PageRenderTime 104ms CodeModel.GetById 20ms app.highlight 76ms RepoModel.GetById 1ms app.codeStats 1ms

/src/import/kpfw/netpop.h

https://bitbucket.org/knoss/pcmanager/
C++ Header | 1283 lines | 1071 code | 175 blank | 37 comment | 56 complexity | e4c472b5b689e698b3a53711b2a21934 MD5 | raw file
   1////////////////////////////////////////////////////////////////////////////////
   2//      
   3//      common include File for kpfw
   4//      
   5//      File      : netpop.h
   6//      Version   : 1.0
   7//      Comment   : 定义网镖泡泡数据结构
   8//      
   9//      Create at : 2008-7-14
  10//      Create by : liupeng
  11//      
  12////////////////////////////////////////////////////////////////////////////////
  13
  14#pragma once 
  15#include "SCOM/SCOM/SCOMBase.h"
  16#include "SCOM/SCOM/SCOMDef.h"
  17#include "kisrpc/rfcdef.h"
  18#include "serializetools.h"
  19#include "netdef.h"
  20#include "kis/kpfw/netwatch.h"
  21#include "kis/kpfw/area.h"
  22#include <vector>
  23#include "strsafe.h"
  24using namespace std;
  25
  26#pragma pack(push, 1)
  27
  28typedef enum KPFW_POP_INFO_TYPE
  29{
  30	emPop_None				= 0,		//一般不传这种类型
  31	emPop_App_Info			= 1,		//发现新的程序,模块访问网络(强泡泡) *
  32	emPop_Arp_Info			= 2,		//arp攻击(弱泡泡)
  33	emPop_Newnet_Info		= 3,		//发现新区域(强泡泡) *
  34	emPop_Virus				= 4,		//发现病毒,恶意程序(弱泡泡)
  35	emPop_PacketFilter		= 5,		//包过滤(弱泡泡)
  36	emPop_NetAreaChange		= 6,		//区域更改(弱泡泡)
  37	emPop_ActiveDefend		= 7,		//动态防御(弱泡泡)
  38	emPop_MSNDecrypt		= 8,		//msn加密(弱泡泡)
  39	emPop_SvrError			= 9,		//服务错误(弱泡泡)
  40	emPop_AutoTrust			= 10,		//可信认证放行程序(弱泡泡)
  41	emPop_UpdateComplete	= 11,		//升级完成
  42	emPop_enable_MSNDecrypt	= 12,		// 是否启用msn加密(强泡泡)
  43	emPop_App_Deny			= 13,		// 应用程序访问网络被禁止
  44}KpfwPopType;
  45
  46
  47typedef enum KPFW_APP_POP_RES
  48{
  49	enumPR_None			= 0,
  50	enumPR_Allow		= 1,
  51	enumPR_Deny			= 2,
  52}AppPopRes;
  53
  54
  55
  56typedef enum KPFW_POP_PROTOCOL
  57{
  58	enumKPP_TCP			= 0,
  59	enumKPP_UDP			= 1,
  60	enumKPP_ICMP		= 2,
  61	enumKPP_IGMP		= 3,
  62}PopProtocol;
  63
  64typedef enum APP_POP_REASON
  65{
  66	enumPop_Reason_None			= 0,
  67	enumPop_Reason_Virus		= 1,
  68	enumPop_Reason_Change		= 1 << 1,
  69	enumPop_Reason_Unknown_TrustRep = 1 << 2,
  70	enumPop_Reason_Prompt		= 1 << 3,
  71	enumPop_Reason_UnTrust_TrustRep = 1 << 4,
  72}AppPopReason;
  73
  74typedef enum APP_DENY_REASON
  75{
  76	enum_Allow		= 0,						// 允许
  77	enum_Deny_User	= 1,						// 规则中用户选择禁止
  78	enum_Deny_Pop	= 2,						// 泡泡选择禁止
  79	enum_Deny_Trust	= 3,						// 可信认证自动禁止
  80	enum_Deny_Pop_Rem = 4,						// 记住了上次的泡泡阻止操作,本次自动阻止
  81	enum_Deny_Port = 5,							// 存在被阻止的端口
  82}AppDenyReason;
  83
  84struct PopInfoHeader
  85{
  86	DWORD			nSize;
  87	DWORD			nPopType;
  88};
  89
  90//////////////////////////////////////////////////////////////////////////
  91interface IKPopDataSerializer
  92{
  93	// save 接口
  94	virtual bool IsLoading()								= 0;
  95	virtual	int	BeginTag(LPCSTR childName)					= 0;
  96	virtual	int	EndTag(LPCSTR childName)					= 0;
  97	virtual	int	AddPop(LPCSTR popName, LPCSTR val)			= 0;
  98	virtual	int	AddPop(LPCSTR popName, INT val)				= 0;
  99	virtual	int	AddPop(LPCSTR popName, LONG val)			= 0;
 100	virtual	int	AddPop(LPCSTR popName, LPCWSTR val)			= 0;
 101	virtual INT	GetProp(LPCSTR propName, INT& val)			= 0;
 102	virtual INT	GetProp(LPCSTR propName, ATL::CString& val)			= 0;
 103};
 104
 105interface IKPopData
 106{
 107	virtual bin_archive& Serialize(bin_archive &_serializer) = 0;
