开通博客赚积分
发布资源赚积分
分类

源码开发语言/平台
当前位置:首页 > 源码/资料 > Internet/网络编程 > 防火墙与安全工具 > 查看源码
authentication.cpp
资源名称:Firewall防火墙.rar [点击查看]
上传用户:heseme
上传日期:2009-12-23
资源大小:228k
文件大小:30k
源码类别:

防火墙与安全工具

开发平台:

Visual C++

authentication.cpp:源码内容
  1. #include "stdafx.h"
  2. #include "authentication.h"
  3. #include "outnat.h"
  4. #include "ip.h"
  5. #include "Page4.h"
  6. #include "Page5.h"
  7. #include <stdio.h>
  8. #include <io.h>
  9. #include "Struct.h"
  10. #define   ETH_HEAD    14
  11. #define   IP_HEAD     20
  12. #define   TIMEOUT      2
  13. #define   MAX_RIP     20
  14. extern HANDLE global_handle;
  15. OVERLAPPED   OverLappedread_auth,*lpOverLappedread;
  16. extern BYTE SpecialBuffer[1500],SpecialBuffer1[1500],SpecialBuffer2[1500];
  17. extern BOOL  ACK,ACK1,Flag2;
  18. extern ServiceManageData TheServiceManageData;
  19. extern UserVerifyData  TheUserVerifyData;
  20. extern LogManage TheLogManage;
  21. extern BYTE INNO,OUTNO;
  22. extern USHORT logType;
  23. extern HWND myhWnd1;
  24. int count2=0;
  25. DWORD  tempack,tempseq;
  26. BOOL   Flag1=0;
  27. BOOL openfile1=1,openfile2=1;
  28. int tempcount1=0,tempcount2=0;
  29. int len1,len2;
  30. char URLBlockMsg[4096],ContentFilterMsg[4096];
  31. Hash hashtab;
  32. VOID WINAPI WriteCompletionRoutineZJ(DWORD dwErrorCode, 
  33.    DWORD dwNumberOfBytesTransferred, 
  34.    LPOVERLAPPED pOverlapped);
  35. VOID WINAPI WriteCompletionRoutineXZ(DWORD dwErrorCode, 
  36.    DWORD dwNumberOfBytesTransferred, 
  37.    LPOVERLAPPED pOverlapped);
  38. char pat1[20][20],Host[250];
  39. struct LogView1  TheLogView;
  40. struct UserAuth  UserList[4096];
  41. struct IPAddr    mask;
  42. struct IPPacketHead*  pIPPacketHead;
  43. struct TCPPacketHead* pTCPPacketHead;
  44. struct URLBlockLogMsg URLBlockLog;     //URL阻断的日志
  45. struct FilterLogMsg   ContentFilterLog;//内容过滤的日志
  46. FILE   *URLBlockLogFile,*AuthLogFile,*FilterLogFile;
  47. int    i1=0,i2=0,i3=0,Count[20],HValueKeyWord[20],count=0,timer=0;
  48. static int count1=0;
  49. unsigned int IP[MAX_RIP];
  50. BYTE SourceIPFlag[4096];//为0,不在表中;1,在表中,未验证;2,验证通过。
  51. /*void Init()
  52. {
  53. }*/
  54. BOOL ProtoMain(BYTE* pdata)
  55. {
  56. // struct IPPacketHead*  pIPPacketHead;
  57. // struct TCPPacketHead* pTCPPacketHead;
  58. char* buf,*pAuthorization,pszCode[32], pszText[32],*pBegin;
  59. int   Index=0;
  60. BOOL  ok;
  61. int x;
  62. unsigned int tempIP;
  64. ACK1=0;
  65. mask.AddrByte[0]=255;
  66. mask.AddrByte[1]=255;
  67. mask.AddrByte[2]=255;
  68. mask.AddrByte[3]=0;
  69. // buf=(char *)pdata;
  70. if (pdata[0]==1)
  71. return TRUE;
  72. pIPPacketHead=(struct IPPacketHead*)(pdata+16);
  73. if (ACK1==1)
  74. {
  75. TRACE(_T("ID=:%x n"),pIPPacketHead->Id);
  76. ACK1=0;
  77. }/**/
  78. pTCPPacketHead=(struct TCPPacketHead*)(pdata+36);
  79. // GetHost((char *)(pdata+2));
  80. // if ((swaps(pTCPPacketHead->DestPort)!=80)&&(pdata[1]==(INNO-0x30)))
  81. // return TRUE;
  82. //    
  83. // int tempIPP=swapl(pIPPacketHead->SourIP);
  84. if ((pdata[0]==0)&&(pdata[1]==INNO-0x30))
  85. {
  86. if (pIPPacketHead->Proto!=6)
  87. return TRUE;
  88. if (swaps(pTCPPacketHead->DestPort)!=80)
  89. return TRUE;
  90. char *tempp;
  91. if (!(tempp=strstr((char *)(pdata+56),"GET ")))
  92. return TRUE;
  93. GetHost((char *)(pdata+56));
  94. ok=Authentication(pdata+2);
  95. if (!ok)
  96. {
  97. pdata[0]=1;
  98. return FALSE;
  99. }
  100. // strcat(Host,"rn");
  101. if ((TheServiceManageData.FilterAndBlock&2)==0)
  102.     Flag1=FALSE;
  103. else
  104.     Flag1=URLBlock((char *)(pdata+56));//URL阻断
  105. // Flag1 = FALSE;
  106.     if (Flag1==FALSE)
  107. {
  108. if (count1==MAX_RIP)
  109. return TRUE;
  110. if (strstr(TheServiceManageData.NoFilterURLList,Host))//&&Host[0]
  111. {
  112. memcpy((void *)&tempIP,(void *)&pIPPacketHead->DestIP,4);
  113. for (x=0;x<count1;x++)
  114. {
  115. if (tempIP==IP[x])
  116. {
  117. x=24;
  118. }
  119. }
  120. if (x!=24)
  121. {
  122. IP[count1]=tempIP;
  123. count1++;
  124. }
  125. }
  126.             return TRUE;
  127. }
  128. else
  129. {
  130. tempseq=pTCPPacketHead->SeqNo;
  131. tempack=pTCPPacketHead->AckNo;
  132. SendRToServer(pdata+2);
  133. SendAutheMsg((char *)(pdata+2),1);
  134. // if (pTCPPacketHead->Flag==0x11)
  135. // {
