Function.cpp
资源名称:FireWall.rar [点击查看]
上传用户:apgaozhao
上传日期:2022-04-17
资源大小:69k
文件大小:6k
源码类别:
防火墙与安全工具
开发平台:
Visual C++
- #include "StdAfx.h"
- #include ".function.h"
- CFunction::CFunction(HMODULE h)
- {
- char Path[MAX_PATH],Path2[MAX_PATH];
- HANDLE hFile;
- DWORD len;
- hModule=h;
- GetFilePath(Path,MAX_PATH);
- strcpy(Path2,Path);
- strcat(Path2,"Setting.ini");
- hFile=CreateFile(Path2,GENERIC_READ,FILE_SHARE_READ, NULL,OPEN_EXISTING,0,NULL);
- if(hFile==INVALID_HANDLE_VALUE)
- {
- Sql="exec|insert|select|delete|update|chr|mid|master|truncate|declare|'";
- dbgprint_str("读取配置文件错误!","");
- }
- else
- {
- len=GetFileSize(hFile,0);
- char *temp=new char[len];
- string temp2;
- ReadFile(hFile,temp,len,&len,0);
- CloseHandle(hFile);
- if(!GetField(temp,"sql=",0,len,Sql))
- Sql="exec|insert|select|delete|update|chr|mid|master|truncate|declare|'";
- if(!GetField(temp,"sqlkeytimes=",0,len,temp2))
- temp2="1";
- SqlInjectKeyTimes=atoi(temp2.c_str());
- dbgprint_str("sqlkeytimes:",temp2.c_str());
- dbgprint_str("Sql:",Sql.c_str());
- InitIpList(temp);
- delete []temp;
- }
- strcpy(Path2,Path);
- strcat(Path2,"FireWall.log");
- hLogFile=CreateFile(Path2,GENERIC_READ|GENERIC_WRITE,FILE_SHARE_READ, NULL,OPEN_ALWAYS,0,NULL);
- SetFilePointer(hLogFile,0,0,FILE_END);
- }
- CFunction::~CFunction(void)
- {
- CloseHandle(hLogFile);
- }
- bool CFunction::IsAllowIpPath(const char *Ip,const char *Url)
- {
- int size=IpList.size();
- for(int i=0;i<size;i++)
- {
- //dbgprint_str("IsAllowIpPath IP:",IpList[i].Ip);
- if(CompareStr(Ip,IpList[i].Ip,strlen(IpList[i].Ip)))
- {
- dbgprint_str("找到对应IP:",IpList[i].Ip);
- if(IpList[i].AllowPath=="")
- {
- return (IpList[i].DenyPath=="*")?false:(!IsUrlIn(IpList[i].DenyPath,Url));
- }
- else
- {
- return (IpList[i].AllowPath=="*")?true:IsUrlIn(IpList[i].AllowPath,Url);
- }
- }
- }
- dbgprint_str("IP:","没找到对应IP");
- return false;//配置文件有问题 少默认处理项
- }
- bool CFunction::GetFilePath(char *Path,DWORD len)
- {
- DWORD i;
- i=GetModuleFileName(hModule,Path,len);
- if(i>0)
- {
- for(;i>0;i--)
- {
- if(Path[i]=='\')
- {
- Path[i+1]=' ';
- break;
- }
- }
- return true;
- }
- else
- return false;
- }
- bool CFunction::IsSqlInject(const char *QueryStr,string &SqlStr)
- {
- int times=0;
- DWORD i=0,j;
- string temp;
- SqlStr="";
- while(i!=-1)
- {
- if(i==0)i=-1;//第一次循环
- j=Sql.find("|",i+1);
- if(j==-1)
- {//结尾
- temp=Sql.substr(i+1,Sql.length()-i-1);
- if(strstr(QueryStr,temp.c_str()))
- {
- SqlStr=SqlStr+temp+"|";
- times++;
- }
- }
- else
- {//中间一段
- temp=Sql.substr(i+1,j-i-1);
- if(strstr(QueryStr,temp.c_str()))
- {
- SqlStr=SqlStr+temp+"|";
- times++;
- }
- }
- i=j;
- }
- dbgprint_str("SqlStr:",SqlStr.c_str());
- if(times>=SqlInjectKeyTimes)
- {
- SqlStr=SqlStr.substr(0,SqlStr.length()-1);
- return true;
- }
- return false;
- }
- bool CFunction::IsUrlIn(string Path,const char *Url)
- {
- DWORD i=0,j;
- string temp,temp2;