 108	virtual int Serialize(IKPopDataSerializer* _serializer) = 0;
 109	virtual size_t	GetSeriSize() = 0;
 110};
 111
 112inline void SerializeMac(IKPopDataSerializer* _serializer, LPCSTR propName, BYTE mac[6])
 113{
 114	char buf[32] = {0};
 115	StringCchPrintfA(buf, 32, "%02x:02x:02x:02x:02x:02x", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
 116	// sprintf(buf, "%02x:02x:02x:02x:02x:02x", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
 117	_serializer->AddPop(propName, buf);
 118}
 119
 120inline void SerializeIp(IKPopDataSerializer* _serializer, LPCSTR propName, ULONG nIp)
 121{
 122	char buf[32] = {0};
 123	BYTE* pBuf = (BYTE*)&nIp;
 124	StringCchPrintfA(buf, 32, "%d.%d.%d.%d", pBuf[0], pBuf[1], pBuf[2], pBuf[3]);
 125	_serializer->AddPop(propName, buf);
 126}
 127
 128inline void SerializeGUID(IKPopDataSerializer* _serializer, LPCSTR propName, GUID& val)
 129{
 130	char buf[256] = {0};
 131	StringCchPrintfA(buf, 256, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", val.Data1, val.Data2, val.Data3, val.Data4[0], val.Data4[1], 
 132		val.Data4[2], val.Data4[3], val.Data4[4], val.Data4[5], val.Data4[6], val.Data4[7] );
 133	_serializer->AddPop(propName, buf);
 134}
 135
 136inline void SerializeIpRange(IKPopDataSerializer* _serializer, LPCSTR propName, KIPRange& val)
 137{
 138	_serializer->BeginTag(propName);
 139	SerializeIp(_serializer, "start_ip", val.ipStart);
 140	SerializeIp(_serializer, "end_ip", val.ipEnd);
 141	_serializer->EndTag(propName);
 142}
 143
 144inline void SerializeIPLOG_EXTRADATA(IKPopDataSerializer* _serializer, int nProtocol, LPCSTR propName, IPLOG_EXTRADATA& val)
 145{
 146	switch (nProtocol)
 147	{
 148	case enumPT_TCP:
 149		{
 150			_serializer->BeginTag("TCP_DATA");
 151			_serializer->AddPop("local_port", val.TCP_DATA.LocalPort);
 152			_serializer->AddPop("remote_port", val.TCP_DATA.RemotePort);
 153			_serializer->AddPop("tcp_flag", val.TCP_DATA.byTcpFlags);
 154			_serializer->EndTag("TCP_DATA");
 155		}
 156		break;
 157	case enumPT_UDP:
 158		{
 159			_serializer->BeginTag("UDP_DATA");
 160			_serializer->AddPop("local_port", val.UDP_DATA.LocalPort);
 161			_serializer->AddPop("remote_port", val.UDP_DATA.RemotePort);
 162			_serializer->EndTag("UDP_DATA");
 163		}
 164		break;
 165	case enumPT_ICMP:
 166		{
 167			_serializer->BeginTag("ICMP_DATA");
 168			_serializer->AddPop("code", val.ICMP_DATA.byCode);
 169			_serializer->AddPop("type", val.ICMP_DATA.byType);
 170			_serializer->EndTag("ICMP_DATA");
 171		}
 172		break;
 173	case enumPT_IGMP:
 174		{
 175
 176		}
 177		break;
 178	case enumPT_IP:
 179		break;
 180	}
 181}
 182
 183inline void SerializeAppRequest(IKPopDataSerializer* _serializer, int nProtocol, LPCSTR propName, APP_REQUEST_INFO& val)
 184{
 185	_serializer->BeginTag("APP_REQUEST_INFO");
 186	_serializer->AddPop("RequestProtocol", (int)val.nRequestProtocol);
 187	_serializer->AddPop("nRequestType", (int)val.nRequestType);
 188	_serializer->AddPop("ProcessId", (int)val.dwProcessId);
 189	_serializer->AddPop("ThreadId", (int)val.dwThreadId);
 190	switch (val.nRequestType)
 191	{
 192	case ART_TrustUrl:
 193		{
 194			_serializer->BeginTag("TrustUrlInfo");
 195			_serializer->AddPop("host", val.Parameters.TrustUrl.szHost);
 196			_serializer->AddPop("url", val.Parameters.TrustUrl.szUrl);
 197			_serializer->EndTag("TrustUrlInfo");
 198		}
 199		break;
 200	case ART_FileChanged:
 201		{
 202
 203		}
 204		break;
 205	case ART_PacketRecord:
 206		break;
 207	default:
 208		{
 209			switch (val.nRequestProtocol)
 210			{
 211			case enumPT_LANMAN:
 212				{
 213					_serializer->BeginTag("LanMonInfo");
 214					_serializer->AddPop("path", val.Parameters.LanMan.wsPath);
 215					_serializer->EndTag("LanMonInfo");
 216				}
 217				break;
 218			default:
 219				{
 220					_serializer->BeginTag("TdiInfo");
 221					SerializeIp(_serializer, "RemoteAddress", val.Parameters.TDI.dwRemoteAddress);
 222					_serializer->AddPop("uRemoteAddress", (LONG)val.Parameters.TDI.dwRemoteAddress);
 223					_serializer->AddPop("RemotePort", val.Parameters.TDI.wRemotePort);
 224					SerializeIp(_serializer, "LocalAddress", val.Parameters.TDI.dwLocalAddress);
 225					_serializer->AddPop("uLocalAddress", (LONG)val.Parameters.TDI.dwLocalAddress);
 226					_serializer->AddPop("LocalPort", val.Parameters.TDI.wLocalPort);
 227					_serializer->AddPop("PacketDir", (int)val.Parameters.TDI.uDataLen);
 228					_serializer->EndTag("TdiInfo");
 229				}
 230			}
 231		}
 232		break;
 233	}
 234	_serializer->EndTag("APP_REQUEST_INFO");
 235}
 236//////////////////////////////////////////////////////////////////////////
 237// 应用程序访问网络泡泡
 238class KPopModuleInfo : public IKPopData
 239{
 240private:
 241	ATL::CString		m_strPath;
 242	ATL::CString		m_strDesc;
 243	INT					m_nPopReason;		// 当使用在应用程序询问泡泡上时类型:AppPopReason, 
 244											// 当使用在应用程序阻止泡泡上是类型:AppDenyReason
 245	DWORD				m_nTrustMode;
 246	DWORD				m_nUserMode;
 247
 248public:
 249	KPopModuleInfo(): m_nPopReason(0),m_nTrustMode(0),m_nUserMode(0) {}
 250
 251	KPopModuleInfo(LPCWSTR strPath, LPCWSTR strDesc, INT nPopReason, DWORD nUserMode, DWORD nTrustMode)
 252	{
 253		m_strPath = strPath;
 254		m_strDesc = strDesc;
 255		m_nPopReason = nPopReason;
 256		m_nUserMode = nUserMode;
 257		m_nTrustMode = nTrustMode;
 258	}
 259
 260	~KPopModuleInfo() {}
 261
 262	void	Init(LPCWSTR strPath ,INT nReason, LPCWSTR strDesc)
 263	{
 264		m_strPath = strPath;
 265		m_nPopReason = nReason;
 266		m_strDesc = strDesc;
 267	}
 268
 269	void	SetMode(DWORD nTrustMode, DWORD nUserMode)
 270	{
 271		m_nTrustMode = nTrustMode;
 272		m_nUserMode = nUserMode;
 273	}
 274	void	SetUserMode(DWORD nUserMode)
 275	{
 276		m_nUserMode = nUserMode;
 277	}
 278	ATL::CString&	GetPath()	{ return m_strPath; }
 279
 280	ATL::CString&	GetDesc()	{ return m_strDesc; }
 281
 282	INT			GetPopReason() { return m_nPopReason; }
 283
 284	DWORD		GetTrustMode()		{ return m_nTrustMode; }
 285
 286	DWORD		GetUserMode()		{ return m_nUserMode; }
 287
 288	size_t	GetSeriSize()
 289	{
 290		size_t nSize = 0;
 291		nSize += TypeSize::get_size(m_strPath);
 292		nSize += TypeSize::get_size(m_strDesc);
 293		nSize += sizeof(m_nPopReason) + sizeof(m_nTrustMode) + sizeof(m_nUserMode);
 294		return nSize;
 295	}
 296
 297	bin_archive& Serialize(bin_archive &_serializer)
 298	{
 299		if(_serializer.is_loading())
 300		{
 301			_serializer >> m_strPath;
 302			_serializer >> m_strDesc;
 303			_serializer >> m_nPopReason;
 304			_serializer >> m_nTrustMode;
 305			_serializer >> m_nUserMode;
 306		}
 307		else
 308		{
 309			_serializer << m_strPath;
 310			_serializer << m_strDesc;
 311			_serializer << m_nPopReason;
 312			_serializer << m_nTrustMode;
 313			_serializer << m_nUserMode;
 314		}
 315		return _serializer;
 316	}
 317
 318	virtual int Serialize(IKPopDataSerializer* _serializer)
 319	{
 320		if (!_serializer->IsLoading())
 321		{
 322			_serializer->BeginTag("KPopModuleInfo");
 323			_serializer->AddPop("Path", m_strPath);
 324			_serializer->AddPop("Desc", m_strDesc);
 325			_serializer->AddPop("PopReason", m_nPopReason);