  136. //     SendRes(pdata);
  137. // SendACK(pdata);
  138. // ACK1=1;
  139. // }
  140. ACK=1;
  141. ACK1=1;
  142. memcpy((void *)&URLBlockLog.SourIP,(void *)&pIPPacketHead->SourIP,4);
  143.      memcpy((void *)&URLBlockLog.DestIP,(void *)&pIPPacketHead->DestIP,4);
  144.      URLBlockLog.SourPort=swaps(pTCPPacketHead->SourPort);
  145.      URLBlockLog.DestPort=swaps(pTCPPacketHead->DestPort);
  146.       GetLocalTime(&(URLBlockLog.Time));
  147. URLBlockLog.Block='Y';
  148. i1++;
  149. // return FALSE;
  150. }
  151. }
  152. if ((pdata[0]==0)&&(pdata[1]==OUTNO-0x30))
  153. {
  154.      if ((TheServiceManageData.FilterAndBlock&1)==0)
  155.      return TRUE;
  156. // GetHost((char *)(pdata+2));
  157. TRACE(_T("HI beginn"));
  158.     ContentFilter((char *)(pdata+2));
  159. TRACE(_T("HI endn"));
  160. SystemLog();
  161.     return TRUE;
  162. }
  163. SystemLog();
  164.     return FALSE;
  165. }
  168. WORD swaps(WORD net)
  169. {
  170. WORD lo,hi;
  171. WORD host;
  173. lo=net&0xff;
  174. hi=net&0xff00;
  175. lo=lo<<8;
  176. hi=hi>>8;
  177. host=hi|lo;
  179. return host;
  180. }
  181. DWORD swapl(DWORD net)
  182. {
  183. DWORD b1,b2,b3,b4;
  184. DWORD host;
  186. b1=net&0xff;
  187. b2=net&0xff00;
  188. b3=net&0xff0000;
  189. b4=net&0xff000000;
  191. b1=b1<<24;
  192. b2=b2<<8;
  193. b3=b3>>8;
  194. b4=b4>>24;
  196. host=b1|b2|b3|b4;
  198. return host;
  199. }
  201. void SendAutheMsg(char* pdata, int Flag)
  202. {
  203. // struct IPPacketHead*  pIPPacketHead;
  204. // struct TCPPacketHead* pTCPPacketHead;
  205. struct EtherPacketHead* pEtherPacketHead;
  206. struct EtherAddr* tempEther=new EtherAddr;
  207. struct IPAddr* tempIP=new IPAddr;
  208. WORD   tempPort;
  209. DWORD  tempNO;
  210. int    TCPLen;
  211. WORD   Ttlen;
  212. char   len[1600];
  213. int    length;
  214. // DWORD   nbyteWrite;
  216. // if (Flag==1)
  217. //     SendRToServer((BYTE *)pdata);
  218. pEtherPacketHead=(struct EtherPacketHead*)(pdata);
  219. pIPPacketHead=(struct IPPacketHead*)(pdata+14);
  220. pTCPPacketHead=(struct TCPPacketHead*)(pdata+34);
  221. memcpy((void *)tempEther,(void *)&pEtherPacketHead->DestEther,6);
  222. memcpy((void *)&pEtherPacketHead->DestEther,(void *)&pEtherPacketHead->SourEther,6);
  223. memcpy((void *)&pEtherPacketHead->SourEther,(void *)tempEther,6);
  224. memcpy((void *)tempIP,(void *)&pIPPacketHead->SourIP,4);
  225. memcpy((void *)&pIPPacketHead->SourIP,(void *)&pIPPacketHead->DestIP,4);
  226. memcpy((void *)&pIPPacketHead->DestIP,(void *)tempIP,4);
  227. delete tempEther;
  228. delete tempIP;
  229. tempPort=pTCPPacketHead->DestPort;
  230. pTCPPacketHead->DestPort=pTCPPacketHead->SourPort;
  231. pTCPPacketHead->SourPort=tempPort;
  232. tempNO=swapl(pTCPPacketHead->SeqNo);
  233. // tempNO=pTCPPacketHead->SeqNo;
  234. pTCPPacketHead->SeqNo=pTCPPacketHead->AckNo;
  235. TCPLen=swaps(pIPPacketHead->TtlLen)-40;
  236. // TCPLen = 0-56;
  237. pTCPPacketHead->AckNo=swapl(tempNO+TCPLen);
  238. // pTCPPacketHead->AckNo=tempNO+TCPLen;
  239. if (Flag2==1)
  240. {
  241. pTCPPacketHead->Flag=0x19;
  242. // Flag2=0;
  243. }
  244. else
  245.     pTCPPacketHead->Flag=0x18;//
  246. // pTCPPacketHead->WndSize=0x00;
  247. memset(pdata+54,0,1000-54);
  248. /* pIPPacketHead->TtlLen=swaps(40);
  249. pIPPacketHead->ChkSum=0;
  250. pIPPacketHead->ChkSum=GetCksum((USHORT *)(pdata+16), 20);
  251. pTCPPacketHead->ChkSum=0;
  252. GetTCPCksum((BYTE *)(pdata+2), 0);
  253. pdata[0]=1;
  254. // memset(&OverLappedread_auth,0,sizeof(OVERLAPPED));
  255. // lpOverLappedread=&OverLappedread_auth;
  257. length=WriteFile(global_handle,pdata,56,&nbyteWrite,NULL);
  258. length=GetLastError();*/
  259. if (Flag==0)
  260. {
  261. strcpy(pdata+54,"HTTP/1.1 401 Access DeniedrnTOP FireWall  Content-type: image/jpegrnWWW-Authenticate: basic realm="JutAg"rnContent-length: 30rnrn");//身份验证
  262.      strcpy(len, "HTTP/1.1 401 Access DeniedrnTOP FireWall  Content-type: image/jpegrnWWW-Authenticate: basic realm="JutAg"rnContent-length: 30rnrn");
  263. }
  264. else
  265. {
  266. strcpy(pdata+54,"HTTP/1.1 200 OKrnContent-type: image/jpegrnContent-length: 120rnrn<html><head></head><body><form><input type='button' name='WindowButton'value='OK'onclick='Refresh()'></form></body></html>");
