PageRenderTime 86ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/src/import/kpfw/netpop.h

https://bitbucket.org/knoss/pcmanager/
C Header | 1283 lines | 1071 code | 175 blank | 37 comment | 56 complexity | e4c472b5b689e698b3a53711b2a21934 MD5 | raw file
Possible License(s): LGPL-2.0
  1. ////////////////////////////////////////////////////////////////////////////////
  2. //
  3. // common include File for kpfw
  4. //
  5. // File : netpop.h
  6. // Version : 1.0
  7. // Comment : 定义网镖泡泡数据结构
  8. //
  9. // Create at : 2008-7-14
  10. // Create by : liupeng
  11. //
  12. ////////////////////////////////////////////////////////////////////////////////
  13. #pragma once
  14. #include "SCOM/SCOM/SCOMBase.h"
  15. #include "SCOM/SCOM/SCOMDef.h"
  16. #include "kisrpc/rfcdef.h"
  17. #include "serializetools.h"
  18. #include "netdef.h"
  19. #include "kis/kpfw/netwatch.h"
  20. #include "kis/kpfw/area.h"
  21. #include <vector>
  22. #include "strsafe.h"
  23. using namespace std;
  24. #pragma pack(push, 1)
  25. typedef enum KPFW_POP_INFO_TYPE
  26. {
  27. emPop_None = 0, //一般不传这种类型
  28. emPop_App_Info = 1, //发现新的程序,模块访问网络(强泡泡) *
  29. emPop_Arp_Info = 2, //arp攻击(弱泡泡)
  30. emPop_Newnet_Info = 3, //发现新区域(强泡泡) *
  31. emPop_Virus = 4, //发现病毒,恶意程序(弱泡泡)
  32. emPop_PacketFilter = 5, //包过滤(弱泡泡)
  33. emPop_NetAreaChange = 6, //区域更改(弱泡泡)
  34. emPop_ActiveDefend = 7, //动态防御(弱泡泡)
  35. emPop_MSNDecrypt = 8, //msn加密(弱泡泡)
  36. emPop_SvrError = 9, //服务错误(弱泡泡)
  37. emPop_AutoTrust = 10, //可信认证放行程序(弱泡泡)
  38. emPop_UpdateComplete = 11, //升级完成
  39. emPop_enable_MSNDecrypt = 12, // 是否启用msn加密(强泡泡)
  40. emPop_App_Deny = 13, // 应用程序访问网络被禁止
  41. }KpfwPopType;
  42. typedef enum KPFW_APP_POP_RES
  43. {
  44. enumPR_None = 0,
  45. enumPR_Allow = 1,
  46. enumPR_Deny = 2,
  47. }AppPopRes;
  48. typedef enum KPFW_POP_PROTOCOL
  49. {
  50. enumKPP_TCP = 0,
  51. enumKPP_UDP = 1,
  52. enumKPP_ICMP = 2,
  53. enumKPP_IGMP = 3,
  54. }PopProtocol;
  55. typedef enum APP_POP_REASON
  56. {
  57. enumPop_Reason_None = 0,
  58. enumPop_Reason_Virus = 1,
  59. enumPop_Reason_Change = 1 << 1,
  60. enumPop_Reason_Unknown_TrustRep = 1 << 2,
  61. enumPop_Reason_Prompt = 1 << 3,
  62. enumPop_Reason_UnTrust_TrustRep = 1 << 4,
  63. }AppPopReason;
  64. typedef enum APP_DENY_REASON
  65. {
  66. enum_Allow = 0, // 允许
  67. enum_Deny_User = 1, // 规则中用户选择禁止
  68. enum_Deny_Pop = 2, // 泡泡选择禁止
  69. enum_Deny_Trust = 3, // 可信认证自动禁止
  70. enum_Deny_Pop_Rem = 4, // 记住了上次的泡泡阻止操作,本次自动阻止
  71. enum_Deny_Port = 5, // 存在被阻止的端口
  72. }AppDenyReason;
  73. struct PopInfoHeader
  74. {
  75. DWORD nSize;
  76. DWORD nPopType;
  77. };
  78. //////////////////////////////////////////////////////////////////////////
  79. interface IKPopDataSerializer
  80. {
  81. // save 接口
  82. virtual bool IsLoading() = 0;
  83. virtual int BeginTag(LPCSTR childName) = 0;
  84. virtual int EndTag(LPCSTR childName) = 0;
  85. virtual int AddPop(LPCSTR popName, LPCSTR val) = 0;
  86. virtual int AddPop(LPCSTR popName, INT val) = 0;
  87. virtual int AddPop(LPCSTR popName, LONG val) = 0;
  88. virtual int AddPop(LPCSTR popName, LPCWSTR val) = 0;
  89. virtual INT GetProp(LPCSTR propName, INT& val) = 0;
  90. virtual INT GetProp(LPCSTR propName, ATL::CString& val) = 0;
  91. };
  92. interface IKPopData
  93. {
  94. virtual bin_archive& Serialize(bin_archive &_serializer) = 0;
  95. virtual int Serialize(IKPopDataSerializer* _serializer) = 0;
  96. virtual size_t GetSeriSize() = 0;
  97. };
  98. inline void SerializeMac(IKPopDataSerializer* _serializer, LPCSTR propName, BYTE mac[6])
  99. {
  100. char buf[32] = {0};
  101. StringCchPrintfA(buf, 32, "%02x:02x:02x:02x:02x:02x", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
  102. // sprintf(buf, "%02x:02x:02x:02x:02x:02x", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
  103. _serializer->AddPop(propName, buf);
  104. }
  105. inline void SerializeIp(IKPopDataSerializer* _serializer, LPCSTR propName, ULONG nIp)
  106. {
  107. char buf[32] = {0};
  108. BYTE* pBuf = (BYTE*)&nIp;
  109. StringCchPrintfA(buf, 32, "%d.%d.%d.%d", pBuf[0], pBuf[1], pBuf[2], pBuf[3]);