 326			_serializer->AddPop("TrustMode", (int)m_nTrustMode);
 327			_serializer->AddPop("UserMode", (int)m_nUserMode);
 328			_serializer->EndTag("KPopModuleInfo");
 329		}
 330		return 0;
 331	}
 332
 333};
 334
 335class KPopAppInfo: public IKPopData
 336{
 337public:
 338	KPopAppInfo(): m_pExeInfo(NULL),m_ePopRes(enumPR_None),	m_bRemember(FALSE) {
 339		memset(&m_RequestInfo, 0, sizeof(m_RequestInfo));
 340	}
 341
 342	~KPopAppInfo()	{ 
 343		Clear(); 
 344	}
 345
 346	ATL::CString&	GetExePath()			
 347	{
 348		if (m_pExeInfo)
 349			return m_pExeInfo->GetPath();
 350		static ATL::CString tmp(TEXT(""));
 351		return tmp;
 352	}
 353
 354	INT				GetDllCnt()				
 355	{
 356		return (INT)m_dllInfos.size();
 357	}
 358
 359	KPopModuleInfo* GetExeInfo()		{ return m_pExeInfo; }
 360	KPopModuleInfo* GetDllInfo(INT i)	
 361	{
 362		return m_dllInfos[i];
 363	}
 364
 365	ATL::CString&	GetDllPath(INT i)		
 366	{
 367		return m_dllInfos[i]->GetPath();
 368	}
 369
 370	KPopModuleInfo* AddExePath(LPCWSTR str, INT nReason, LPCWSTR strDesc)		
 371	{
 372		ASSERT(!m_pExeInfo);
 373		if (!m_pExeInfo)
 374		{
 375			m_pExeInfo = new KPopModuleInfo();
 376			m_pExeInfo->Init(str, nReason, strDesc);
 377			return m_pExeInfo;
 378		}
 379		return NULL;
 380	}
 381
 382	KPopModuleInfo* AddDllPath(LPCWSTR str, INT nReason, LPCWSTR strDesc)		
 383	{
 384		KPopModuleInfo* pDllInfo = new KPopModuleInfo();
 385		pDllInfo->Init(str, nReason, strDesc);
 386		m_dllInfos.push_back(pDllInfo);
 387		return pDllInfo;
 388	}
 389
 390	DWORD	GetProcessID()
 391	{
 392		return m_RequestInfo.dwProcessId;
 393	}
 394
 395	VOID	SetRequestInfo(PAPP_REQUEST_INFO pInfo)
 396	{
 397		if (pInfo)
 398			m_RequestInfo = *pInfo;
 399	}
 400	PAPP_REQUEST_INFO GetRequestInfo()
 401	{
 402		return &m_RequestInfo;
 403	}
 404
 405	AppPopRes GetPopRes()
 406	{
 407		return (AppPopRes)m_ePopRes;
 408	}
 409	void SetPopRes(AppPopRes res)
 410	{
 411		m_ePopRes = (DWORD)res;
 412	}
 413
 414	BOOL GetRemember()
 415	{
 416		return m_bRemember;
 417	}
 418	VOID SetRemember(BOOL b)
 419	{
 420		m_bRemember = b;
 421	}
 422
 423	virtual int Serialize(IKPopDataSerializer* _serializer)
 424	{
 425		if (!_serializer->IsLoading())
 426		{
 427			_serializer->BeginTag("KPopAppInfo");
 428
 429			SerializeAppRequest(_serializer, 0, "", m_RequestInfo);
 430
 431			_serializer->BeginTag("ExeInfo");
 432			if (m_pExeInfo)
 433				m_pExeInfo->Serialize(_serializer);
 434			_serializer->EndTag("ExeInfo");
 435
 436			_serializer->BeginTag("DllInfo");
 437			for (size_t i = 0; i < m_dllInfos.size(); i++)
 438			{
 439				m_dllInfos[i]->Serialize(_serializer);
 440			}
 441			_serializer->EndTag("DllInfo");
 442
 443			_serializer->EndTag("KPopAppInfo");
 444		}
 445		else
 446		{
 447			INT nVal = 0;
 448			_serializer->GetProp("PopRes", nVal);
 449			m_ePopRes = nVal;
 450			nVal = 0;
 451			_serializer->GetProp("Remember", nVal);
 452			m_bRemember = nVal;
 453		}
 454		return 0;
 455	}
 456
 457	bin_archive& Serialize(bin_archive &_serializer)
 458	{
 459		if(_serializer.is_loading())
 460		{
 461			Clear();
 462			_serializer >> m_ePopRes;
 463			_serializer >> m_bRemember;
 464			_serializer.read(&m_RequestInfo, sizeof(m_RequestInfo), 1);
 465
 466			m_pExeInfo = new KPopModuleInfo();
 467			m_pExeInfo->Serialize(_serializer);
 468			INT nCnt = 0;
 469			_serializer >> nCnt;
 470			for (int i = 0; i < nCnt; i++)
 471			{
 472				KPopModuleInfo* pDllInfo = new KPopModuleInfo;
 473				pDllInfo->Serialize(_serializer);
 474				m_dllInfos.push_back(pDllInfo);