  267.     strcpy(len,"HTTP/1.1 200 OKrnContent-type: image/jpegrnContent-length: 120rnrn<html><head></head><body><form><input type='button' name='WindowButton'value='OK'onclick='Refresh()'></form></body></html>");
  268. pTCPPacketHead->Flag=0x22;
  269. }
  270. // strcpy(pdata+54,"HTTP/1.1 401 UnauthorizedrnContent-type: image/jpegrnWWW-Authenticate: basic realm="JutAg"rnContent-length: 30rnrn");//身份验证
  271. // strcpy(len, "HTTP/1.1 401 UnauthorizedrnContent-type: image/jpegrnWWW-Authenticate: basic realm="JutAg"rnContent-length: 30rnrn");
  272. // pdata[0]=0;
  273. Ttlen=(WORD)(strlen(len));
  274. Ttlen+=40;
  275. pIPPacketHead->TtlLen=swaps(Ttlen);
  276. // pTCPPacketHead->Flag=0x18;
  277. pIPPacketHead->ChkSum=0;
  278. pIPPacketHead->ChkSum=GetCksum((USHORT *)(pdata+14), 20);
  279. pTCPPacketHead->ChkSum=0;
  280. GetTCPCksum((BYTE *)(pdata), 0);
  281. // WriteBuffer((BYTE *)pdata);
  282. }
  283. void Unbase64(char* pszText, char* pszCode)
  284. {
  285. int nLen, i;
  286. BYTE bySixBits0, bySixBits1, bySixBits2, bySixBits3, c;
  288. nLen = strlen(pszCode);
  289. for(i=0; i<nLen; )
  290. {
  291. bySixBits0 = GetSixBits(pszCode, i);
  292. if(i<nLen)
  293. bySixBits1 = GetSixBits(pszCode, i);
  294. if(i<nLen)
  295. bySixBits2 = GetSixBits(pszCode, i);
  296. if(i<nLen)
  297. bySixBits3 = GetSixBits(pszCode, i);
  299. c = bySixBits0<<2 | bySixBits1>>4; 
  300. *pszText = c; 
  301. pszText++;
  302. c = bySixBits1<<4 | bySixBits2>>2;
  303. *pszText = c; 
  304. pszText++;
  305. c = bySixBits2<<6 | bySixBits3;
  306. *pszText = c;
  307. pszText++;
  308. }
  309. *pszText = NULL;
  311. }
  313. BYTE GetSixBits(char* pszStr, int& i)
  314. {
  315. char c;
  317. while(1)
  318. {
  319. if(i>=strlen(pszStr))break;
  320. c = pszStr[i++];
  321. if(isupper(c)) return c-'A';
  322. else if(islower(c)) return c-'a'+26;
  323. else if(isdigit(c)) return c-'0'+52;
  324. else if(c=='+') return 62;
  325. else if(c=='/') return 63;
  326. else if(c=='=') return 0;
  327. }
  328. return 0;
  329. }
  331. int SearchSourceIP(struct IPPacketHead* pIPHead)
  332. {
  333. //struct IPAddr* tempIPAddr=new IPAddr;
  334. int  index;
  336. //memcpy((void *)tempIPAddr,(void *)&pIPHead->SourIP,4);
  337. index=((pIPHead->SourIP.AddrByte[2])&(255-mask.AddrByte[2]))*256
  338.  +((pIPHead->SourIP.AddrByte[3])&(255-mask.AddrByte[3]));
  339. if (UserList[index].PassTimes==0)
  340. {
  341. SourceIPFlag[index]=0;
  342. // delete tempIPAddr;//jl1106
  343. return index;
  344. }
  345. if ((UserList[index].PassTimes)&1==1)
  346. {
  347. SourceIPFlag[index]=2;
  348. // delete tempIPAddr;//jl1106
  349. return index;
  350. }
  351. SourceIPFlag[index]=1;
  352. // delete tempIPAddr;//jl1106
  353. return index;
  354. }
  356. void SendRToServer(BYTE* buf)
  357. {
  358. int    TCPLen;
  359. DWORD  tempNO;
  360. struct IPPacketHead  *pIPHead;
  361. struct TCPPacketHead *pTCPHead;
  362. struct EtherPacketHead* pEtherPacketHead,*pEtherHead;
  363. // SpecialBuffer=new BYTE[56];
  365. memcpy(SpecialBuffer+2,buf,54);
  366. pEtherPacketHead=(struct EtherPacketHead*)(buf);
  367. pIPPacketHead=(struct IPPacketHead*)(buf+14);
  368. pTCPPacketHead=(struct TCPPacketHead*)(buf+34);
  369. pEtherHead=(struct EtherPacketHead*)(SpecialBuffer+2);
  370. pIPHead=(struct IPPacketHead*)(SpecialBuffer+16);
  371. pTCPHead=(struct TCPPacketHead*)(SpecialBuffer+36);
  372. SpecialBuffer[0]=1;
  373. // SpecialBuffer[1]=2;
  374. memset(SpecialBuffer+56,0,1500-56);
  375. /* memcpy((void *)&pEtherHead->DestEther,(void *)&pEtherPacketHead->SourEther,6);
  376. memcpy((void *)&pEtherHead->SourEther,(void *)&pEtherPacketHead->DestEther,6);
  377. memcpy((void *)&pIPHead->SourIP,(void *)&pIPPacketHead->DestIP,4);
  378. memcpy((void *)&pIPHead->DestIP,(void *)&pIPPacketHead->SourIP,4);
  379. pTCPHead->SourPort=pTCPPacketHead->DestPort;
  380. pTCPHead->DestPort=pTCPPacketHead->SourPort;*/
  381. pIPHead->TtlLen=swaps(40);
  382. pTCPHead->AckNo=tempack;
  383. pTCPHead->SeqNo=tempseq;
  384. /* tempNO=swapl(pTCPPacketHead->SeqNo);
  385. pTCPHead->SeqNo=pTCPPacketHead->AckNo;
  386. TCPLen=swaps(pIPPacketHead->TtlLen)-40;
  387. pTCPHead->AckNo=swapl(tempNO+TCPLen);*/
  388. pTCPHead->Flag=0x04;
  389. // pTCPHead->WndSize=0;
  390. pIPHead->ChkSum=0;
  391. pIPHead->ChkSum=GetCksum((USHORT *)(SpecialBuffer+16), 20);
