.HighPart;
result = InitFilterConditions(
appPath,
&localAddr,
ipProtocol,
ARRAYSIZE(conds),
conds,
&numConds,
&appBlob
);
EXIT_ON_ERROR(result);
enumTempl.numFilterConditions = numConds;
if (numConds > 0)
{
enumTempl.filterCondition = conds;
}
result = FwpmNetEventCreateEnumHandle0(
engine,
&enumTempl,
&enumHandle
);
EXIT_ON_ERROR(result);
result = FwpmNetEventEnum0(
engine,
enumHandle,
INFINITE,
events,
numEvents
);
EXIT_ON_ERROR(result);
CLEANUP:
FwpmNetEventDestroyEnumHandle0(engine, enumHandle);
FwpmFreeMemory0((void**)&appBlob);
return result;
}
void detectHit(void) {
struct in_addr rinaddr;
HANDLE engineHandle = 0;
FWPM_NET_EVENT0** events = NULL, *event;
UINT32 numEvents = 0, i;
static const char* const types[] =
{
"FWPM_NET_EVENT_TYPE_IKEEXT_MM_FAILURE",
"FWPM_NET_EVENT_TYPE_IKEEXT_QM_FAILURE",
"FWPM_NET_EVENT_TYPE_IKEEXT_EM_FAILURE",
"FWPM_NET_EVENT_TYPE_CLASSIFY_DROP",
"FWPM_NET_EVENT_TYPE_IPSEC_KERNEL_DROP"
};
const char* type;
// Use dynamic sessions for efficiency and safety:
// - All objects associated with the dynamic session are deleted with one call.
// - Filtering policy objects are deleted even when the application crashes.
FWPM_SESSION0 session;
memset(&session, 0, sizeof(session));
session.flags = FWPM_SESSION_FLAG_DYNAMIC;
DWORD result = FwpmEngineOpen0(NULL, RPC_C_AUTHN_WINNT, NULL, &session, &engineHandle);
if (ERROR_SUCCESS == result)
{
result = FindRecentEvents(
engineHandle,
0,
0,
0,
100,
&events,
&numEvents
);
}
if (numEvents != 0)
{
for (i = 0; i < numEvents; ++i)
{
event = events[i];
type = (event->type < ARRAYSIZE(types)) ? types[event->type]
: "<unknown>";
if (event->header.ipVersion == FWP_IP_VERSION_V4 && event->header.ipProtocol == IPPROTO_UDP
&& ( event->header.timeStamp.dwHighDateTime > ft.dwHighDateTime
|| ( event->header.timeStamp.dwHighDateTime == ft.dwHighDateTime && event->header.timeStamp.dwLowDateTime > ft.dwLowDateTime )
)
)
{
rinaddr.s_addr = htonl(event->header.remoteAddrV4);
ft.dwHighDateTime = event->header.timeStamp.dwHighDateTime;
ft.dwLowDateTime = event->header.timeStamp.dwLowDateTime;
printf("[%s] - %d - %d\n", inet_ntoa(rinaddr), event->header.localPort, event->header.remotePort);
}
}
}
}
int main(int argc, char ** argv[]) {
ft.dwHighDateTime = 0;
ft.dwLowDateTime = 0;
for (;;) {
detectHit();
Sleep(1000);
}
return 0;
} Write, Run & Share C++ code online using OneCompiler's C++ online compiler for free. It's one of the robust, feature-rich online compilers for C++ language, running on the latest version 17. Getting started with the OneCompiler's C++ compiler is simple and pretty fast. The editor shows sample boilerplate code when you choose language as C++ and start coding!
OneCompiler's C++ online compiler supports stdin and users can give inputs to programs using the STDIN textbox under the I/O tab. Following is a sample program which takes name as input and print your name with hello.
#include <iostream>
#include <string>
using namespace std;
int main()
{
string name;
cout << "Enter name:";
getline (cin, name);
cout << "Hello " << name;
return 0;
}
C++ is a widely used middle-level programming language.
When ever you want to perform a set of operations based on a condition If-Else is used.
if(conditional-expression) {
//code
}
else {
//code
}
You can also use if-else for nested Ifs and If-Else-If ladder when multiple conditions are to be performed on a single variable.
Switch is an alternative to If-Else-If ladder.
switch(conditional-expression){
case value1:
// code
break; // optional
case value2:
// code
break; // optional
......
default:
code to be executed when all the above cases are not matched;
}
For loop is used to iterate a set of statements based on a condition.
for(Initialization; Condition; Increment/decrement){
//code
}
While is also used to iterate a set of statements based on a condition. Usually while is preferred when number of iterations are not known in advance.
while (condition) {
// code
}
Do-while is also used to iterate a set of statements based on a condition. It is mostly used when you need to execute the statements atleast once.
do {
// code
} while (condition);
Function is a sub-routine which contains set of statements. Usually functions are written when multiple calls are required to same set of statements which increases re-usuability and modularity. Function gets run only when it is called.
return_type function_name(parameters);
function_name (parameters)
return_type function_name(parameters) {
// code
}