Tcp连接表获取(模拟netstat -ano)
大约 3 分钟
Ipv4的TCP连接表获取
// Need to link with Iphlpapi.lib and Ws2_32.lib
#include <winsock2.h>
#include <ws2tcpip.h>
#include <iphlpapi.h>
#include <stdio.h>
#pragma comment(lib, "iphlpapi.lib")
#pragma comment(lib, "ws2_32.lib")
#define MALLOC(x) HeapAlloc(GetProcessHeap(), 0, (x))
#define FREE(x) HeapFree(GetProcessHeap(), 0, (x))
/* Note: could also use malloc() and free() */
int main()
{
// Declare and initialize variables
PMIB_TCPTABLE pTcpTable;
DWORD dwSize = 0;
DWORD dwRetVal = 0;
char szLocalAddr[128];
char szRemoteAddr[128];
struct in_addr IpAddr;
int i;
pTcpTable = (MIB_TCPTABLE *) MALLOC(sizeof (MIB_TCPTABLE));
if (pTcpTable == NULL) {
printf("Error allocating memory\n");
return 1;
}
dwSize = sizeof (MIB_TCPTABLE);
// Make an initial call to GetTcpTable to
// get the necessary size into the dwSize variable
if ((dwRetVal = GetTcpTable(pTcpTable, &dwSize, TRUE)) ==
ERROR_INSUFFICIENT_BUFFER) {
FREE(pTcpTable);
pTcpTable = (MIB_TCPTABLE *) MALLOC(dwSize);
if (pTcpTable == NULL) {
printf("Error allocating memory\n");
return 1;
}
}
// Make a second call to GetTcpTable to get
// the actual data we require
if ((dwRetVal = GetTcpTable(pTcpTable, &dwSize, TRUE)) == NO_ERROR) {
printf("\tNumber of entries: %d\n", (int) pTcpTable->dwNumEntries);
for (i = 0; i < (int) pTcpTable->dwNumEntries; i++) {
IpAddr.S_un.S_addr = (u_long) pTcpTable->table[i].dwLocalAddr;
strcpy_s(szLocalAddr, sizeof (szLocalAddr), inet_ntoa(IpAddr));
IpAddr.S_un.S_addr = (u_long) pTcpTable->table[i].dwRemoteAddr;
strcpy_s(szRemoteAddr, sizeof (szRemoteAddr), inet_ntoa(IpAddr));
printf("\n\tTCP[%d] State: %ld - ", i,
pTcpTable->table[i].dwState);
switch (pTcpTable->table[i].dwState) {
case MIB_TCP_STATE_CLOSED:
printf("CLOSED\n");
break;
case MIB_TCP_STATE_LISTEN:
printf("LISTEN\n");
break;
case MIB_TCP_STATE_SYN_SENT:
printf("SYN-SENT\n");
break;
case MIB_TCP_STATE_SYN_RCVD:
printf("SYN-RECEIVED\n");
break;
case MIB_TCP_STATE_ESTAB:
printf("ESTABLISHED\n");
break;
case MIB_TCP_STATE_FIN_WAIT1:
printf("FIN-WAIT-1\n");
break;
case MIB_TCP_STATE_FIN_WAIT2:
printf("FIN-WAIT-2 \n");
break;
case MIB_TCP_STATE_CLOSE_WAIT:
printf("CLOSE-WAIT\n");
break;
case MIB_TCP_STATE_CLOSING:
printf("CLOSING\n");
break;
case MIB_TCP_STATE_LAST_ACK:
printf("LAST-ACK\n");
break;
case MIB_TCP_STATE_TIME_WAIT:
printf("TIME-WAIT\n");
break;
case MIB_TCP_STATE_DELETE_TCB:
printf("DELETE-TCB\n");
break;
default:
printf("UNKNOWN dwState value\n");
break;
}
printf("\tTCP[%d] Local Addr: %s\n", i, szLocalAddr);
printf("\tTCP[%d] Local Port: %d \n", i,
ntohs((u_short)pTcpTable->table[i].dwLocalPort));
printf("\tTCP[%d] Remote Addr: %s\n", i, szRemoteAddr);
printf("\tTCP[%d] Remote Port: %d\n", i,
ntohs((u_short)pTcpTable->table[i].dwRemotePort));
}
} else {
printf("\tGetTcpTable failed with %d\n", dwRetVal);
FREE(pTcpTable);
return 1;
}
if (pTcpTable != NULL) {
FREE(pTcpTable);
pTcpTable = NULL;
}
return 0;
}
IPv6的TCP连接表获取
#ifndef UNICODE
#define UNICODE
#endif
#include <winsock2.h>
#include <ws2tcpip.h>
#include <iphlpapi.h>