  392. pTCPHead->ChkSum=0;
  393. GetTCPCksum((SpecialBuffer+2), 0);
  394. ACK=1;
  395. // delete []SpecialBuffer;//jl1106
  396. }
  397. BOOL URLBlock(char *buffer)
  398. {
  399. char *pBegin,ch;
  400. // struct IPAddr Host,URL;
  402. // memset(Host,0,250);
  403. if (pBegin=strstr(buffer,"Host: "))
  404. {
  405. // GetHost(buffer);
  406. memcpy(URLBlockLog.URL,Host,250);
  407. if (strstr(TheServiceManageData.BlockURLList,Host))
  408. return TRUE;
  409. return FALSE;
  410. }
  411. return FALSE;
  412. }
  413. void ContentFilter(char *buffer)
  414. {
  415. struct IPPacketHead* pIPHead;
  416. struct TCPPacketHead* pTCPHead;
  417. struct EtherPacketHead* pEtherHead;
  418. int    length;
  419. int    len=0;
  421. pIPHead=(struct IPPacketHead*)(buffer+14);
  422. pTCPHead=(struct TCPPacketHead*)(buffer+34);
  423. length=swaps(pIPHead->TtlLen)-40;
  424. if (pIPHead->Proto!=6)
  425. return;
  426. if ((TheServiceManageData.TranProtocal&1)==0)//不进行TCP
  427. return;
  428. if (swaps(pTCPHead->SourPort)!=80)
  429. return;
  430. if ((TheServiceManageData.Port&1)==0)//不进行HTTP
  431. return;
  432. /* if (pTCPHead->AckNo==pTCPHead->SeqNo)
  433. {
  434. memset(buffer,0,54);
  435. return;
  436. }
  437. */
  438. if (length>10)
  439. {
  440. int tempIP,y=0;
  441. memcpy((void *)&tempIP,(void *)&pIPPacketHead->SourIP,4);
  442. TRACE(pat1[0]);
  443. TRACE(_T("count1=%dn"),count1);
  444. for (y=0;y<count1;y++)
  445. {
  446. if(count1==1)
  447. TRACE(_T("Y=%d,count1=%dn"),y,count1);
  448. if (tempIP==IP[y])
  449. return;
  450. }
  452. SearchFilter(buffer+54,length);
  453. if ((Count[0]==0)&&(Count[1]==0)&&(Count[2]==0))
  454. return;
  455. memcpy((void *)&ContentFilterLog.SourIP,(void *)&pIPPacketHead->SourIP,4);
  456. memcpy((void *)&ContentFilterLog.DestIP,(void *)&pIPPacketHead->DestIP,4);
  457. ContentFilterLog.SourPort=swaps(pTCPPacketHead->SourPort);
  458. ContentFilterLog.DestPort=swaps(pTCPPacketHead->DestPort);
  459. GetLocalTime(&(ContentFilterLog.Time));
  460. if (Count[0]!=0)
  461. strcpy(ContentFilterLog.KeyWord[0],pat1[0]);
  462. if (Count[1]!=0)
  463. strcpy(ContentFilterLog.KeyWord[1],pat1[1]);
  464. if (Count[2]!=0)
  465. strcpy(ContentFilterLog.KeyWord[2],pat1[2]);
  466. // if (Count[0]+Count[2]+Count[3]!=0)
  467. i2++;
  468. memset(Count,0,80);
  469. }
  470. return;
  471. }
  473. void SearchFilter(char *text,int len)
  474. {
  475. int y,z,count=0,hashval=0,comp=0;
  476. char temp[4];
  477. for (z=0; z<len; z++)
  478. {
  479. if (text[z]=='<')
  480. comp=1;
  481. if (comp==1)
  482. {
  483.     if ((text[z]==' ')||(text[z]==13)||(text[z]==10))
  484. {
  485.     if (count<8)
  486. {
  487.         hashval+=count;
  488.         hashtab.pois[hashval][hashtab.number[hashval]]=z-count;
  489.         hashtab.number[hashval]++;
  490. }
  491. hashval=0;
  492.         count=0;
  493.     comp=0;
  494. }
  495.     else
  496. {
  497. //     temp[count]=text[z];
  498.     hashval+=(text[z]&95);
  499.     count++;
  500. }
  501. }
  502. }
  503. for (int Loop1=0;Loop1<count2;Loop1++)
  504. {
  505. for (y=0; y<hashtab.number[HValueKeyWord[Loop1]]; y++)
  506. {
  507. z=0;
  508. while (z<7)
  509. {
  510. if ((text[hashtab.pois[HValueKeyWord[Loop1]][y]+z]&95)!=(pat1[0][z]&95))
  511. z=9;
  512. z++;
  513. }
  514. if (z!=10)
  515. {
  516. Count[Loop1]++;
  517. temp[0]=text[hashtab.pois[HValueKeyWord[Loop1]][y]+1];
  518. temp[1]=text[hashtab.pois[HValueKeyWord[Loop1]][y]+2];
  519. text[hashtab.pois[HValueKeyWord[Loop1]][y]+1]=text[hashtab.pois[HValueKeyWord[Loop1]][y]+3];
  520. text[hashtab.pois[HValueKeyWord[Loop1]][y]+2]=text[hashtab.pois[HValueKeyWord[Loop1]][y]+4];
  521. text[hashtab.pois[HValueKeyWord[Loop1]][y]+3]=temp[0];
  522. text[hashtab.pois[HValueKeyWord[Loop1]][y]+4]=temp[1];
  523. }
  524. }
  525. }
  526. /* for (y=0; y<hashtab.number[474]; y++)
  527. {
  528. z=0;
  529. while (z<7)
  530. {
  531. if ((text[hashtab.pois[474][y]+z]&95)!=(pat1[1][z]&95))
  532. z=9;
  533. z++;
  534. }
  535. if (z!=10)
  536. {
  537. Count[1]++;
  538. temp[0]=text[hashtab.pois[474][y]+1];
  539. temp[1]=text[hashtab.pois[474][y]+2];
  540. text[hashtab.pois[474][y]+1]=text[hashtab.pois[474][y]+3];
  541. text[hashtab.pois[474][y]+2]=text[hashtab.pois[474][y]+4];
