Watch, Follow, &
Connect with Us

For forums, blogs and more please visit our
Developer Tools Community.


Welcome, Guest
Guest Settings
Help

Thread: Use of GetExtendedTcpTable got it working



Permlink Replies: 0
Colin Maharaj

Posts: 122
Registered: 12/2/99
Use of GetExtendedTcpTable got it working
Click to report abuse...   Click to reply to this thread Reply
  Posted: Oct 17, 2014 4:56 AM
Did the work this morning and replaced all the deprecated stuff,

FYI.....

//------------------------------------------------------------/
// Did not make the UDP Version yet. See code way below..
//------------------------------------------------------------/
AnsiString EnumerateTCP();

//------------------------------------------------------------/
// Paste this to a TMemo in a button handler
//------------------------------------------------------------/

AnsiString ShowNetstat()
{
AnsiString A = EnumerateTCP(); // A plus equal enum udp
return A;
}

//------------------------------------------------------------/
// Stuff that should be placed in a header
//------------------------------------------------------------/

// well maybe put an external reference to this one in the header

static char TcpState[][32] =
{
"???",
"CLOSED",
"LISTEN",
"SYN_SENT",
"SYN_RCVD",
"CONNECT",
"FIN_WAIT1",
"FIN_WAIT2",
"CLOSE_WAIT",
"CLOSING",
"LAST_ACK",
"TIME_WAIT",
"DELETE_TCB"
};

typedef enum
{
TCP_TABLE_BASIC_LISTENER,
TCP_TABLE_BASIC_CONNECTIONS,
TCP_TABLE_BASIC_ALL,
TCP_TABLE_OWNER_PID_LISTENER,
TCP_TABLE_OWNER_PID_CONNECTIONS,
TCP_TABLE_OWNER_PID_ALL,
TCP_TABLE_OWNER_MODULE_LISTENER,
TCP_TABLE_OWNER_MODULE_CONNECTIONS,
TCP_TABLE_OWNER_MODULE_ALL
}
TCP_TABLE_CLASS, *PTCP_TABLE_CLASS;

typedef struct _MIB_TCPROW_OWNER_PID
{
DWORD dwState;
DWORD dwLocalAddr;
DWORD dwLocalPort;
DWORD dwRemoteAddr;
DWORD dwRemotePort;
DWORD dwOwningPid;
} MIB_TCPROW_OWNER_PID, *PMIB_TCPROW_OWNER_PID;

typedef struct
{
DWORD dwNumEntries;
MIB_TCPROW_OWNER_PID table[ANY_SIZE];
} MIB_TCPTABLE_OWNER_PID, *PMIB_TCPTABLE_OWNER_PID;

//------------------------------------------------------------/
// Pointer to functions
//------------------------------------------------------------/

HANDLE (WINAPI *p_CreateToolhelp32Snapshot)(
DWORD dwFlags,
DWORD th32ProcessID
);

BOOL (WINAPI *p_Process32First)(
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);

BOOL (WINAPI *p_Process32Next)(
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);

DWORD (WINAPI *p_GetExtendedTcpTable)(
PVOID pTcpTable,
PDWORD pdwSize,
BOOL bOrder,
ULONG ulAf,
TCP_TABLE_CLASS TableClass,
ULONG Reserved
);

//---------------------------------------------------------------/
// Get a process name by comparing it with a list of process IDs
//---------------------------------------------------------------/

PCHAR ProcessPidToName(HANDLE hProcessSnap,DWORD ProcessId,
PCHAR ProcessName)
{
PROCESSENTRY32 processEntry;

processEntry.dwSize = sizeof( processEntry );
strcpy( ProcessName, "???" );
if( !p_Process32First( hProcessSnap, &processEntry ))
{
return ProcessName;
}
do
{
if( processEntry.th32ProcessID == ProcessId )
{
strcpy( ProcessName, processEntry.szExeFile );
return ProcessName;
}
}
while( p_Process32Next( hProcessSnap, &processEntry ));
return ProcessName;
}

//---------------------------------------------------------------/
// Actual net stat code for TCP
//---------------------------------------------------------------/

AnsiString EnumerateTCP()
{
char *crlf = "\r\n";
char *comma = ",";

HINSTANCE iphlpapi_dll = LoadLibrary("iphlpapi.dll");
HINSTANCE kernel32_dll = LoadLibrary("kernel32.dll");

(PVOID) p_GetExtendedTcpTable = GetProcAddress(iphlpapi_dll, "GetExtendedTcpTable" );
(PVOID) p_CreateToolhelp32Snapshot = GetProcAddress( kernel32_dll,"CreateToolhelp32Snapshot" );
(PVOID) p_Process32First = GetProcAddress( kernel32_dll,"Process32First" );
(PVOID) p_Process32Next = GetProcAddress( kernel32_dll, "Process32Next" );

char *buffer=NULL;
DWORD dwSize = sizeof(MIB_TCPTABLE_OWNER_PID);
DWORD dwRetValue = 0;

// Creates a snapshot of the current running processes.
HANDLE hProcessSnap = p_CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );

do
{
if (buffer) { dwSize += sizeof(MIB_TCPTABLE_OWNER_PID); delete [] buffer; }
buffer = new char [dwSize];
dwRetValue = p_GetExtendedTcpTable(buffer, &dwSize, TRUE, AF_INET, TCP_TABLE_OWNER_PID_ALL, 0);
}
while( dwRetValue == ERROR_INSUFFICIENT_BUFFER);

AnsiString B="",A="";
struct in_addr inAddr;

if(dwRetValue == ERROR_SUCCESS)
{
// cast to access element values
PMIB_TCPTABLE_OWNER_PID ptTable = reinterpret_cast<PMIB_TCPTABLE_OWNER_PID>(buffer);
char szLocalAddr[128];
char szRemoteAddr[128];
char processName[MAX_PATH];

for (DWORD i = 0; i < ptTable->dwNumEntries; i++)
{
inAddr.S_un.S_addr = (u_long)ptTable->table[i].dwLocalAddr;
strncpy(szLocalAddr, inet_ntoa(inAddr), sizeof (szLocalAddr));
inAddr.S_un.S_addr = (u_long)ptTable->table[i].dwRemoteAddr;
strncpy(szRemoteAddr, inet_ntoa(inAddr), sizeof (szLocalAddr));
ProcessPidToName(hProcessSnap, ptTable->table[i].dwOwningPid, processName);

A.printf("[TCP] %s", TcpState[ ptTable->table[i].dwState ] ); B += A;
A.printf(" LO:%s LP:%i",szLocalAddr, ptTable->table[i].dwLocalPort ); B += A;
A.printf(" RM:%s RP:%i",szRemoteAddr, ptTable->table[i].dwRemotePort); B += A;
A.printf(" PROC:%i %s", ptTable->table[i].dwOwningPid, processName); B += A;
B += crlf;
}
}

delete [] buffer;

if (hProcessSnap != INVALID_HANDLE_VALUE) CloseHandle(hProcessSnap);

FreeLibrary(iphlpapi_dll);
FreeLibrary(kernel32_dll);

return B;

}

---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com

Legend
Helpful Answer (5 pts)
Correct Answer (10 pts)

Server Response from: ETNAJIVE02