1
패킷 필터링 응용 프로그램의 C#에서 PFCreateInterface를 pinvoke하려고합니다. 그러나 pinvoke.net의 예제는 제대로 문서화되지 않은 것 같습니다. 우선, StartPacketFilter()가 main에서 호출되면 앱을 닫지 않고 프로그램 방식으로 패킷 필터를 제거 할 수 있습니까? 또한, 나는 또한 꽤 패킷 문자열의 형식에 대해 혼란스러워. 예 hostsToBlock[0] = "67.77.87.97,255.255.255.255,0"; //blocks all traffic on any port to/from 67.77.87.97PInvoke PFCreateInterface C#
어떻게하면 모든 ips에서 6980의 원격 포트를 막을 수 있습니까? 다음과 같이
PInvoke를 코드
은 다음과 같습니다 빠른 검색 후/// <summary>
/// IP packet filter management wrapper for Iphlpapi.dll (Win 2000/XP)
/// </summary>
///
public class IpPacketFilter
{
[DllImport("iphlpapi.dll", EntryPoint = "PfBindInterfaceToIPAddress")]
public static extern int PfBindInterfaceToIPAddress(
IntPtr Interface_handle,
PFADDRESSTYPE pfatType,
ref int ip_address
);
[DllImport("iphlpapi.dll", EntryPoint = "PfCreateInterface")]
public static extern int PfCreateInterface(
int dwName,
PFFORWARD_ACTION inAction,
PFFORWARD_ACTION outAction,
bool UseLog,
bool MustBeUnique,
ref IntPtr ppInterface
);
//////
////
[DllImport("iphlpapi.dll", EntryPoint = "PfAddFiltersToInterface")]
public static extern int PfAddFiltersToInterface(
IntPtr interface_handle,
int cInFilters,
[MarshalAsAttribute(UnmanagedType.Struct)]
ref PPF_FILTER_DESCRIPTOR pfiltIn,
int cOutFilters,
[MarshalAsAttribute(UnmanagedType.Struct)]
ref PPF_FILTER_DESCRIPTOR pfiltOut,
[MarshalAsAttribute(UnmanagedType.Struct)]
ref PPF_FILTER_DESCRIPTOR pfHandle
);
}
public unsafe struct PPF_FILTER_DESCRIPTOR
{
public FILTER_FLAGS dwFilterFlags;
public int dwRule;
public PFADDRESSTYPE pfatType;
public int* SrcAddr;
public int* SrcMask;
public int* DstAddr;
public int* DstMask;
public PROTOCOL dwProtocol;
public int fLateBound;
public int wSrcPort;
public int wDstPort;
public int wSrcPortHighRange;
public int wDstPortHighRange;
}
public enum PFFORWARD_ACTION : int
{
PF_ACTION_FORWARD = 0,
PF_ACTION_DROP
}
public enum PFADDRESSTYPE : int
{
PF_IPV4,
PF_IPV6
}
public enum PROTOCOL : int
{
ANY = 0x00,
ICMP = 0x01,
TCP = 0x06,
UDP = 0x11
}
public enum FILTER_FLAGS : int
{
FD_FLAGS = 0x1
}
클래스 프로그램 {
internal const int FALSE = 0;
internal const int TRUE = 1;
static void Main(string[] args)
{
string[] hostsToBlock = new string[2];
hostsToBlock[0] = "67.77.87.97,255.255.255.255,0"; //blocks all traffic on any port to/from 67.77.87.97
hostsToBlock[1] = "0.0.0.0,0.0.0.0,29000"; //blocks all traffic on port 29000, in and out
StartPacketFilter(hostsToBlock);
}
internal static int lIpFromString(string sIpAddress)
{
int lIp = 0;
try
{
string[] octets = sIpAddress.Split(new string[] { "." }, StringSplitOptions.None);
if (octets.Length != 4)
return 0;
for (int i = 0; i < 4; i++)
lIp |= (int.Parse(octets[i]) << (i * 8));
}
catch { }
return lIp;
}
internal static string[] GetLocalIpAddresses()
{
IPHostEntry host = Dns.GetHostEntry(Dns.GetHostName());
string[] localIpAddresses = new string[host.AddressList.Length];
for (int i = 0; i < host.AddressList.Length; i++)
{
localIpAddresses[i] = host.AddressList[i].ToString();
}
return localIpAddresses;
}
internal static bool StartPacketFilter(string[] hosts)
{
string[] localIpAddresses = GetLocalIpAddresses();
if (localIpAddresses == null)
return false;
foreach (string localAddress in localIpAddresses)
{
int result;
IntPtr interfaceHandle = new IntPtr();
//convert the string IP to an unsigned int for p/invoke
int lLocalIp = lIpFromString(localAddress);
//create a filter interface in the tcp/ip stack
result = IpPacketFilter.PfCreateInterface(0, PFFORWARD_ACTION.PF_ACTION_FORWARD, PFFORWARD_ACTION.PF_ACTION_FORWARD, false, true, ref interfaceHandle);
if (result != 0)
return false;
//bind interface to an ip address
result = IpPacketFilter.PfBindInterfaceToIPAddress(interfaceHandle, PFADDRESSTYPE.PF_IPV4, ref lLocalIp);
if (result != 0)
return false;
foreach (string targetHost in hosts)
{
IntPtr filterHandle = new IntPtr();
string[] hostDetail = targetHost.Split(new string[] { "," }, StringSplitOptions.None);
if (hostDetail != null && hostDetail.Length == 3)
{
//build the filter structure
PPF_FILTER_DESCRIPTOR filter = new PPF_FILTER_DESCRIPTOR();
filter.dwFilterFlags = FILTER_FLAGS.FD_FLAGS;
filter.dwRule = FALSE;
filter.pfatType = PFADDRESSTYPE.PF_IPV4;
filter.dwProtocol = PROTOCOL.TCP;
int iSrcAddr = lLocalIp;
int iSrcMask = lIpFromString("255.255.255.255");
filter.wSrcPort = 0;
filter.wSrcPortHighRange = 0;
int iDstAddr = lIpFromString(hostDetail[0]);
int iDstMask = lIpFromString(hostDetail[1]);
filter.wDstPort = int.Parse(hostDetail[2]);
filter.wDstPortHighRange = int.Parse(hostDetail[2]);
unsafe
{
filter.SrcAddr = &iSrcAddr;
filter.DstAddr = &iDstAddr;
filter.SrcMask = &iSrcMask;
filter.DstMask = &iDstMask;
}
// add filter to interface (both inbound and outbound)
result = IpPacketFilter.PfAddFiltersToInterface(interfaceHandle, 1, ref filter, 1, ref filter, ref filter);
if (result != 0)
return false;
}
}
}
return true;
}
}
이것은 pinvoke와 관련이 없으며 PFCreateInterface를 이해하지 못하는 것과 관련이 있습니다. 설명서를 읽고 작동 원리를 파악한 다음 핀 보크 (pinvoke)를 사용하십시오. 당신을 돕기 위해 pinvoke 문서에 의지하지 마십시오. 어떻게하는지 알려주는 것입니다. –
http://msdn.microsoft.com/en-us/library/aa376646(VS.85).aspx –