  542. text[hashtab.pois[474][y]+3]=temp[0];
  543. text[hashtab.pois[474][y]+4]=temp[1];
  544. }
  545. }
  546. for (y=0; y<hashtab.number[504]; y++)
  547. {
  548. z=0;
  549. while (z<7)
  550. {
  551. if ((text[hashtab.pois[504][y]+z]&95)!=(pat1[2][z]&95))
  552. z=9;
  553. z++;
  554. }
  555. if (z!=10)
  556. {
  557. Count[2]++;
  558. temp[0]=text[hashtab.pois[504][y]+1];
  559. temp[1]=text[hashtab.pois[504][y]+2];
  560. text[hashtab.pois[504][y]+1]=text[hashtab.pois[504][y]+3];
  561. text[hashtab.pois[504][y]+2]=text[hashtab.pois[504][y]+4];
  562. text[hashtab.pois[504][y]+3]=temp[0];
  563. text[hashtab.pois[504][y]+4]=temp[1];
  564. }
  565. }
  566. }*/
  567. return;
  568. }
  569. void SetTimeout()
  570. {
  571. for (int i=0; i<4096; i++)
  572. {
  573. if (SourceIPFlag[i]==2)
  574. {
  575.     UserList[i].PassTimes+=8;
  576.     if ((UserList[i].PassTimes&56)>>3==TheUserVerifyData.timeRefesh)//判断是否超时;
  577. {
  578.     UserList[i].PassTimes=0;//如超时将该项清0;
  579. SourceIPFlag[i]=0;
  580. }
  581. }
  582. }
  583. if (timer==TheUserVerifyData.timeRefesh)
  584. {
  585. count1=0;
  586. timer=0;
  587. }
  588. else
  589. {
  590. timer++;
  591. }
  592. }
  593. void TimeBeginThread()
  594. {
  595. while(1)
  596. {
  598. Sleep(60000);
  599. SetTimeout();
  600. }
  601. }
  602. void SendRes(BYTE *buf)
  603. {
  604. int    TCPLen;
  605. DWORD  tempNO;
  606. struct IPPacketHead  *pIPHead;
  607. struct TCPPacketHead *pTCPHead;
  608. struct EtherPacketHead* pEtherPacketHead,*pEtherHead;
  609. // SpecialBuffer=new BYTE[56];
  611. memcpy(SpecialBuffer1+2,buf,54);
  612. pEtherPacketHead=(struct EtherPacketHead*)(buf);
  613. pIPPacketHead=(struct IPPacketHead*)(buf+14);
  614. pTCPPacketHead=(struct TCPPacketHead*)(buf+34);
  615. pEtherHead=(struct EtherPacketHead*)(SpecialBuffer1+2);
  616. pIPHead=(struct IPPacketHead*)(SpecialBuffer1+16);
  617. pTCPHead=(struct TCPPacketHead*)(SpecialBuffer1+36);
  618. SpecialBuffer1[0]=1;
  619. // SpecialBuffer1[1]=2;
  620. memset(SpecialBuffer1+56,0,1500-56);
  621. /* memcpy((void *)&pEtherHead->DestEther,(void *)&pEtherPacketHead->SourEther,6);
  622. memcpy((void *)&pEtherHead->SourEther,(void *)&pEtherPacketHead->DestEther,6);
  623. memcpy((void *)&pIPHead->SourIP,(void *)&pIPPacketHead->DestIP,4);
  624. memcpy((void *)&pIPHead->DestIP,(void *)&pIPPacketHead->SourIP,4);
  625. pTCPHead->SourPort=pTCPPacketHead->DestPort;
  626. pTCPHead->DestPort=pTCPPacketHead->SourPort;*/
  627. pIPHead->TtlLen=swaps(40);
  628. tempNO=swapl(pTCPPacketHead->SeqNo);
  629. // pTCPHead->SeqNo=pTCPPacketHead->AckNo;
  630. // tempNO=pTCPPacketHead->SeqNo;
  631. // pTCPPacketHead->SeqNo=pTCPPacketHead->AckNo;
  632. TCPLen=swaps(pIPPacketHead->TtlLen)-40;
  633. // TCPLen = 0-56;
  634. pTCPHead->SeqNo=swapl(tempNO+TCPLen);
  635. // pTCPHead->SeqNo=pTCPPacketHead->SeqNo;
  636. // pTCPPacketHead->AckNo=swapl(tempNO+TCPLen);
  637. /* tempNO=swapl(pTCPPacketHead->SeqNo);
  638. pTCPHead->SeqNo=pTCPPacketHead->AckNo;
  639. TCPLen=swaps(pIPPacketHead->TtlLen)-40;
  640. pTCPHead->AckNo=swapl(tempNO+TCPLen);*/
  641. /* if (pTCPPacketHead->Flag==0x11)
  642.     pTCPHead->Flag=0x10;
  643. else*/
  644. pTCPHead->Flag=0x11;
  645. // pTCPHead->WndSize=0;
  646. pIPHead->ChkSum=0;
  647. pIPHead->ChkSum=GetCksum((USHORT *)(SpecialBuffer1+16), 20);
  648. pTCPHead->ChkSum=0;
  649. GetTCPCksum((SpecialBuffer1+2), 0);
  650. ACK=1;
  651. }
  652. void SendACK(BYTE *buf)
  653. {
  654. // int    TCPLen;
  655. // DWORD  tempNO;
  656. // struct IPPacketHead  *pIPHead;
  657. // struct TCPPacketHead *pTCPHead;
  658. struct EtherPacketHead* pEtherPacketHead;
  659. struct EtherAddr* tempEther=new EtherAddr;
  660. struct IPAddr* tempIP=new IPAddr;
  661. WORD   tempPort;
  662. DWORD  tempNO;
  663. int    TCPLen;
  664. WORD   Ttlen;
  665. int    length;
  667. pEtherPacketHead=(struct EtherPacketHead*)(buf);
  668. pIPPacketHead=(struct IPPacketHead*)(buf+14);
  669. pTCPPacketHead=(struct TCPPacketHead*)(buf+34);
  670. memcpy((void *)tempEther,(void *)&pEtherPacketHead->DestEther,6);
  671. memcpy((void *)&pEtherPacketHead->DestEther,(void *)&pEtherPacketHead->SourEther,6);
  672. memcpy((void *)&pEtherPacketHead->SourEther,(void *)tempEther,6);
  673. memcpy((void *)tempIP,(void *)&pIPPacketHead->SourIP,4);