  110. _serializer->AddPop(propName, buf);
  111. }
  112. inline void SerializeGUID(IKPopDataSerializer* _serializer, LPCSTR propName, GUID& val)
  113. {
  114. char buf[256] = {0};
  115. StringCchPrintfA(buf, 256, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", val.Data1, val.Data2, val.Data3, val.Data4[0], val.Data4[1],
  116. val.Data4[2], val.Data4[3], val.Data4[4], val.Data4[5], val.Data4[6], val.Data4[7] );
  117. _serializer->AddPop(propName, buf);
  118. }
  119. inline void SerializeIpRange(IKPopDataSerializer* _serializer, LPCSTR propName, KIPRange& val)
  120. {
  121. _serializer->BeginTag(propName);
  122. SerializeIp(_serializer, "start_ip", val.ipStart);
  123. SerializeIp(_serializer, "end_ip", val.ipEnd);
  124. _serializer->EndTag(propName);
  125. }
  126. inline void SerializeIPLOG_EXTRADATA(IKPopDataSerializer* _serializer, int nProtocol, LPCSTR propName, IPLOG_EXTRADATA& val)
  127. {
  128. switch (nProtocol)
  129. {
  130. case enumPT_TCP:
  131. {
  132. _serializer->BeginTag("TCP_DATA");
  133. _serializer->AddPop("local_port", val.TCP_DATA.LocalPort);
  134. _serializer->AddPop("remote_port", val.TCP_DATA.RemotePort);
  135. _serializer->AddPop("tcp_flag", val.TCP_DATA.byTcpFlags);
  136. _serializer->EndTag("TCP_DATA");
  137. }
  138. break;
  139. case enumPT_UDP:
  140. {
  141. _serializer->BeginTag("UDP_DATA");
  142. _serializer->AddPop("local_port", val.UDP_DATA.LocalPort);
  143. _serializer->AddPop("remote_port", val.UDP_DATA.RemotePort);
  144. _serializer->EndTag("UDP_DATA");
  145. }
  146. break;
  147. case enumPT_ICMP:
  148. {
  149. _serializer->BeginTag("ICMP_DATA");
  150. _serializer->AddPop("code", val.ICMP_DATA.byCode);
  151. _serializer->AddPop("type", val.ICMP_DATA.byType);
  152. _serializer->EndTag("ICMP_DATA");
  153. }
  154. break;
  155. case enumPT_IGMP:
  156. {
  157. }
  158. break;
  159. case enumPT_IP:
  160. break;
  161. }
  162. }
  163. inline void SerializeAppRequest(IKPopDataSerializer* _serializer, int nProtocol, LPCSTR propName, APP_REQUEST_INFO& val)
  164. {
  165. _serializer->BeginTag("APP_REQUEST_INFO");
  166. _serializer->AddPop("RequestProtocol", (int)val.nRequestProtocol);
  167. _serializer->AddPop("nRequestType", (int)val.nRequestType);
  168. _serializer->AddPop("ProcessId", (int)val.dwProcessId);
  169. _serializer->AddPop("ThreadId", (int)val.dwThreadId);
  170. switch (val.nRequestType)
  171. {
  172. case ART_TrustUrl:
  173. {
  174. _serializer->BeginTag("TrustUrlInfo");
  175. _serializer->AddPop("host", val.Parameters.TrustUrl.szHost);
  176. _serializer->AddPop("url", val.Parameters.TrustUrl.szUrl);
  177. _serializer->EndTag("TrustUrlInfo");
  178. }
  179. break;
  180. case ART_FileChanged:
  181. {
  182. }
  183. break;
  184. case ART_PacketRecord:
  185. break;
  186. default:
  187. {
  188. switch (val.nRequestProtocol)
  189. {
  190. case enumPT_LANMAN:
  191. {
  192. _serializer->BeginTag("LanMonInfo");
  193. _serializer->AddPop("path", val.Parameters.LanMan.wsPath);
  194. _serializer->EndTag("LanMonInfo");
  195. }
  196. break;
  197. default:
  198. {
  199. _serializer->BeginTag("TdiInfo");
  200. SerializeIp(_serializer, "RemoteAddress", val.Parameters.TDI.dwRemoteAddress);
  201. _serializer->AddPop("uRemoteAddress", (LONG)val.Parameters.TDI.dwRemoteAddress);
  202. _serializer->AddPop("RemotePort", val.Parameters.TDI.wRemotePort);
  203. SerializeIp(_serializer, "LocalAddress", val.Parameters.TDI.dwLocalAddress);
  204. _serializer->AddPop("uLocalAddress", (LONG)val.Parameters.TDI.dwLocalAddress);
  205. _serializer->AddPop("LocalPort", val.Parameters.TDI.wLocalPort);
  206. _serializer->AddPop("PacketDir", (int)val.Parameters.TDI.uDataLen);
  207. _serializer->EndTag("TdiInfo");
  208. }
  209. }
  210. }
  211. break;
  212. }
  213. _serializer->EndTag("APP_REQUEST_INFO");
  214. }
  215. //////////////////////////////////////////////////////////////////////////
  216. // 应用程序访问网络泡泡
  217. class KPopModuleInfo : public IKPopData
  218. {
  219. private:
  220. ATL::CString m_strPath;
  221. ATL::CString m_strDesc;