 475			}
 476		}
 477		else
 478		{
 479			ASSERT(m_pExeInfo);
 480			// 先序列化常规参数
 481			_serializer << m_ePopRes;
 482			_serializer << m_bRemember;
 483			_serializer.write(&m_RequestInfo, sizeof(m_RequestInfo), 1);
 484
 485			m_pExeInfo->Serialize(_serializer);
 486			INT nCnt = (int)m_dllInfos.size();
 487			_serializer << nCnt;
 488			for (int i = 0; i < nCnt; i++)
 489				m_dllInfos[i]->Serialize(_serializer);
 490		}
 491		return _serializer;
 492	}
 493
 494	size_t GetSeriSize()
 495	{
 496		size_t nSize = 0;
 497		nSize += sizeof(m_ePopRes) + sizeof(m_bRemember) + sizeof(m_RequestInfo);
 498
 499		nSize += m_pExeInfo->GetSeriSize();
 500
 501		INT nCnt = (int)m_dllInfos.size();
 502		nSize += sizeof(nCnt);
 503		for (int i = 0; i < nCnt; i++)
 504			nSize += m_dllInfos[i]->GetSeriSize();
 505		return nSize;
 506	}
 507
 508private:
 509	void	Clear()
 510	{
 511		if (m_pExeInfo)
 512		{
 513			delete m_pExeInfo;
 514			m_pExeInfo = NULL;
 515		}
 516		for (int i = 0; i < (int)m_dllInfos.size(); i++)
 517		{
 518			delete m_dllInfos[i];
 519		}
 520		m_dllInfos.clear();
 521	}
 522
 523private:
 524	DWORD						m_ePopRes;
 525	BOOL						m_bRemember;
 526	APP_REQUEST_INFO			m_RequestInfo;
 527	
 528	KPopModuleInfo*				m_pExeInfo;
 529	vector<KPopModuleInfo*>		m_dllInfos;
 530};
 531
 532//////////////////////////////////////////////////////////////////////////
 533// 自动放行规则
 534
 535class KAutoTrustInfo : public IKPopData
 536{
 537public:
 538
 539	KAutoTrustInfo()
 540	{
 541	}
 542
 543	~KAutoTrustInfo()
 544	{}
 545
 546	KAutoTrustInfo( ATL::CString& strFileName )
 547	{
 548		m_strFileName = strFileName;
 549	}
 550
 551	KAutoTrustInfo( LPCTSTR pszFileName )
 552	{
 553		m_strFileName = pszFileName;
 554	}
 555
 556	void GetFileName( ATL::CString& strFileName )
 557	{
 558		strFileName = m_strFileName;
 559	}
 560
 561	virtual int Serialize(IKPopDataSerializer* _serializer)
 562	{
 563		if (!_serializer->IsLoading())
 564		{
 565			_serializer->BeginTag("KAutoTrustInfo");
 566			_serializer->AddPop("FileName", m_strFileName);
 567			_serializer->EndTag("KAutoTrustInfo");
 568		}
 569		return 0;
 570	}
 571
 572	bin_archive& Serialize(bin_archive &_serializer)
 573	{
 574		if(_serializer.is_loading())
 575		{
 576			_serializer >> m_strFileName;
 577		}
 578		else
 579		{
 580			_serializer << m_strFileName;
 581		}
 582		return _serializer;
 583	}
 584
 585	size_t GetSeriSize()
 586	{
 587		size_t nSize = 0;
 588		nSize += TypeSize::get_size( m_strFileName );
 589		return nSize;
 590	}
 591
 592private:
 593
 594	ATL::CString m_strFileName;
 595};
 596
 597//////////////////////////////////////////////////////////////////////////
 598// 包过滤泡泡
 599
 600class KPacketFilterInfo : public IKPopData
 601{
 602private:
 603	LOG_IP_RULE				m_logInfo;
 604
 605public:
 606
 607	KPacketFilterInfo()
 608	{}
 609
 610	KPacketFilterInfo( PLOG_IP_RULE rule)
 611	{
 612		m_logInfo = *rule;
 613	}
 614
 615	~KPacketFilterInfo()
 616	{}
 617
 618	PLOG_IP_RULE	GetLogInfo()
 619	{
 620		return &m_logInfo;
 621	}
 622
 623	virtual int Serialize(IKPopDataSerializer* _serializer)
 624	{
 625		if (!_serializer->IsLoading())
 626		{
 627			_serializer->BeginTag("KPacketFilterInfo");
 628
 629				_serializer->BeginTag("LOG_IP_RULE");
 630
 631				SerializeGUID(_serializer, "id", m_logInfo.id);
 632				_serializer->AddPop("count", (int)m_logInfo.nCount);
 633				_serializer->AddPop("protocol", m_logInfo.byProtocolType);
 634				SerializeIp(_serializer, "LocalAddr", ntohl( (unsigned int) m_logInfo.LocalAddr ) );