  674. memcpy((void *)&pIPPacketHead->SourIP,(void *)&pIPPacketHead->DestIP,4);
  675. memcpy((void *)&pIPPacketHead->DestIP,(void *)tempIP,4);
  676. delete tempEther;
  677. delete tempIP;
  678. tempPort=pTCPPacketHead->DestPort;
  679. pTCPPacketHead->DestPort=pTCPPacketHead->SourPort;
  680. pTCPPacketHead->SourPort=tempPort;
  681.     tempNO=swapl(pTCPPacketHead->SeqNo);
  682. // tempNO=pTCPPacketHead->SeqNo;
  683. pTCPPacketHead->SeqNo=pTCPPacketHead->AckNo;
  684. TCPLen=swaps(pIPPacketHead->TtlLen)-40;
  685. // TCPLen = 0-56;
  686. pTCPPacketHead->AckNo=swapl(tempNO+TCPLen+1);
  687. pTCPPacketHead->Flag=0x10;
  688. // pTCPPacketHead->WndSize=0;
  689. pIPPacketHead->ChkSum=0;
  690. pIPPacketHead->ChkSum=GetCksum((USHORT *)(buf+14), 20);
  691. pTCPPacketHead->ChkSum=0;
  692. GetTCPCksum((buf), 0);
  693. // ACK1=1;
  694. }
  695. void SystemLog()
  696. {
  697. if (TheLogManage.TheProCommentsLog.isLogProtocal==FALSE)
  698. return;
  700. if (openfile1)
  701. {
  702. memset(URLBlockMsg,0,4096);
  703. openfile1=FALSE;
  704. }
  705. if (openfile2)
  706. {
  707. memset(ContentFilterMsg,0,4096);
  708. openfile2=FALSE;
  709. }
  710. if (i1!=tempcount1)
  711. {
  712. if (((TheLogManage.TheProCommentsLog.Options)&8)==8)
  713. {
  714. sprintf(TheLogView.time,"%d:%d:%d",URLBlockLog.Time.wHour,URLBlockLog.Time.wMinute,URLBlockLog.Time.wSecond);
  715. len1=strlen(URLBlockMsg);
  716. sprintf(URLBlockMsg+len1,"%d年%d月%d日%d:%d:%d    "
  717. ,URLBlockLog.Time.wYear,URLBlockLog.Time.wMonth,URLBlockLog.Time.wDay,URLBlockLog.Time.wHour,URLBlockLog.Time.wMinute,URLBlockLog.Time.wSecond);
  718. }
  719. if (((TheLogManage.TheProCommentsLog.Options)&1)==1)
  720. {
  721. sprintf(TheLogView.src,"%d.%d.%d.%d:%d",URLBlockLog.SourIP.AddrByte[0],URLBlockLog.SourIP.AddrByte[1],URLBlockLog.SourIP.AddrByte[2],URLBlockLog.SourIP.AddrByte[3],URLBlockLog.SourPort);
  722.     sprintf(TheLogView.dst,"%d.%d.%d.%d:%d",URLBlockLog.DestIP.AddrByte[0],URLBlockLog.DestIP.AddrByte[1],URLBlockLog.DestIP.AddrByte[2],URLBlockLog.DestIP.AddrByte[3],URLBlockLog.DestPort);
  723. len1=strlen(URLBlockMsg);
  724. sprintf(URLBlockMsg+len1,"源地址:%d.%d.%d.%d:%d   目的地址:%d.%d.%d.%d:%d   "
  725. ,URLBlockLog.SourIP.AddrByte[0],URLBlockLog.SourIP.AddrByte[1],URLBlockLog.SourIP.AddrByte[2],URLBlockLog.SourIP.AddrByte[3],URLBlockLog.SourPort
  726. ,URLBlockLog.DestIP.AddrByte[0],URLBlockLog.DestIP.AddrByte[1],URLBlockLog.DestIP.AddrByte[2],URLBlockLog.DestIP.AddrByte[3],URLBlockLog.DestPort);
  727. }
  728. if (((TheLogManage.TheProCommentsLog.Options)&4)==4)
  729. {
  730. sprintf(TheLogView.URL,"%s",URLBlockLog.URL);
  731. len1=strlen(URLBlockMsg);
  732. sprintf(URLBlockMsg+len1,"请求的URL:%s"
  733. ,URLBlockLog.URL);
  734. }
  735. len1=strlen(URLBlockMsg);
  736. sprintf(URLBlockMsg+len1,"rn");
  737. sprintf(TheLogView.demo,"内网入站");
  738. if (logType==2)
  739. // PostMessage(AfxGetMainWnd()->GetSafeHwnd(),M_LOGVIEW,(WPARAM)&TheLogView,(LPARAM)113);
  740.             PostMessage(myhWnd1,M_LOGVIEW,(WPARAM)&TheLogView,(LPARAM)113);
  741. tempcount1=i1;
  742. memset(&URLBlockLog,0,(sizeof(struct URLBlockLogMsg)));
  743. if (tempcount1==20)
  744. {
  745. URLBlockLogFile=fopen("URLBlockLog.log","a");
  746. fprintf(URLBlockLogFile,URLBlockMsg);
  747. fclose(URLBlockLogFile);
  748. openfile1=TRUE;
  749. tempcount1=0;
  750. i1=0;
  751. memset(URLBlockMsg,0,4096);
  752. }
  753. }
  754. if (i2!=tempcount2)
  755. {
  756. if (((TheLogManage.TheProCommentsLog.Options)&8)==8)
  757. {
  758. sprintf(TheLogView.time,"%d:%d:%d",ContentFilterLog.Time.wHour,ContentFilterLog.Time.wMinute,ContentFilterLog.Time.wSecond);
  759. len2=strlen(ContentFilterMsg);
  760. sprintf(ContentFilterMsg+len2,"%d年%d月%d日%d:%d:%d  "
  761. ,ContentFilterLog.Time.wYear,ContentFilterLog.Time.wMonth,ContentFilterLog.Time.wDay,ContentFilterLog.Time.wHour,ContentFilterLog.Time.wMinute,ContentFilterLog.Time.wSecond);
  762. }
  763. if (((TheLogManage.TheProCommentsLog.Options)&1)==1)
  764. {
  765. sprintf(TheLogView.src,"%d.%d.%d.%d:%d",ContentFilterLog.SourIP.AddrByte[0],ContentFilterLog.SourIP.AddrByte[1],ContentFilterLog.SourIP.AddrByte[2],ContentFilterLog.SourIP.AddrByte[3],ContentFilterLog.SourPort);