  222. INT m_nPopReason; // 当使用在应用程序询问泡泡上时类型:AppPopReason,
  223. // 当使用在应用程序阻止泡泡上是类型:AppDenyReason
  224. DWORD m_nTrustMode;
  225. DWORD m_nUserMode;
  226. public:
  227. KPopModuleInfo(): m_nPopReason(0),m_nTrustMode(0),m_nUserMode(0) {}
  228. KPopModuleInfo(LPCWSTR strPath, LPCWSTR strDesc, INT nPopReason, DWORD nUserMode, DWORD nTrustMode)
  229. {
  230. m_strPath = strPath;
  231. m_strDesc = strDesc;
  232. m_nPopReason = nPopReason;
  233. m_nUserMode = nUserMode;
  234. m_nTrustMode = nTrustMode;
  235. }
  236. ~KPopModuleInfo() {}
  237. void Init(LPCWSTR strPath ,INT nReason, LPCWSTR strDesc)
  238. {
  239. m_strPath = strPath;
  240. m_nPopReason = nReason;
  241. m_strDesc = strDesc;
  242. }
  243. void SetMode(DWORD nTrustMode, DWORD nUserMode)
  244. {
  245. m_nTrustMode = nTrustMode;
  246. m_nUserMode = nUserMode;
  247. }
  248. void SetUserMode(DWORD nUserMode)
  249. {
  250. m_nUserMode = nUserMode;
  251. }
  252. ATL::CString& GetPath() { return m_strPath; }
  253. ATL::CString& GetDesc() { return m_strDesc; }
  254. INT GetPopReason() { return m_nPopReason; }
  255. DWORD GetTrustMode() { return m_nTrustMode; }
  256. DWORD GetUserMode() { return m_nUserMode; }
  257. size_t GetSeriSize()
  258. {
  259. size_t nSize = 0;
  260. nSize += TypeSize::get_size(m_strPath);
  261. nSize += TypeSize::get_size(m_strDesc);
  262. nSize += sizeof(m_nPopReason) + sizeof(m_nTrustMode) + sizeof(m_nUserMode);
  263. return nSize;
  264. }
  265. bin_archive& Serialize(bin_archive &_serializer)
  266. {
  267. if(_serializer.is_loading())
  268. {
  269. _serializer >> m_strPath;
  270. _serializer >> m_strDesc;
  271. _serializer >> m_nPopReason;
  272. _serializer >> m_nTrustMode;
  273. _serializer >> m_nUserMode;
  274. }
  275. else
  276. {
  277. _serializer << m_strPath;
  278. _serializer << m_strDesc;
  279. _serializer << m_nPopReason;
  280. _serializer << m_nTrustMode;
  281. _serializer << m_nUserMode;
  282. }
  283. return _serializer;
  284. }
  285. virtual int Serialize(IKPopDataSerializer* _serializer)
  286. {
  287. if (!_serializer->IsLoading())
  288. {
  289. _serializer->BeginTag("KPopModuleInfo");
  290. _serializer->AddPop("Path", m_strPath);
  291. _serializer->AddPop("Desc", m_strDesc);
  292. _serializer->AddPop("PopReason", m_nPopReason);
  293. _serializer->AddPop("TrustMode", (int)m_nTrustMode);
  294. _serializer->AddPop("UserMode", (int)m_nUserMode);
  295. _serializer->EndTag("KPopModuleInfo");
  296. }
  297. return 0;
  298. }
  299. };
  300. class KPopAppInfo: public IKPopData
  301. {
  302. public:
  303. KPopAppInfo(): m_pExeInfo(NULL),m_ePopRes(enumPR_None), m_bRemember(FALSE) {
  304. memset(&m_RequestInfo, 0, sizeof(m_RequestInfo));
  305. }
  306. ~KPopAppInfo() {
  307. Clear();
  308. }
  309. ATL::CString& GetExePath()
  310. {
  311. if (m_pExeInfo)
  312. return m_pExeInfo->GetPath();
  313. static ATL::CString tmp(TEXT(""));
  314. return tmp;
  315. }
  316. INT GetDllCnt()
  317. {
  318. return (INT)m_dllInfos.size();
  319. }
  320. KPopModuleInfo* GetExeInfo() { return m_pExeInfo; }
  321. KPopModuleInfo* GetDllInfo(INT i)
  322. {
  323. return m_dllInfos[i];
  324. }
  325. ATL::CString& GetDllPath(INT i)
  326. {
  327. return m_dllInfos[i]->GetPath();
  328. }
  329. KPopModuleInfo* AddExePath(LPCWSTR str, INT nReason, LPCWSTR strDesc)
  330. {
  331. ASSERT(!m_pExeInfo);
  332. if (!m_pExeInfo)
  333. {
  334. m_pExeInfo = new KPopModuleInfo();
  335. m_pExeInfo->Init(str, nReason, strDesc);
  336. return m_pExeInfo;
  337. }
  338. return NULL;
  339. }
  340. KPopModuleInfo* AddDllPath(LPCWSTR str, INT nReason, LPCWSTR strDesc)
  341. {
  342. KPopModuleInfo* pDllInfo = new KPopModuleInfo();
  343. pDllInfo->Init(str, nReason, strDesc);
  344. m_dllInfos.push_back(pDllInfo);
  345. return pDllInfo;
  346. }
  347. DWORD GetProcessID()
  348. {
  349. return m_RequestInfo.dwProcessId;
  350. }
  351. VOID SetRequestInfo(PAPP_REQUEST_INFO pInfo)
  352. {
  353. if (pInfo)
  354. m_RequestInfo = *pInfo;
  355. }
  356. PAPP_REQUEST_INFO GetRequestInfo()
  357. {
  358. return &m_RequestInfo;
  359. }