 635				SerializeIp(_serializer, "RemoteAddr", ntohl( (unsigned int) m_logInfo.RemoteAddr ) );
 636				_serializer->AddPop("Direction", (int)m_logInfo.byDirection);
 637				_serializer->AddPop("Operation", (int)m_logInfo.nOperation);
 638				_serializer->AddPop("AttackType", (int)m_logInfo.nAttackType);
 639				SerializeIPLOG_EXTRADATA(_serializer, m_logInfo.byProtocolType, "", m_logInfo.ExtraInfo);
 640
 641				_serializer->EndTag("LOG_IP_RULE");
 642
 643			_serializer->EndTag("KPacketFilterInfo");
 644		}
 645		return 0;
 646	}
 647
 648	bin_archive& Serialize(bin_archive &_serializer)
 649	{
 650		if(_serializer.is_loading())
 651		{
 652			_serializer >> m_logInfo;
 653		}
 654		else
 655		{
 656			_serializer << m_logInfo;
 657		}
 658		return _serializer;
 659	}
 660
 661	size_t GetSeriSize()
 662	{
 663		size_t nSize = 0;
 664		nSize += sizeof( m_logInfo );
 665		return nSize;
 666	}
 667
 668private:
 669};
 670
 671//////////////////////////////////////////////////////////////////////////
 672// 发现病毒泡泡
 673class KFindVirusInfo : public IKPopData
 674{
 675public:
 676
 677	KFindVirusInfo()
 678	{}
 679
 680	KFindVirusInfo ( ATL::CString& strFileName, ATL::CString& strVirusName )
 681	{
 682		m_strFileName = strFileName;
 683		m_strVirusName = strVirusName;
 684	}
 685
 686	KFindVirusInfo ( LPCTSTR strFileName, LPCTSTR strVirusName )
 687	{
 688		m_strFileName = strFileName;
 689		m_strVirusName = strVirusName;
 690	}
 691
 692	bool operator == (const KFindVirusInfo& info)
 693	{
 694		if (info.m_strFileName != m_strFileName)
 695			return false;
 696		if (info.m_strVirusName != m_strVirusName)
 697			return false;
 698		return true;
 699	}
 700
 701	~KFindVirusInfo ()
 702	{}
 703
 704	void GetFileName( ATL::CString& strFileName )
 705	{
 706		strFileName = m_strFileName;
 707	}
 708
 709	void GetVirusName( ATL::CString& strVirusName )
 710	{
 711		strVirusName = m_strVirusName;
 712	}
 713
 714	virtual int Serialize(IKPopDataSerializer* _serializer)
 715	{
 716		if (!_serializer->IsLoading())
 717		{
 718			_serializer->BeginTag("KFindVirusInfo");
 719			_serializer->AddPop("FileName", m_strFileName);
 720			_serializer->AddPop("VirusName", m_strVirusName);
 721			_serializer->EndTag("KFindVirusInfo");
 722		}
 723		return 0;
 724	}
 725
 726	bin_archive& Serialize(bin_archive &_serializer)
 727	{
 728		if(_serializer.is_loading())
 729		{
 730			_serializer >> m_strFileName;
 731			_serializer >> m_strVirusName;
 732		}
 733		else
 734		{
 735			_serializer << m_strFileName;
 736			_serializer << m_strVirusName;
 737		}
 738		return _serializer;
 739	}
 740
 741	size_t GetSeriSize()
 742	{
 743		size_t nSize = 0;
 744		nSize += TypeSize::get_size( m_strFileName ) ;
 745		nSize += TypeSize::get_size( m_strVirusName ) ;
 746		return nSize;
 747	}
 748
 749private:
 750
 751	ATL::CString m_strFileName;
 752	ATL::CString m_strVirusName;
 753};
 754
 755class KFindVirusInfoVec: public IKPopData
 756{
 757private:
 758	vector<KFindVirusInfo*>		m_VirusInfo;
 759	ATL::CString				m_ProcessName;
 760
 761public:
 762	KFindVirusInfoVec()	{}
 763	~KFindVirusInfoVec()	{Clear();}
 764
 765	void  SetProcessName(LPCWSTR name)
 766	{
 767		m_ProcessName = name;
 768	}
 769
 770	ATL::CString& GetProcessName()
 771	{
 772		return m_ProcessName;
 773	}
 774
 775	void  AddInfo(LPCWSTR file ,LPCWSTR desc)
 776	{
 777		KFindVirusInfo* pInfo = new KFindVirusInfo(file, desc);
 778		m_VirusInfo.push_back(pInfo);
 779	}
 780
 781	vector<KFindVirusInfo*>& GetVirusInfo()
 782	{