- temp2=Url;
- for(i=strlen(Url)-1;i>=0;i--)
- {
- if(Url[i]=='/')
- {
- temp2=temp2.substr(0,i);
- break;
- }
- }
- if(temp2.length()==0)
- temp2="/";
- dbgprint_str("IsUrlIn temp2:",temp2.c_str());
- i=0;
- while(i!=-1)
- {
- if(i==0)i=-1;//第一次循环
- j=Path.find("|",i+1);
- if(j==-1)
- {//结尾
- temp=Path.substr(i+1,Path.length()-i-1);
- dbgprint_str("IsUrlIn temp:",temp.c_str());
- if(CompareStr(temp2.c_str(),temp.c_str(),temp.length()))
- return true;
- }
- else
- {//中间一段
- temp=Path.substr(i+1,j-i-1);
- dbgprint_str("IsUrlIn temp:",temp.c_str());
- if(CompareStr(temp2.c_str(),temp.c_str(),temp.length()))
- return true;
- }
- i=j;
- }
- return false;
- }
- bool CFunction::WriteLog(const char *Ip,const char *Text)
- {
- DWORD len=strlen(Ip)+strlen(Text)+20;
- char Time[20];
- char *buff=new char[len];
- _strtime(Time);
- len=sprintf(buff,"%s %s %srn",Time,Ip,Text);
- WriteFile(hLogFile,buff,len,&len,0);
- delete buff;
- return true;
- }
- bool CFunction::IsBaoKu(const char *Url)
- {
- if(strstr(Url,"\"))
- return true;
- else
- return false;
- }
- bool CFunction::InitIpList(const string text)
- {
- tagIpList NewList;
- int i,j=0;
- i=text.find("[ip=");
- (i>=0)?j=text.find("]",i):j=-1;
- //dbgprint_num("i:",i);
- //dbgprint_num("j:",j);
- while(i!=-1&& j!=-1)
- {
- string temp;
- strcpy(NewList.Ip,text.substr(i+4,j-i-4).c_str());
- dbgprint_str("Ip:",NewList.Ip);
- GetField(text,"allowpath=",j+3,text.length(),NewList.AllowPath);
- dbgprint_str("AllowPath:",NewList.AllowPath.c_str());
- GetField(text,"denypath=",j+3,text.length(),NewList.DenyPath);
- dbgprint_str("DenyPath:",NewList.DenyPath.c_str());
- IpList.push_back(NewList);
- i=text.find("[ip=",j+3);
- (i>=0)?j=text.find("]",i):j=-1;
- //dbgprint_num("i:",i);
- //dbgprint_num("j:",j);
- }
- return true;
- }
- bool CFunction::GetField(const string Text,const char *Field,int start,int end,string &value)
- {
- int i,j;
- i=Text.find(Field,start);
- if(i==-1 || i>end)
- {
- value="";
- return false;
- }
- j=Text.find("rn",i);
- if(j==-1)
- value=Text.substr(i+strlen(Field));
- else
- value=Text.substr(i+strlen(Field),j-i-strlen(Field));
- return true;
- }
- bool CFunction::CompareStr(const char *str1,const char *str2,int len)
- {
- int n;
- int num;
- const char *s;
- if(!str1||!str2)
- return false;
- num=len<0?strlen(str2):len;
- for(;*str2&#num-=n)
- {
- if(*str2=='?')
- {
- if(*str1==' ')
- return false;
- str2++;
- str1++;
- n=1;
- continue;
- }
- if(*str2!='*'){
- if(*str2!=*str1)
- return false;
- str2++;
- str1++;
- n=1;
- continue;
- }
- while(*str2=='*')
- {
- num--;
- str2++;
- if(num==0)
- return 1;
- }
- if(*str2==' ')
- return true;
- s=strchr(str2,'*');
- if(s!=NULL)
- n=s-str2;
- else
- n=strlen(str2);
- for(;*str1;str1++)
- {
- if(CompareStr(str1,str2,n))
- break;
- }
- if(*str1==' ')
- return false;
- str2+=n;
- str1+=n;
- }
- return num==0&&(*str1==0);
- }