  360. AppPopRes GetPopRes()
  361. {
  362. return (AppPopRes)m_ePopRes;
  363. }
  364. void SetPopRes(AppPopRes res)
  365. {
  366. m_ePopRes = (DWORD)res;
  367. }
  368. BOOL GetRemember()
  369. {
  370. return m_bRemember;
  371. }
  372. VOID SetRemember(BOOL b)
  373. {
  374. m_bRemember = b;
  375. }
  376. virtual int Serialize(IKPopDataSerializer* _serializer)
  377. {
  378. if (!_serializer->IsLoading())
  379. {
  380. _serializer->BeginTag("KPopAppInfo");
  381. SerializeAppRequest(_serializer, 0, "", m_RequestInfo);
  382. _serializer->BeginTag("ExeInfo");
  383. if (m_pExeInfo)
  384. m_pExeInfo->Serialize(_serializer);
  385. _serializer->EndTag("ExeInfo");
  386. _serializer->BeginTag("DllInfo");
  387. for (size_t i = 0; i < m_dllInfos.size(); i++)
  388. {
  389. m_dllInfos[i]->Serialize(_serializer);
  390. }
  391. _serializer->EndTag("DllInfo");
  392. _serializer->EndTag("KPopAppInfo");
  393. }
  394. else
  395. {
  396. INT nVal = 0;
  397. _serializer->GetProp("PopRes", nVal);
  398. m_ePopRes = nVal;
  399. nVal = 0;
  400. _serializer->GetProp("Remember", nVal);
  401. m_bRemember = nVal;
  402. }
  403. return 0;
  404. }
  405. bin_archive& Serialize(bin_archive &_serializer)
  406. {
  407. if(_serializer.is_loading())
  408. {
  409. Clear();
  410. _serializer >> m_ePopRes;
  411. _serializer >> m_bRemember;
  412. _serializer.read(&m_RequestInfo, sizeof(m_RequestInfo), 1);
  413. m_pExeInfo = new KPopModuleInfo();
  414. m_pExeInfo->Serialize(_serializer);
  415. INT nCnt = 0;
  416. _serializer >> nCnt;
  417. for (int i = 0; i < nCnt; i++)
  418. {
  419. KPopModuleInfo* pDllInfo = new KPopModuleInfo;
  420. pDllInfo->Serialize(_serializer);
  421. m_dllInfos.push_back(pDllInfo);
  422. }
  423. }
  424. else
  425. {
  426. ASSERT(m_pExeInfo);
  427. // 先序列化常规参数
  428. _serializer << m_ePopRes;
  429. _serializer << m_bRemember;
  430. _serializer.write(&m_RequestInfo, sizeof(m_RequestInfo), 1);
  431. m_pExeInfo->Serialize(_serializer);
  432. INT nCnt = (int)m_dllInfos.size();
  433. _serializer << nCnt;
  434. for (int i = 0; i < nCnt; i++)
  435. m_dllInfos[i]->Serialize(_serializer);
  436. }
  437. return _serializer;
  438. }
  439. size_t GetSeriSize()
  440. {
  441. size_t nSize = 0;
  442. nSize += sizeof(m_ePopRes) + sizeof(m_bRemember) + sizeof(m_RequestInfo);
  443. nSize += m_pExeInfo->GetSeriSize();
  444. INT nCnt = (int)m_dllInfos.size();
  445. nSize += sizeof(nCnt);
  446. for (int i = 0; i < nCnt; i++)
  447. nSize += m_dllInfos[i]->GetSeriSize();
  448. return nSize;
  449. }
  450. private:
  451. void Clear()
  452. {
  453. if (m_pExeInfo)
  454. {
  455. delete m_pExeInfo;
  456. m_pExeInfo = NULL;
  457. }
  458. for (int i = 0; i < (int)m_dllInfos.size(); i++)
  459. {
  460. delete m_dllInfos[i];
  461. }
  462. m_dllInfos.clear();
  463. }
  464. private:
  465. DWORD m_ePopRes;
  466. BOOL m_bRemember;
  467. APP_REQUEST_INFO m_RequestInfo;
  468. KPopModuleInfo* m_pExeInfo;
  469. vector<KPopModuleInfo*> m_dllInfos;
  470. };
  471. //////////////////////////////////////////////////////////////////////////
  472. // 自动放行规则
  473. class KAutoTrustInfo : public IKPopData
  474. {
  475. public:
  476. KAutoTrustInfo()
  477. {
  478. }
  479. ~KAutoTrustInfo()
  480. {}
  481. KAutoTrustInfo( ATL::CString& strFileName )
  482. {
  483. m_strFileName = strFileName;
  484. }
  485. KAutoTrustInfo( LPCTSTR pszFileName )
  486. {
  487. m_strFileName = pszFileName;
  488. }
  489. void GetFileName( ATL::CString& strFileName )
  490. {
  491. strFileName = m_strFileName;
  492. }
  493. virtual int Serialize(IKPopDataSerializer* _serializer)
  494. {
  495. if (!_serializer->IsLoading())
  496. {
  497. _serializer->BeginTag("KAutoTrustInfo");
  498. _serializer->AddPop("FileName", m_strFileName);
  499. _serializer->EndTag("KAutoTrustInfo");
  500. }
  501. return 0;
  502. }
  503. bin_archive& Serialize(bin_archive &_serializer)
  504. {
  505. if(_serializer.is_loading())
  506. {
  507. _serializer >> m_strFileName;
  508. }
  509. else
  510. {
  511. _serializer << m_strFileName;
  512. }
  513. return _serializer;
