nimdafilter.cpp
资源名称:antinimda.zip [点击查看]
上传用户:leon2013
上传日期:2007-01-10
资源大小:186k
文件大小:4k
源码类别:
杀毒
开发平台:
Visual C++
- // NIMDAFILTER.CPP - Implementation file for your Internet Server
- // Nimda Virus Filter
- #include "stdafx.h"
- #include "nimdafilter.h"
- ///////////////////////////////////////////////////////////////////////
- // The one and only CWinApp object
- // NOTE: You may remove this object if you alter your project to no
- // longer use MFC in a DLL.
- CWinApp theApp;
- ///////////////////////////////////////////////////////////////////////
- // The one and only CNimdaFilter object
- CNimdaFilter theFilter;
- ///////////////////////////////////////////////////////////////////////
- // CNimdaFilter implementation
- CNimdaFilter::CNimdaFilter()
- {
- /* alloc and set default log filename */
- char logfilename[1024];
- DWORD szlogfilename=sizeof(logfilename);
- DWORD type=REG_SZ;
- strcpy(logfilename,"c:\malformed_urls2.log");
- /* try to load the log filename from the registry */
- HKEY hkey;
- if (RegOpenKey(HKEY_LOCAL_MACHINE,"SYSTEM\CurrentControlSet\Services\W3SVC\Parameters",&hkey)==ERROR_SUCCESS)
- if (RegQueryValueEx(hkey,"NimdaFilterLog",0,&type,(LPBYTE)logfilename,&szlogfilename)==ERROR_SUCCESS) {
- }
- else if (RegQueryValueEx(hkey,"LogFileDirectory",0,&type,(LPBYTE)logfilename,&szlogfilename)==ERROR_SUCCESS) {
- strcat(logfilename,"\nimdafilter.log");
- }
- /* open the log file */
- logfile.Open(logfilename,CFile::modeCreate | CFile::modeNoTruncate | CFile::modeWrite | CFile::shareDenyWrite);
- if (logfile.m_hFile) {
- logfile.SeekToEnd();
- }
- }
- CNimdaFilter::~CNimdaFilter()
- {
- if (logfile.m_hFile)
- logfile.Close();
- }
- BOOL CNimdaFilter::GetFilterVersion(PHTTP_FILTER_VERSION pVer)
- {
- // Call default implementation for initialization
- CHttpFilter::GetFilterVersion(pVer);
- // Clear the flags set by base class
- pVer->dwFlags &= ~SF_NOTIFY_ORDER_MASK;
- // Set the flags we are interested in
- pVer->dwFlags |= SF_NOTIFY_ORDER_HIGH | SF_NOTIFY_SECURE_PORT | SF_NOTIFY_NONSECURE_PORT
- /* | SF_NOTIFY_AUTHENTICATION | SF_NOTIFY_PREPROC_HEADERS */ | SF_NOTIFY_URL_MAP;
- // Load description string
- TCHAR sz[SF_MAX_FILTER_DESC_LEN+1];
- ISAPIVERIFY(::LoadString(AfxGetResourceHandle(),
- IDS_FILTER, sz, SF_MAX_FILTER_DESC_LEN));
- _tcscpy(pVer->lpszFilterDesc, sz);
- return TRUE;
- }
- CString GetServerVariable(CHttpFilterContext* pCtxt, LPCTSTR name)
- {
- char buffer[8096];
- DWORD sz=sizeof(buffer);
- pCtxt->GetServerVariable((char*)name,buffer,&sz);
- return CString(buffer);
- }
- DWORD CNimdaFilter::OnPreprocHeaders(CHttpFilterContext* pCtxt,
- PHTTP_FILTER_PREPROC_HEADERS pHeaderInfo)
- {
- return SF_STATUS_REQ_NEXT_NOTIFICATION;
- }
- DWORD CNimdaFilter::OnAuthentication(CHttpFilterContext* pCtxt,
- PHTTP_FILTER_AUTHENT pAuthent)
- {
- return SF_STATUS_REQ_NEXT_NOTIFICATION;
- }
- DWORD CNimdaFilter::OnUrlMap(CHttpFilterContext* pfc,
- PHTTP_FILTER_URL_MAP pUrlMap)
- {
- CString path(pUrlMap->pszPhysicalPath);
- if (path.Find('%')!=-1) {
- /* log malformed url to server */
- try{
- if (logfile.m_hFile) {
- CString s;
- s.Format("[%s : %s] %srn", GetServerVariable(pfc, "REMOTE_ADDR"), CTime::GetCurrentTime().Format("%d:%m:%y %H:%M:%S"), pUrlMap->pszURL);
- logfile.Write((LPCTSTR)s,s.GetLength());
- }
- } catch(...) {
- TRACE("Failed to write to log file.rn");
- }
- /* malformed url : return error */
- return SF_STATUS_REQ_ERROR;
- }
- else
- return CHttpFilter::OnUrlMap(pfc, pUrlMap);
- }
- // Do not edit the following lines, which are needed by ClassWizard.
- #if 0
- BEGIN_MESSAGE_MAP(CNimdaFilter, CHttpFilter)
- //{{AFX_MSG_MAP(CNimdaFilter)
- //}}AFX_MSG_MAP
- END_MESSAGE_MAP()
- #endif // 0
- ///////////////////////////////////////////////////////////////////////
- // If your extension will not use MFC, you'll need this code to make
- // sure the extension objects can find the resource handle for the
- // module. If you convert your extension to not be dependent on MFC,
- // remove the comments arounn the following AfxGetResourceHandle()
- // and DllMain() functions, as well as the g_hInstance global.
- /****
- static HINSTANCE g_hInstance;
- HINSTANCE AFXISAPI AfxGetResourceHandle()
- {
- return g_hInstance;
- }
- BOOL WINAPI DllMain(HINSTANCE hInst, ULONG ulReason,
- LPVOID lpReserved)
- {
- if (ulReason == DLL_PROCESS_ATTACH)
- {
- g_hInstance = hInst;
- }
- return TRUE;
- }
- ****/