  766. sprintf(TheLogView.dst,"%d.%d.%d.%d:%d",ContentFilterLog.DestIP.AddrByte[0],ContentFilterLog.DestIP.AddrByte[1],ContentFilterLog.DestIP.AddrByte[2],ContentFilterLog.DestIP.AddrByte[3],ContentFilterLog.DestPort);
  767. len2=strlen(ContentFilterMsg);
  768. sprintf(ContentFilterMsg+len2,"源地址:%d.%d.%d.%d:%d   目的地址:%d.%d.%d.%d:%d"
  769. ,ContentFilterLog.SourIP.AddrByte[0],ContentFilterLog.SourIP.AddrByte[1],ContentFilterLog.SourIP.AddrByte[2],ContentFilterLog.SourIP.AddrByte[3],ContentFilterLog.SourPort
  770. ,ContentFilterLog.DestIP.AddrByte[0],ContentFilterLog.DestIP.AddrByte[1],ContentFilterLog.DestIP.AddrByte[2],ContentFilterLog.DestIP.AddrByte[3],ContentFilterLog.DestPort);
  771. }
  772. if (((TheLogManage.TheProCommentsLog.Options)&2)==2)
  773. {
  774. sprintf(TheLogView.keyword,"%s  %s  %s",ContentFilterLog.KeyWord[0],ContentFilterLog.KeyWord[1],ContentFilterLog.KeyWord[2]);
  775. len2=strlen(ContentFilterMsg);
  776. sprintf(ContentFilterMsg+len2,"含关键字:%s  %s  %s"
  777. ,ContentFilterLog.KeyWord[0],ContentFilterLog.KeyWord[1],ContentFilterLog.KeyWord[2]);
  778. }
  779. len2=strlen(ContentFilterMsg);
  780. sprintf(ContentFilterMsg+len2,"rn");
  781. sprintf(TheLogView.demo,"外网入站");
  782. if (logType==2)
  783. // PostMessage(AfxGetMainWnd()->GetSafeHwnd(),M_LOGVIEW,(WPARAM)&TheLogView,(LPARAM)114);
  784. PostMessage(myhWnd1,M_LOGVIEW,(WPARAM)&TheLogView,(LPARAM)114);
  785. memset(&ContentFilterLog,0,(sizeof(struct FilterLogMsg)));
  786. tempcount2=i2;
  787. if (tempcount2=20)
  788. {
  789. FilterLogFile=fopen("ContentFilterLog.log","a");
  790. fprintf(FilterLogFile,ContentFilterMsg);
  791. fclose(FilterLogFile);
  792. openfile2=TRUE;
  793. tempcount2=0;
  794.     i2=0;
  795. memset(ContentFilterMsg,0,4096);
  796. }
  797. }
  798. }
  799. void ProtoManInit()
  800. {
  801. int xx=0,yy=0,zz=1;
  802. memset(pat1[0],0,512);
  803. memset(pat1[1],0,512);
  804. memset(pat1[2],0,512);
  805. pat1[0][0]='<';
  806. while(TheServiceManageData.FilterKeyWord[xx]!=0)
  807. {
  808. if ((TheServiceManageData.FilterKeyWord[xx]!='r')&&(TheServiceManageData.FilterKeyWord[xx]!='n'))
  809. {
  810. pat1[yy][zz]=TheServiceManageData.FilterKeyWord[xx];
  811. zz++;
  812. xx++;
  813. }
  814. else
  815. {
  816. if (TheServiceManageData.FilterKeyWord[xx+2]!=0)
  817. {
  818.     yy++;
  819. pat1[yy][0]='<';
  820. }
  821. zz=1;
  822. xx+=2;
  823. }
  824. }
  825. count2=yy+1;
  826. zz=0;
  827. memset(HValueKeyWord,0,20);
  828. for (xx=0;xx<count2;xx++)
  829. {
  830. while (pat1[xx][zz])//((pat1[xx][zz]!='r')&&(pat1[xx][zz]!='n'))
  831. {
  832. HValueKeyWord[xx]+=(pat1[xx][zz]&95);
  833. zz++;
  834. }
  835. HValueKeyWord[xx]+=zz;
  836. zz=0;
  837. }
  838. }
  839. BOOL Authentication(BYTE *pdata)
  840. {
  841. char* buf,*pAuthorization,pszCode[32], pszText[32],*pBegin;
  842. int   Index=0;
  844. ACK1=0;
  845. /* mask.AddrByte[0]=255;
  846. mask.AddrByte[1]=255;
  847. mask.AddrByte[2]=255;
  848. mask.AddrByte[3]=0;*/
  849. buf=(char *)pdata;
  850. if (TheUserVerifyData.IsVerify==0)
  851.     return TRUE;
  852. pIPPacketHead=(struct IPPacketHead*)(pdata+14);
  853. // if (pIPPacketHead->Proto!=6)
  854. // return TRUE;
  855. pTCPPacketHead=(struct TCPPacketHead*)(pdata+34);
  856. // if (swaps(pTCPPacketHead->DestPort)!=80)
  857. // return TRUE;
  858. if (ACK1==1)
  859. {
  860. TRACE(_T("ID=:%x n"),pIPPacketHead->Id);
  861. ACK1=0;
  862. }/**/
  863. //    
  864. // int tempIPP=swapl(pIPPacketHead->SourIP);
  865. Index=SearchSourceIP(pIPPacketHead);//查找源IP地址的列表
  866. //Index = 2;
  867. //TRACE(_T("SourceIPFlag[Index]=:%d n"),SourceIPFlag[Index]);
  868. //TRACE(_T("Index=:%d n"),Index);
  869. // SourceIPFlag[Index] = 2;
  870. if (SourceIPFlag[Index]==0)//没有验证
  871. {
  873. if (pTCPPacketHead->Flag==0x11)
  874. {
  875. SendACK(pdata);
  876. TRACE(_T("CLIENT CLOSEn"));
  877. ACK1=1;
  878. // Flag2=0;
  879. return FALSE;
  880. }
  881. /**/
  882. if(pBegin=strstr(buf+54,"GET"))
  883. {
  884. // pAuthorization=strstr(buf+54,"Authorization: Basic");
  885. //     if (!pAuthorization)
  886. // {
  887. tempseq=pTCPPacketHead->SeqNo;
  888. tempack=pTCPPacketHead->AckNo;
  889. SendRToServer(pdata);
  890. //TRACE(_T("CLOSE servern"));
  891.     SendAutheMsg(buf, 0);//发送验证信息
  892. // TRACE(_T("send authen"));
  893. SendRes(pdata);
  894. // Flag2=0;
  895. ACK=1;
  896. ACK1=1;