  514. }
  515. size_t GetSeriSize()
  516. {
  517. size_t nSize = 0;
  518. nSize += TypeSize::get_size( m_strFileName );
  519. return nSize;
  520. }
  521. private:
  522. ATL::CString m_strFileName;
  523. };
  524. //////////////////////////////////////////////////////////////////////////
  525. // 包过滤泡泡
  526. class KPacketFilterInfo : public IKPopData
  527. {
  528. private:
  529. LOG_IP_RULE m_logInfo;
  530. public:
  531. KPacketFilterInfo()
  532. {}
  533. KPacketFilterInfo( PLOG_IP_RULE rule)
  534. {
  535. m_logInfo = *rule;
  536. }
  537. ~KPacketFilterInfo()
  538. {}
  539. PLOG_IP_RULE GetLogInfo()
  540. {
  541. return &m_logInfo;
  542. }
  543. virtual int Serialize(IKPopDataSerializer* _serializer)
  544. {
  545. if (!_serializer->IsLoading())
  546. {
  547. _serializer->BeginTag("KPacketFilterInfo");
  548. _serializer->BeginTag("LOG_IP_RULE");
  549. SerializeGUID(_serializer, "id", m_logInfo.id);
  550. _serializer->AddPop("count", (int)m_logInfo.nCount);
  551. _serializer->AddPop("protocol", m_logInfo.byProtocolType);
  552. SerializeIp(_serializer, "LocalAddr", ntohl( (unsigned int) m_logInfo.LocalAddr ) );
  553. SerializeIp(_serializer, "RemoteAddr", ntohl( (unsigned int) m_logInfo.RemoteAddr ) );
  554. _serializer->AddPop("Direction", (int)m_logInfo.byDirection);
  555. _serializer->AddPop("Operation", (int)m_logInfo.nOperation);
  556. _serializer->AddPop("AttackType", (int)m_logInfo.nAttackType);
  557. SerializeIPLOG_EXTRADATA(_serializer, m_logInfo.byProtocolType, "", m_logInfo.ExtraInfo);
  558. _serializer->EndTag("LOG_IP_RULE");
  559. _serializer->EndTag("KPacketFilterInfo");
  560. }
  561. return 0;
  562. }
  563. bin_archive& Serialize(bin_archive &_serializer)
  564. {
  565. if(_serializer.is_loading())
  566. {
  567. _serializer >> m_logInfo;
  568. }
  569. else
  570. {
  571. _serializer << m_logInfo;
  572. }
  573. return _serializer;
  574. }
  575. size_t GetSeriSize()
  576. {
  577. size_t nSize = 0;
  578. nSize += sizeof( m_logInfo );
  579. return nSize;
  580. }
  581. private:
  582. };
  583. //////////////////////////////////////////////////////////////////////////
  584. // 发现病毒泡泡
  585. class KFindVirusInfo : public IKPopData
  586. {
  587. public:
  588. KFindVirusInfo()
  589. {}
  590. KFindVirusInfo ( ATL::CString& strFileName, ATL::CString& strVirusName )
  591. {
  592. m_strFileName = strFileName;
  593. m_strVirusName = strVirusName;
  594. }
  595. KFindVirusInfo ( LPCTSTR strFileName, LPCTSTR strVirusName )
  596. {
  597. m_strFileName = strFileName;
  598. m_strVirusName = strVirusName;
  599. }
  600. bool operator == (const KFindVirusInfo& info)
  601. {
  602. if (info.m_strFileName != m_strFileName)
  603. return false;
  604. if (info.m_strVirusName != m_strVirusName)
  605. return false;
  606. return true;
  607. }
  608. ~KFindVirusInfo ()
  609. {}
  610. void GetFileName( ATL::CString& strFileName )
  611. {
  612. strFileName = m_strFileName;
  613. }
  614. void GetVirusName( ATL::CString& strVirusName )
  615. {
  616. strVirusName = m_strVirusName;
  617. }
  618. virtual int Serialize(IKPopDataSerializer* _serializer)
  619. {
  620. if (!_serializer->IsLoading())
  621. {
  622. _serializer->BeginTag("KFindVirusInfo");
  623. _serializer->AddPop("FileName", m_strFileName);
  624. _serializer->AddPop("VirusName", m_strVirusName);
  625. _serializer->EndTag("KFindVirusInfo");
  626. }
  627. return 0;
  628. }
  629. bin_archive& Serialize(bin_archive &_serializer)
  630. {
  631. if(_serializer.is_loading())
  632. {
  633. _serializer >> m_strFileName;
  634. _serializer >> m_strVirusName;
  635. }
  636. else
  637. {
  638. _serializer << m_strFileName;
  639. _serializer << m_strVirusName;
  640. }
  641. return _serializer;
  642. }
  643. size_t GetSeriSize()
  644. {
  645. size_t nSize = 0;
  646. nSize += TypeSize::get_size( m_strFileName ) ;
  647. nSize += TypeSize::get_size( m_strVirusName ) ;
  648. return nSize;
  649. }
  650. private:
  651. ATL::CString m_strFileName;
  652. ATL::CString m_strVirusName;
  653. };
  654. class KFindVirusInfoVec: public IKPopData
