LHmon problems

Home Forums Discussions Support Portal LHmon problems

This topic contains 3 replies, has 3 voices, and was last updated by  Anton 11 years, 5 months ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #5028

    aureliuh
    Participant

    Hi there,

    I have a bug promlem with lhmon. I have compiled the sources from example with c++bilder 6 and when I am tring to run the app sometimes it works (shows me the captured packed ) sometimes it doesn’t work. It remain at the

    WaitForSingleObject (hEvent, INFINITE);

    and wait. I have a lot of activity on the net on TCP but the event dos not fire anymore

    I have tried on another computer and I make the same.

    Could you please tell em what is happening?

    #6060

    Vadim Smirnov
    Moderator

    First of all the trial version on site is limited to capture 100 packets per boot.

    If you are using full registered version then have you tried to run Local Host Monitor application on that system? If it works fine then the problem is relative to your code (and to advise anything I have to see more than one line), if it also does not intercept packets then it is probably driver relative. Please clarify.

    #6061

    aureliuh
    Participant

    The driver is not the miteded one. and the code is exactly the code from the package cbuilder


    #include
    #include
    #include
    #include
    #include "includecommon.h"
    #include "includelhmonapi.h"

    //

    #pragma hdrstop

    //

    #pragma argsused

    int main(int argc, char* argv[])
    {
    LOG_INFO LogInfo;
    FILTER_INFO FilterInfo;

    memset (&LogInfo, 0, sizeof (LOG_INFO));
    memset (&FilterInfo, 0, sizeof (FILTER_INFO));

    CLhmonApi api;

    if (!api.IsDriverLoaded())
    return 0;

    DWORD dwVersion = api.GetVersion();

    api.SetLoggingState(1);
    api.SetMaximumLogSize (100);

    HANDLE hEvent = OpenEvent (EVENT_ALL_ACCESS, FALSE, "LhmonEvent");

    FilterInfo.m_Address.m_Ip = 0x00000000; // 127.0.0.1
    FilterInfo.m_Address.m_Mask = 0x00000000; // 255.0.0.0
    FilterInfo.m_PortRange.m_StartRange = 0x0; // 0
    FilterInfo.m_PortRange.m_EndRange = 0xFFFF; // 65535
    FilterInfo.m_LocalPortRange.m_StartRange = 0x0;
    FilterInfo.m_LocalPortRange.m_EndRange = 0xFFFF;
    FilterInfo.m_Protocol = TCP;

    api.AddFilter (&FilterInfo);

    unsigned int k, m, i = 0;

    while (i < 100)
    {
    memset (&LogInfo, 2 , sizeof (LOG_INFO));
    if ( api.ReadLog ( &LogInfo ) )
    {
    ++i;
    printf ("i=%un", i);
    printf ("LogInfo.m_ID = %dn", LogInfo.m_ID);
    printf ("LogInfo.m_LocalAddress.m_Ip = 0x%Xn", LogInfo.m_LocalAddress.m_Ip);
    printf ("LogInfo.m_LocalAddress.m_Port = %dn", LogInfo.m_LocalAddress.m_Port);
    printf ("LogInfo.m_RemoteAddress.m_Ip = 0x%Xn", LogInfo.m_RemoteAddress.m_Ip);
    printf ("LogInfo.m_RemoteAddress.m_Port = %dn", LogInfo.m_RemoteAddress.m_Port);
    printf ("LogInfo.m_Protocol = %dn", LogInfo.m_Protocol);
    printf ("LogInfo.m_Offset = %dn", LogInfo.m_Offset);
    printf ("LogInfo.m_Flags = 0x%.8Xn", LogInfo.m_Flags);
    printf ("LogInfo.m_DataLength = %dn", LogInfo.m_DataLength);
    printf ("LogInfo.m_ProcessID = %dn", LogInfo.m_ProcessID);

    printf ("nn");
    }
    else
    {
    if (hEvent && (hEvent != INVALID_HANDLE_VALUE))
    {
    WaitForSingleObject (hEvent, INFINITE);
    ResetEvent (hEvent);
    }
    }
    }

    api.SetLoggingState(0);
    api.PurgeLog();
    api.RemoveAllFilters();

    CloseHandle (hEvent);

    return 0;
    }
    #6062

    Anton
    Participant

    Hi,aureliuh

    Please, provide the version of API that you are using. The code you’ve posted is not form the latest API package.

    Thank you.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.