  897. UserList[Index].PassTimes+=2;
  898. // SourceIPFlag[Index]=1;
  899. return FALSE;
  900. }
  901. else
  902. {
  903. ACK1=0;
  904. return TRUE;
  905. }
  906. }
  907. if (SourceIPFlag[Index]==1)//正在验证
  908. {
  909. TRACE(_T("正在验证n"));
  910. pAuthorization=strstr(buf+54,"Authorization: Basic");
  911. if (!pAuthorization)
  912. {
  913. if (strstr(buf+54,"GET"))
  914. {
  915. tempseq=pTCPPacketHead->SeqNo;
  916.         tempack=pTCPPacketHead->AckNo;
  917.          SendRToServer(pdata);
  918.              SendAutheMsg(buf, 0);//发送验证信息
  919. // if (pTCPPacketHead->Flag==0x11)
  920. // {
  921.     SendRes(pdata);
  922. // SendACK(pdata);
  923. ACK1=1;
  924. // }
  925. //          UserList[Index].PassTimes+=2;
  926.          ACK=1;
  927.          return FALSE;
  928. }
  929. if (pTCPPacketHead->Flag==0x11)
  930. {
  931.          SendACK(pdata);
  932. //Flag2=0;
  933.         ACK1=1;
  934.         return FALSE;
  935. }
  936. return TRUE;
  937. }
  938. else
  939. {
  940. int i=0;
  941. while (((pAuthorization+21)[i]!=' ')&&((pAuthorization+21)[i]!='r')&&((pAuthorization+21)[i]!='n'))
  942. i++;
  943. if (i>30)
  944. goto die;
  945. sscanf(pAuthorization+21, "%s", pszCode);
  946. memset(pszText,0,32);
  947.         Unbase64(pszText, pszCode);
  948. strcat(pszText,"rn");
  949. // memcpy(AuthLog[i2].UserPaswd,pszText,32);
  950. // memcpy((void *)&AuthLog[i2].SourIP,(void *)&pIPPacketHead->SourIP,4);
  951. // GetLocalTime(&(AuthLog[i2].Time));
  952.         if(strstr(TheUserVerifyData.UserList,pszText))
  953. {
  954.         buf[0]=1;
  955. //         SourceIPFlag=2;
  956. UserList[Index].PassTimes=1;
  957. //         SendAutheMsg(buf, 1);
  958. ACK=0;
  959. // SourceIPFlag[Index]=2;
  960. // AuthLog[i2].RightUser='Y';
  961. // i2++;
  962. return TRUE;
  963. }
  964.         else
  965. {
  966. die:;
  967.      if ((UserList[Index].PassTimes)==6)
  968. {
  969. UserList[Index].PassTimes=0;
  970. }
  971. else
  972. UserList[Index].PassTimes+=2;
  973. tempseq=pTCPPacketHead->SeqNo;
  974.     tempack=pTCPPacketHead->AckNo;
  975.     SendRToServer(pdata);
  976. Flag2=1;
  977.         SendAutheMsg(buf, 0);
  978. /* if (pTCPPacketHead->Flag==0x11)
  979. {
  980.     if (Flag2==0)
  981.         SendRes(pdata);
  982.     Flag2=1;
  983. SendACK(pdata);
  984. ACK1=1;
  985. }*/
  986. ACK=1;
  987. ACK1=1;
  988. // AuthLog[i2].RightUser='N';
  989. // i2++;
  990. return FALSE;
  991. }
  992. // return;
  993. }
  994. }
  995. else//验证通过
  996. {
  997. UserList[Index].PassTimes=1;
  998. return TRUE;
  999. }
  1000. }
  1001. void GetHost(char *buffer)
  1002. {
  1003. char *pBegin;
  1005. memset(Host,0,250);
  1006. if (pBegin=strstr(buffer,"Host: "))
  1007. {
  1008. int i=0;
  1009. while ((pBegin[6+i]!='r')&&(i<250))
  1010. {
  1011. Host[i]=pBegin[6+i];
  1012. i++;
  1013. }
  1014. // memcpy(URLBlockLog[i1].URL,Host,250);
  1015. strcat(Host,"rn");
  1016. // if (strstr(TheServiceManageData.BlockURLList,Host))
  1017. // return TRUE;
  1018. // return FALSE;
  1019. }
  1020. }
  1021. void SendSpecialBuffer()
  1022. {
  1023. OVERLAPPED Overlapped;
  1025. memset(&Overlapped,0,sizeof(OVERLAPPED));
  1026. if (ACK==1)
  1027. {
  1028. TRACE(_T("ACK==1n"));
  1029. if (Flag2==0)
  1030. {
  1031. SpecialBuffer1[0]=0;
  1032. SpecialBuffer1[1]=(INNO-0x30);
  1033. //实际,tempdata[aa][0]=1;
  1034.     WriteFileEx(global_handle,
  1035. SpecialBuffer1,//TCP数据0字节的响应包
  1036. //其中,SpecialBuffer[0]=1,
  1037. 56,
  1038. &Overlapped,
  1039. WriteCompletionRoutineZJ);/**/
  1040. //count++;
  1041. }
  1042. SpecialBuffer[0]=0;
  1043.     SpecialBuffer[1]=(OUTNO-0x30);
  1044.     WriteFileEx(global_handle,
  1045. SpecialBuffer,//TCP数据0字节的响应包
  1046. //其中,SpecialBuffer[0]=1,
  1047. 56,
  1048. &Overlapped,
  1049. WriteCompletionRoutineXZ);
  1050. /**/
  1051. ACK=0;
  1052. Flag2=0;
  1053. }
  1054. }
  1055. VOID WINAPI WriteCompletionRoutineZJ(DWORD dwErrorCode, 
  1056.    DWORD dwNumberOfBytesTransferred, 
  1057.    LPOVERLAPPED pOverlapped)
  1058. {
  1059. memset(SpecialBuffer1,0,1500);
  1060. }
  1061. VOID WINAPI WriteCompletionRoutineXZ(DWORD dwErrorCode, 
  1062.    DWORD dwNumberOfBytesTransferred, 
  1063.    LPOVERLAPPED pOverlapped)
  1064. {
  1065. memset(SpecialBuffer,0,1500);
  1066. }