  655. {
  656. private:
  657. vector<KFindVirusInfo*> m_VirusInfo;
  658. ATL::CString m_ProcessName;
  659. public:
  660. KFindVirusInfoVec() {}
  661. ~KFindVirusInfoVec() {Clear();}
  662. void SetProcessName(LPCWSTR name)
  663. {
  664. m_ProcessName = name;
  665. }
  666. ATL::CString& GetProcessName()
  667. {
  668. return m_ProcessName;
  669. }
  670. void AddInfo(LPCWSTR file ,LPCWSTR desc)
  671. {
  672. KFindVirusInfo* pInfo = new KFindVirusInfo(file, desc);
  673. m_VirusInfo.push_back(pInfo);
  674. }
  675. vector<KFindVirusInfo*>& GetVirusInfo()
  676. {
  677. return m_VirusInfo;
  678. }
  679. bool operator==(const KFindVirusInfoVec& info)
  680. {
  681. if (info.m_ProcessName != m_ProcessName)
  682. return false;
  683. if (info.m_VirusInfo.size() != m_VirusInfo.size())
  684. return false;
  685. for (int i = 0; i < (int)m_VirusInfo.size(); i++)
  686. if (!(*m_VirusInfo[i] == *info.m_VirusInfo[i]))
  687. return false;
  688. return true;
  689. }
  690. int GetCnt()
  691. {
  692. return (int)m_VirusInfo.size();
  693. }
  694. virtual int Serialize(IKPopDataSerializer* _serializer)
  695. {
  696. if (!_serializer->IsLoading())
  697. {
  698. _serializer->BeginTag("KFindVirusInfoVec");
  699. _serializer->AddPop("ProcessName", m_ProcessName);
  700. _serializer->BeginTag("VirusInfos");
  701. for (size_t i = 0; i < m_VirusInfo.size(); i++)
  702. {
  703. m_VirusInfo[i]->Serialize(_serializer);
  704. }
  705. _serializer->EndTag("VirusInfos");
  706. _serializer->EndTag("KFindVirusInfoVec");
  707. }
  708. return 0;
  709. }
  710. bin_archive& Serialize(bin_archive &_serializer)
  711. {
  712. if(_serializer.is_loading())
  713. {
  714. Clear();
  715. int nCnt = 0;
  716. _serializer >> nCnt;
  717. for (int i = 0; i < nCnt; i++)
  718. {
  719. KFindVirusInfo* pInfo = new KFindVirusInfo;
  720. pInfo->Serialize(_serializer);
  721. m_VirusInfo.push_back(pInfo);
  722. }
  723. _serializer >> m_ProcessName;
  724. }
  725. else
  726. {
  727. int nCnt = (int)m_VirusInfo.size();
  728. _serializer << nCnt;
  729. for (int i = 0; i < nCnt; i++)
  730. {
  731. m_VirusInfo[i]->Serialize(_serializer);
  732. }
  733. _serializer << m_ProcessName;
  734. }
  735. return _serializer;
  736. }
  737. size_t GetSeriSize()
  738. {
  739. size_t nSize = 0;
  740. nSize = sizeof(int);
  741. for (int i = 0; i < (int)m_VirusInfo.size(); i++)
  742. nSize += m_VirusInfo[i]->GetSeriSize();
  743. nSize += TypeSize::get_size( m_ProcessName ) ;
  744. return nSize;
  745. }
  746. private:
  747. void Clear()
  748. {
  749. for (int i = 0; i < (int)m_VirusInfo.size(); i++)
  750. delete m_VirusInfo[i];
  751. m_VirusInfo.clear();
  752. }
  753. };
  754. //////////////////////////////////////////////////////////////////////////
  755. struct PopAttackInfo
  756. {
  757. PopInfoHeader header;
  758. };
  759. //////////////////////////////////////////////////////////////////////////
  760. // arp阻止泡泡
  761. class KPopArpInfo: public IKPopData
  762. {
  763. private:
  764. ARP_EXTRA_DATA* m_pArpInfo;
  765. INT m_nType;
  766. public:
  767. KPopArpInfo(): m_pArpInfo(NULL) {}
  768. ~KPopArpInfo() { Clear(); }
  769. const ARP_EXTRA_DATA* GetArpInfo()
  770. {
  771. return m_pArpInfo;
  772. }
  773. INT GetType()
  774. {
  775. return m_nType;
  776. }
  777. void SetArpInfo(ARP_EXTRA_DATA* pInfo, int nType)
  778. {
  779. Clear();
  780. if (pInfo)
  781. {
  782. m_pArpInfo = new ARP_EXTRA_DATA;
  783. *m_pArpInfo = *pInfo;
  784. m_nType = nType;
  785. }
  786. }
  787. virtual int Serialize(IKPopDataSerializer* _serializer)
  788. {
  789. if (!_serializer->IsLoading())
  790. {
  791. _serializer->BeginTag("KPopArpInfo");
  792. _serializer->AddPop("ArpType", m_nType);
  793. _serializer->BeginTag("ARP_EXTRA_DATA");
  794. SerializeMac(_serializer, "eh_dst", m_pArpInfo->eh_dst);
  795. SerializeMac(_serializer, "eh_src", m_pArpInfo->eh_src);
  796. SerializeMac(_serializer, "arp_sha", m_pArpInfo->arp_sha);
  797. SerializeIp(_serializer, "arp_spa", m_pArpInfo->arp_spa);
  798. SerializeMac(_serializer, "arp_tha", m_pArpInfo->arp_tha);