#include <stdio.h>
// Need to link with Iphlpapi.lib and Ws2_32.lib
#pragma comment(lib, "iphlpapi.lib")
#pragma comment(lib, "ws2_32.lib")
#define MALLOC(x) HeapAlloc(GetProcessHeap(), 0, (x))
#define FREE(x) HeapFree(GetProcessHeap(), 0, (x))
/* Note: could also use malloc() and free() */
int wmain()
{
// Declare and initialize variables
PMIB_TCP6TABLE pTcpTable;
DWORD dwSize = 0;
DWORD dwRetVal = 0;
wchar_t ipstringbuffer[46];
int i;
pTcpTable = (MIB_TCP6TABLE *) MALLOC(sizeof (MIB_TCP6TABLE));
if (pTcpTable == NULL) {
wprintf(L"Error allocating memory\n");
return 1;
}
dwSize = sizeof (MIB_TCP6TABLE);
// Make an initial call to GetTcp6Table to
// get the necessary size into the dwSize variable
if ((dwRetVal = GetTcp6Table(pTcpTable, &dwSize, TRUE)) ==
ERROR_INSUFFICIENT_BUFFER) {
FREE(pTcpTable);
pTcpTable = (MIB_TCP6TABLE *) MALLOC(dwSize);
if (pTcpTable == NULL) {
wprintf(L"Error allocating memory\n");
return 1;
}
}
// Make a second call to GetTcp6Table to get
// the actual data we require
if ((dwRetVal = GetTcp6Table(pTcpTable, &dwSize, TRUE)) == NO_ERROR) {
wprintf(L"\tNumber of entries: %d\n", (int) pTcpTable->dwNumEntries);
for (i = 0; i < (int) pTcpTable->dwNumEntries; i++) {
wprintf(L"\n\tTCP[%d] State: %ld - ", i,
pTcpTable->table[i].State);
switch (pTcpTable->table[i].State) {
case MIB_TCP_STATE_CLOSED:
wprintf(L"CLOSED\n");
break;
case MIB_TCP_STATE_LISTEN:
wprintf(L"LISTEN\n");
break;
case MIB_TCP_STATE_SYN_SENT:
wprintf(L"SYN-SENT\n");
break;
case MIB_TCP_STATE_SYN_RCVD:
wprintf(L"SYN-RECEIVED\n");
break;
case MIB_TCP_STATE_ESTAB:
wprintf(L"ESTABLISHED\n");
break;
case MIB_TCP_STATE_FIN_WAIT1:
wprintf(L"FIN-WAIT-1\n");
break;
case MIB_TCP_STATE_FIN_WAIT2:
wprintf(L"FIN-WAIT-2 \n");
break;
case MIB_TCP_STATE_CLOSE_WAIT:
wprintf(L"CLOSE-WAIT\n");
break;
case MIB_TCP_STATE_CLOSING:
wprintf(L"CLOSING\n");
break;
case MIB_TCP_STATE_LAST_ACK:
wprintf(L"LAST-ACK\n");
break;
case MIB_TCP_STATE_TIME_WAIT:
wprintf(L"TIME-WAIT\n");
break;
case MIB_TCP_STATE_DELETE_TCB:
wprintf(L"DELETE-TCB\n");
break;
default:
wprintf(L"UNKNOWN dwState value\n");
break;
}
if (InetNtop(AF_INET6, &pTcpTable->table[i].LocalAddr, ipstringbuffer, 46) == NULL)
wprintf(L" InetNtop function failed for local IPv6 address\n");
else
wprintf(L"\tTCP[%d] Local Addr: %s\n", i, ipstringbuffer);
wprintf(L"\tTCP[%d] Local Scope ID: %d \n", i,
ntohl (pTcpTable->table[i].dwLocalScopeId));
wprintf(L"\tTCP[%d] Local Port: %d \n", i,
ntohs((u_short)pTcpTable->table[i].dwLocalPort));
if (InetNtop(AF_INET6, &pTcpTable->table[i].RemoteAddr, ipstringbuffer, 46) == NULL)
wprintf(L" InetNtop function failed for remote IPv6 address\n");
else
wprintf(L"\tTCP[%d] Remote Addr: %s\n", i, ipstringbuffer);
wprintf(L"\tTCP[%d] Remote Scope ID: %d \n", i,
ntohl(pTcpTable->table[i].dwRemoteScopeId));
wprintf(L"\tTCP[%d] Remote Port: %d\n", i,
ntohs((u_short)pTcpTable->table[i].dwRemotePort));
}
} else {
wprintf(L"\tGetTcp6Table failed with %d\n", dwRetVal);
FREE(pTcpTable);
return 1;
}
if (pTcpTable != NULL) {
FREE(pTcpTable);
pTcpTable = NULL;
}
return 0;
}