 783		return m_VirusInfo;
 784	}
 785
 786	bool operator==(const KFindVirusInfoVec& info)
 787	{
 788		if (info.m_ProcessName != m_ProcessName)
 789			return false;
 790		if (info.m_VirusInfo.size() != m_VirusInfo.size())
 791			return false;
 792		for (int i = 0; i < (int)m_VirusInfo.size(); i++)
 793			if (!(*m_VirusInfo[i] == *info.m_VirusInfo[i]))
 794				return false;
 795		return true;
 796	}
 797
 798	int	GetCnt()
 799	{
 800		return (int)m_VirusInfo.size();
 801	}
 802
 803	virtual int Serialize(IKPopDataSerializer* _serializer)
 804	{
 805		if (!_serializer->IsLoading())
 806		{
 807			_serializer->BeginTag("KFindVirusInfoVec");
 808			_serializer->AddPop("ProcessName", m_ProcessName);
 809
 810			_serializer->BeginTag("VirusInfos");
 811			for (size_t i = 0; i < m_VirusInfo.size(); i++)
 812			{
 813				m_VirusInfo[i]->Serialize(_serializer);
 814			}
 815			_serializer->EndTag("VirusInfos");
 816
 817			_serializer->EndTag("KFindVirusInfoVec");
 818		}
 819		return 0;
 820	}
 821
 822	bin_archive& Serialize(bin_archive &_serializer)
 823	{
 824		if(_serializer.is_loading())
 825		{
 826			Clear();
 827			int nCnt = 0;
 828			_serializer >> nCnt;
 829			for (int i = 0; i < nCnt; i++)
 830			{
 831				KFindVirusInfo* pInfo = new KFindVirusInfo;
 832				pInfo->Serialize(_serializer);
 833				m_VirusInfo.push_back(pInfo);
 834			}
 835			_serializer >> m_ProcessName;
 836		}
 837		else
 838		{
 839			int nCnt = (int)m_VirusInfo.size();
 840			_serializer << nCnt;
 841			for (int i = 0; i < nCnt; i++)
 842			{
 843				m_VirusInfo[i]->Serialize(_serializer);
 844			}
 845			_serializer << m_ProcessName;
 846		}
 847		return _serializer;
 848	}
 849
 850	size_t GetSeriSize()
 851	{
 852		size_t nSize = 0;
 853		nSize = sizeof(int);
 854		for (int i = 0; i < (int)m_VirusInfo.size(); i++)
 855			nSize += m_VirusInfo[i]->GetSeriSize();
 856		nSize += TypeSize::get_size( m_ProcessName ) ;
 857		return nSize;
 858	}
 859private:
 860	void Clear()
 861	{
 862		for (int i = 0; i < (int)m_VirusInfo.size(); i++)
 863			delete m_VirusInfo[i];
 864		m_VirusInfo.clear();
 865	}
 866};
 867
 868//////////////////////////////////////////////////////////////////////////
 869
 870struct PopAttackInfo
 871{
 872	PopInfoHeader	header;
 873};
 874
 875//////////////////////////////////////////////////////////////////////////
 876// arp阻止泡泡
 877class KPopArpInfo: public IKPopData
 878{
 879private:
 880	ARP_EXTRA_DATA*		m_pArpInfo;
 881	INT					m_nType;
 882public:
 883	KPopArpInfo(): m_pArpInfo(NULL)  {}
 884	~KPopArpInfo()  { Clear(); }
 885
 886	const ARP_EXTRA_DATA* GetArpInfo()
 887	{
 888		return m_pArpInfo;
 889	}
 890
 891	INT	GetType()
 892	{
 893		return m_nType;
 894	}
 895
 896	void SetArpInfo(ARP_EXTRA_DATA* pInfo, int nType)
 897	{
 898		Clear();
 899		if (pInfo)
 900		{
 901			m_pArpInfo = new ARP_EXTRA_DATA;
 902			*m_pArpInfo = *pInfo;
 903			m_nType = nType;
 904		}
 905	}
 906
 907
 908	virtual int Serialize(IKPopDataSerializer* _serializer)
 909	{
 910		if (!_serializer->IsLoading())
 911		{
 912			_serializer->BeginTag("KPopArpInfo");
 913			_serializer->AddPop("ArpType", m_nType);
 914
 915				_serializer->BeginTag("ARP_EXTRA_DATA");
 916				SerializeMac(_serializer, "eh_dst", m_pArpInfo->eh_dst);
 917				SerializeMac(_serializer, "eh_src", m_pArpInfo->eh_src);
 918				SerializeMac(_serializer, "arp_sha", m_pArpInfo->arp_sha);
 919				SerializeIp(_serializer, "arp_spa", m_pArpInfo->arp_spa);
 920				SerializeMac(_serializer, "arp_tha", m_pArpInfo->arp_tha);