  799. SerializeIp(_serializer, "arp_tpa", m_pArpInfo->arp_tpa);
  800. _serializer->EndTag("ARP_EXTRA_DATA");
  801. _serializer->EndTag("KPopArpInfo");
  802. }
  803. return 0;
  804. }
  805. bin_archive& Serialize(bin_archive &_serializer)
  806. {
  807. if(_serializer.is_loading())
  808. {
  809. Clear();
  810. m_pArpInfo = new ARP_EXTRA_DATA;
  811. _serializer.read(m_pArpInfo, sizeof(ARP_EXTRA_DATA), 1);
  812. _serializer >> m_nType;
  813. }
  814. else
  815. {
  816. if (m_pArpInfo)
  817. _serializer.write(m_pArpInfo, sizeof(ARP_EXTRA_DATA), 1);
  818. _serializer << m_nType;
  819. }
  820. return _serializer;
  821. }
  822. size_t GetSeriSize()
  823. {
  824. size_t nSize = 0;
  825. if (m_pArpInfo)
  826. nSize += sizeof(ARP_EXTRA_DATA);
  827. nSize += sizeof(m_nType);
  828. return nSize;
  829. }
  830. void Clear()
  831. {
  832. if (m_pArpInfo)
  833. {
  834. delete m_pArpInfo;
  835. m_pArpInfo = NULL;
  836. }
  837. }
  838. };
  839. //////////////////////////////////////////////////////////////////////////
  840. //发现新区域泡泡
  841. class KPopAreaInfo: public IKPopData
  842. {
  843. private:
  844. BYTE m_GateMac[6];
  845. long m_GateIp;
  846. int m_eRes;
  847. ATL::CString m_strAreaName;
  848. long m_nNextHome;
  849. long m_nNextOffice;
  850. long m_nNextUnknown;
  851. public:
  852. KPopAreaInfo(): m_eRes(enumAT_Unknown), m_GateIp(0)
  853. {
  854. }
  855. ~KPopAreaInfo() { Clear(); }
  856. int GetPopRes()
  857. {
  858. return m_eRes;
  859. }
  860. void SetPopRes(int res)
  861. {
  862. m_eRes = res;
  863. }
  864. void SetID(long nNextHome, long nNextOffice, long nNextUnkonwn)
  865. {
  866. m_nNextHome = nNextHome;
  867. m_nNextOffice = nNextOffice;
  868. m_nNextUnknown = nNextUnkonwn;
  869. }
  870. BYTE* GetGateMac()
  871. {
  872. return m_GateMac;
  873. }
  874. long GetGateIp()
  875. {
  876. return m_GateIp;
  877. }
  878. void SetAreaName( ATL::CString& strAreaName )
  879. {
  880. m_strAreaName = strAreaName;
  881. }
  882. void GetAreaName( ATL::CString& strAreaName )
  883. {
  884. strAreaName = m_strAreaName;
  885. }
  886. void SetGateInfo(BYTE gateMac[6], ULONG ip)
  887. {
  888. Clear();
  889. memcpy(m_GateMac, gateMac, sizeof(m_GateMac));
  890. m_GateIp = ip;
  891. }
  892. virtual int Serialize(IKPopDataSerializer* _serializer)
  893. {
  894. if (!_serializer->IsLoading())
  895. {
  896. _serializer->BeginTag("KPopAreaInfo");
  897. SerializeIp(_serializer, "GateIp", m_GateIp);
  898. _serializer->AddPop("AreaName", m_strAreaName);
  899. SerializeMac(_serializer, "GateMac", m_GateMac);
  900. _serializer->AddPop("NextHomeID", m_nNextHome);
  901. _serializer->AddPop("NextOfficeID", m_nNextOffice);
  902. _serializer->AddPop("NextUnkonwnID", m_nNextUnknown);
  903. _serializer->EndTag("KPopAreaInfo");
  904. }
  905. else
  906. {
  907. int nType = 0;
  908. _serializer->GetProp("AreaType", nType);
  909. m_eRes = nType;
  910. _serializer->GetProp("AreaName", m_strAreaName);
  911. }
  912. return 0;
  913. }
  914. bin_archive& Serialize(bin_archive &_serializer)
  915. {
  916. if(_serializer.is_loading())
  917. {
  918. Clear();
  919. _serializer.read(m_GateMac, sizeof(m_GateMac), 1);
  920. _serializer >> m_GateIp;
  921. int nRes = 0;
  922. _serializer >> nRes;
  923. _serializer >> m_strAreaName;
  924. m_eRes = (int)nRes;
  925. }
  926. else
  927. {
  928. _serializer.write(m_GateMac, sizeof(m_GateMac), 1);
  929. _serializer << m_GateIp;
  930. int nRes = m_eRes;
  931. _serializer << nRes;
  932. _serializer << m_strAreaName;
  933. }
  934. return _serializer;
  935. }
  936. size_t GetSeriSize()
  937. {
  938. size_t nSize = 0;
  939. nSize += sizeof(m_GateMac) + sizeof(m_GateIp) + sizeof(int) ;
  940. nSize += TypeSize::get_size( m_strAreaName );
  941. return nSize;
  942. }
  943. void Clear()
  944. {
  945. memset(m_GateMac, 0, sizeof(m_GateIp));
  946. m_GateIp = 0;
  947. }
  948. };
  949. //////////////////////////////////////////////////////////////////////////
  950. // 动态防御泡泡
  951. class KActiveDefendInfo : public IKPopData
  952. {
  953. public:
