////////////////////////////////////////////////////////////////////////////////////
//                             Raw Sniffer Code  V1.0                             //
//                        powered by shadow @2004/10/4                            //
//                   my web:http://www.codehome.6600.org                          //
////////////////////////////////////////////////////////////////////////////////////

//-------------------------------------user define-------------------------------//
//-------->IP HEADER DEFINE
//
#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
#define MAX_SUBTHREAD_NUM 100
#define LISTEN_PORT 7500
#define WM_SNIFFER_STOP    WM_USER+100    //嗅探停止消息
#define WM_SNIFFER_RESTART WM_USER+101    //嗅探重新開始消息
#define WM_SNIFFER_CLOSE   WM_USER+102    //嗅探徹底關閉消息
/*
#define WM_ALLSNIFFER_STOP    WM_USER+103  
#define WM_ALLSNIFFER_CLOSE   WM_USER+104
#define WM_ALLSNIFFER_RESTART WM_USER+105
*/
#define SNIFFER_STATE_START 1           //嗅探在進行中
#define SNIFFER_STATE_CLOSE 2           //嗅探已完全關閉
#define SNIFFER_STATE_STOP 3            //嗅探暫停
#define IPPROTO_TCP_TXT "TCP"
#define IPPROTO_UDP_TXT "UDP"
#define IPPROTO_ICMP_TXT "ICMP"
#define IPPROTO_IGMP_TXT "IGMP"
#define IPPROTO_DEFAULT_TXT "unknow protocol"
#define ICMP_HEADER_LEN 4 //各協議默認頭長，tcp和ip頭長可變
#define TCP_HEADER_LEN 20
#define UDP_HEADER_LEN 8
#define IP_HEADER_LEN 20
//-------------------------------------------------------------------------------//
typedef struct _IPADDRESS{ //4字節ip地址,相當于DWORD FROMIP
    unsigned char address[4];
}IPADDRESS;
typedef struct _IP{ //IP頭定義
	unsigned char VersionHdl; //4位版本號和4位ip頭長,每位代表4字節長度
	unsigned char ServiceType;//服務類型
	unsigned short TotalLen;  //數據包總長
	unsigned short Identifier;//標志
    unsigned short FragOff;   //偏移量
	unsigned char TTL;        //生存周期
	unsigned char Protocol;   //協議類型
	unsigned short IpChkSum;  //校驗碼
	IPADDRESS FromIP;         //源IP地址
	IPADDRESS ToIP;           //目的IP地址
}IP_HEADER;   
typedef struct _UDP{//UDP頭定義
    WORD FromPort;            //源端口
	WORD ToPort;              //目的端口
	WORD UdpLen;              //udp頭長
	WORD UdpChkSum;           //校驗碼
}UDP_HEADER;
typedef struct _TCP{//TCP頭定義
    WORD FromPort;            //源端口
	WORD ToPort;              //目的端口
	DWORD SeqNum;             //順序碼
	DWORD ACKNum;             //回應碼
	BYTE HeaderLen;           //TCP頭長
	BYTE Flags;               //標志
	WORD Window;              //窗口大小
	WORD TcpChkSum;           //校驗碼
	WORD UrgPtr;              //緊急指針
}TCP_HEADER;
typedef struct _ICMP{//ICMP頭定義
    BYTE Type;                //類型
	BYTE Code;                //區別碼？
	WORD IcmpChkSum;          //校驗碼
}ICMP_HEADER;

//SOCKET RawSocket;//監聽原始套接字
//defien class
class SNIFFER  
{
public:
	int StartSniffer(CString fpath);
	int StopSelfDefineSniffer();
	int StartSelfDefineSniffer(CString ProtoType,CString sourceip,CString sourceport,CString destip,CString destport,int way,int maxdata,CString fpath);
	int SnifferClose();
	int ReStart();
	int Start();
	SNIFFER();
	virtual ~SNIFFER();
	int Stop();
	int MainThreadId;
	int SubThreadNum;
	int SubThreadId[MAX_SUBTHREAD_NUM];
	int ErrorCode;
private:
	bool WsaStartup;
	char * GetLastError(int errorcode);
	char * SnifferError[14];
	int SnifferState;
	LPVOID Form_ptr;
};