Forum Replies Created
Viewing 2 posts - 1 through 2 (of 2 total)
	
- 
		AuthorPosts
- 
		
			
				
The driver is not the miteded one. and the code is exactly the code from the package cbuilder 
 #include
 #include
 #include
 #include
 #include "includecommon.h"
 #include "includelhmonapi.h"
 
 //
 
 #pragma hdrstop
 
 //
 
 #pragma argsused
 
 int main(int argc, char* argv[])
 {
 LOG_INFO LogInfo;
 FILTER_INFO FilterInfo;
 
 memset (&LogInfo, 0, sizeof (LOG_INFO));
 memset (&FilterInfo, 0, sizeof (FILTER_INFO));
 
 CLhmonApi api;
 
 if (!api.IsDriverLoaded())
 return 0;
 
 DWORD dwVersion = api.GetVersion();
 
 api.SetLoggingState(1);
 api.SetMaximumLogSize (100);
 
 HANDLE hEvent = OpenEvent (EVENT_ALL_ACCESS, FALSE, "LhmonEvent");
 
 FilterInfo.m_Address.m_Ip = 0x00000000; // 127.0.0.1
 FilterInfo.m_Address.m_Mask = 0x00000000; // 255.0.0.0
 FilterInfo.m_PortRange.m_StartRange = 0x0; // 0
 FilterInfo.m_PortRange.m_EndRange = 0xFFFF; // 65535
 FilterInfo.m_LocalPortRange.m_StartRange = 0x0;
 FilterInfo.m_LocalPortRange.m_EndRange = 0xFFFF;
 FilterInfo.m_Protocol = TCP;
 
 api.AddFilter (&FilterInfo);
 
 unsigned int k, m, i = 0;
 
 while (i < 100)
 {
 memset (&LogInfo, 2 , sizeof (LOG_INFO));
 if ( api.ReadLog ( &LogInfo ) )
 {
 ++i;
 printf ("i=%un", i);
 printf ("LogInfo.m_ID = %dn", LogInfo.m_ID);
 printf ("LogInfo.m_LocalAddress.m_Ip = 0x%Xn", LogInfo.m_LocalAddress.m_Ip);
 printf ("LogInfo.m_LocalAddress.m_Port = %dn", LogInfo.m_LocalAddress.m_Port);
 printf ("LogInfo.m_RemoteAddress.m_Ip = 0x%Xn", LogInfo.m_RemoteAddress.m_Ip);
 printf ("LogInfo.m_RemoteAddress.m_Port = %dn", LogInfo.m_RemoteAddress.m_Port);
 printf ("LogInfo.m_Protocol = %dn", LogInfo.m_Protocol);
 printf ("LogInfo.m_Offset = %dn", LogInfo.m_Offset);
 printf ("LogInfo.m_Flags = 0x%.8Xn", LogInfo.m_Flags);
 printf ("LogInfo.m_DataLength = %dn", LogInfo.m_DataLength);
 printf ("LogInfo.m_ProcessID = %dn", LogInfo.m_ProcessID);
 
 printf ("nn");
 }
 else
 {
 if (hEvent && (hEvent != INVALID_HANDLE_VALUE))
 {
 WaitForSingleObject (hEvent, INFINITE);
 ResetEvent (hEvent);
 }
 }
 }
 
 api.SetLoggingState(0);
 api.PurgeLog();
 api.RemoveAllFilters();
 
 CloseHandle (hEvent);
 
 return 0;
 }
 My problem is that the incoming packets have TTL=1 and beacause of this I can not get the packets behind a router. 
 The only solution is to modify the packet’s ttl=5 so I can get the packets over the router
- 
		AuthorPosts
Viewing 2 posts - 1 through 2 (of 2 total)
	