  954. KActiveDefendInfo(){}
  955. KActiveDefendInfo( UINT uIp, UINT uDefendTime )
  956. {
  957. m_uIp = uIp;
  958. m_uDefendTime = uDefendTime;
  959. }
  960. ~KActiveDefendInfo()
  961. {}
  962. UINT GetIp()
  963. {
  964. return m_uIp;
  965. }
  966. UINT GetDefendTime()
  967. {
  968. return m_uDefendTime;
  969. }
  970. virtual int Serialize(IKPopDataSerializer* _serializer)
  971. {
  972. if (!_serializer->IsLoading())
  973. {
  974. _serializer->BeginTag("KActiveDefendInfo");
  975. SerializeIp(_serializer, "Ip", ntohl( (unsigned int)m_uIp) );
  976. _serializer->AddPop("DefendTime", (int)m_uDefendTime);
  977. _serializer->EndTag("KActiveDefendInfo");
  978. }
  979. return 0;
  980. }
  981. bin_archive& Serialize(bin_archive &_serializer)
  982. {
  983. if(_serializer.is_loading())
  984. {
  985. _serializer >> m_uIp;
  986. _serializer >> m_uDefendTime;
  987. }
  988. else
  989. {
  990. _serializer << m_uIp;
  991. _serializer << m_uDefendTime;
  992. }
  993. return _serializer;
  994. }
  995. size_t GetSeriSize()
  996. {
  997. size_t nSize = 0;
  998. nSize += sizeof( m_uDefendTime );
  999. nSize += sizeof( m_uIp );
  1000. return nSize;
  1001. }
  1002. private:
  1003. UINT m_uIp;
  1004. UINT m_uDefendTime;
  1005. };
  1006. //////////////////////////////////////////////////////////////////////////
  1007. //区域改变泡泡
  1008. class KChangeAreaInfo : public IKPopData
  1009. {
  1010. public:
  1011. KChangeAreaInfo( )
  1012. {}
  1013. KChangeAreaInfo( ATL::CString& strAreaName, int areaType )
  1014. {
  1015. m_strAreaName = strAreaName;
  1016. m_areaType = areaType;
  1017. }
  1018. KChangeAreaInfo( LPCTSTR strAreaName, int areaType )
  1019. {
  1020. m_strAreaName = strAreaName;
  1021. m_areaType = areaType;
  1022. }
  1023. ~KChangeAreaInfo()
  1024. {}
  1025. void GetAreaName( ATL::CString& strAreaName )
  1026. {
  1027. strAreaName = m_strAreaName;
  1028. }
  1029. int GetAreaType()
  1030. {
  1031. return m_areaType;
  1032. }
  1033. virtual int Serialize(IKPopDataSerializer* _serializer)
  1034. {
  1035. if (!_serializer->IsLoading())
  1036. {
  1037. _serializer->BeginTag("KChangeAreaInfo");
  1038. _serializer->AddPop("AreaName", m_strAreaName);
  1039. _serializer->AddPop("AreaType", (int)m_areaType);
  1040. _serializer->EndTag("KChangeAreaInfo");
  1041. }
  1042. return 0;
  1043. }
  1044. bin_archive& Serialize(bin_archive &_serializer)
  1045. {
  1046. if(_serializer.is_loading())
  1047. {
  1048. _serializer >> m_strAreaName;
  1049. _serializer >> m_areaType;
  1050. }
  1051. else
  1052. {
  1053. _serializer << m_strAreaName;
  1054. _serializer << m_areaType;
  1055. }
  1056. return _serializer;
  1057. }
  1058. size_t GetSeriSize()
  1059. {
  1060. size_t nSize = 0;
  1061. nSize += TypeSize::get_size( m_strAreaName );
  1062. nSize += sizeof( m_areaType );
  1063. return nSize;
  1064. }
  1065. private:
  1066. ATL::CString m_strAreaName;
  1067. int m_areaType;
  1068. };
  1069. //////////////////////////////////////////////////////////////////////////
  1070. class KPopUpdateInfo: public IKPopData
  1071. {
  1072. public:
  1073. KPopUpdateInfo(DWORD nStatus ): m_nUpdateStatus(nStatus)
  1074. {}
  1075. ~KPopUpdateInfo()
  1076. {}
  1077. virtual int Serialize(IKPopDataSerializer* _serializer)
  1078. {
  1079. if (!_serializer->IsLoading())
  1080. {
  1081. _serializer->BeginTag("KPopUpdateInfo");
  1082. _serializer->AddPop("UpdateStatus", (int)m_nUpdateStatus);
  1083. _serializer->EndTag("KPopUpdateInfo");
  1084. }
  1085. return 0;
  1086. }
  1087. bin_archive& Serialize(bin_archive &_serializer)
  1088. {
  1089. if(_serializer.is_loading())
  1090. {
  1091. _serializer >> m_nUpdateStatus;
  1092. }
  1093. else
  1094. {
  1095. _serializer << m_nUpdateStatus;
  1096. }
  1097. return _serializer;
  1098. }
  1099. size_t GetSeriSize()
  1100. {
  1101. return sizeof(m_nUpdateStatus);
  1102. }
  1103. private:
  1104. DWORD m_nUpdateStatus;
  1105. };
  1106. //////////////////////////////////////////////////////////////////////////
  1107. //
  1108. #pragma pack(pop)