 921				SerializeIp(_serializer, "arp_tpa", m_pArpInfo->arp_tpa);
 922				_serializer->EndTag("ARP_EXTRA_DATA");
 923			
 924			_serializer->EndTag("KPopArpInfo");
 925		}
 926		return 0;
 927	}
 928
 929	bin_archive& Serialize(bin_archive &_serializer)
 930	{
 931		if(_serializer.is_loading())
 932		{
 933			Clear();
 934			m_pArpInfo = new ARP_EXTRA_DATA;
 935			_serializer.read(m_pArpInfo, sizeof(ARP_EXTRA_DATA), 1);
 936			_serializer >> m_nType;
 937		}
 938		else
 939		{
 940			if (m_pArpInfo)
 941				_serializer.write(m_pArpInfo, sizeof(ARP_EXTRA_DATA), 1);
 942			_serializer << m_nType;
 943		}
 944		return _serializer;
 945	}
 946
 947	size_t GetSeriSize()
 948	{
 949		size_t nSize = 0;
 950
 951		if (m_pArpInfo)
 952			nSize += sizeof(ARP_EXTRA_DATA);
 953
 954		nSize += sizeof(m_nType);
 955		return nSize;
 956	}
 957
 958	void Clear()
 959	{
 960		if (m_pArpInfo)
 961		{
 962			delete m_pArpInfo;
 963			m_pArpInfo = NULL;
 964		}
 965	}
 966};
 967
 968//////////////////////////////////////////////////////////////////////////
 969//发现新区域泡泡
 970class KPopAreaInfo: public IKPopData
 971{
 972private:
 973	BYTE			m_GateMac[6];
 974	long			m_GateIp;
 975	int				m_eRes;
 976	ATL::CString	m_strAreaName;
 977	
 978	long			m_nNextHome;
 979	long			m_nNextOffice;
 980	long			m_nNextUnknown;
 981
 982public:
 983	KPopAreaInfo(): m_eRes(enumAT_Unknown), m_GateIp(0)
 984	{
 985		
 986	}
 987
 988	~KPopAreaInfo()  { Clear(); }
 989
 990	int GetPopRes()
 991	{
 992		return m_eRes;
 993	}
 994	void	SetPopRes(int res)
 995	{
 996		m_eRes = res;
 997	}
 998
 999	void	SetID(long nNextHome, long nNextOffice, long nNextUnkonwn)
1000	{
1001		m_nNextHome = nNextHome;
1002		m_nNextOffice = nNextOffice;
1003		m_nNextUnknown = nNextUnkonwn;
1004	}
1005
1006	BYTE*		GetGateMac()
1007	{
1008		return m_GateMac;
1009	}
1010
1011	long	GetGateIp()
1012	{
1013		return m_GateIp;
1014	}
1015
1016	void SetAreaName( ATL::CString& strAreaName )
1017	{
1018		m_strAreaName = strAreaName;
1019	}
1020
1021	void GetAreaName( ATL::CString& strAreaName )
1022	{
1023		strAreaName = m_strAreaName;
1024	}
1025
1026	void SetGateInfo(BYTE gateMac[6], ULONG ip)
1027	{
1028		Clear();
1029		memcpy(m_GateMac, gateMac, sizeof(m_GateMac));
1030		m_GateIp = ip;
1031	}
1032
1033	virtual int Serialize(IKPopDataSerializer* _serializer)
1034	{
1035		if (!_serializer->IsLoading())
1036		{
1037			_serializer->BeginTag("KPopAreaInfo");
1038			SerializeIp(_serializer, "GateIp", m_GateIp);
1039			_serializer->AddPop("AreaName", m_strAreaName);
1040			SerializeMac(_serializer, "GateMac", m_GateMac);
1041
1042			_serializer->AddPop("NextHomeID", m_nNextHome);
1043			_serializer->AddPop("NextOfficeID", m_nNextOffice);
1044			_serializer->AddPop("NextUnkonwnID", m_nNextUnknown);
1045
1046			_serializer->EndTag("KPopAreaInfo");
1047		}
1048		else
1049		{
1050			int nType = 0;
1051			_serializer->GetProp("AreaType", nType);
1052			m_eRes = nType;
1053			_serializer->GetProp("AreaName", m_strAreaName);
1054		}
1055		return 0;
1056	}
1057
1058	bin_archive& Serialize(bin_archive &_serializer)
1059	{
1060		if(_serializer.is_loading())
1061		{
1062			Clear();
1063			_serializer.read(m_GateMac, sizeof(m_GateMac), 1);
1064			_serializer >> m_GateIp;
1065			int nRes = 0;
1066			_serializer >> nRes;
1067			_serializer >> m_strAreaName;
1068			m_eRes = (int)nRes;
1069		}
1070		else
1071		{
1072			_serializer.write(m_GateMac, sizeof(m_GateMac), 1);
1073			_serializer << m_GateIp;
1074			int nRes = m_eRes;
1075			_serializer << nRes;
1076			_serializer << m_strAreaName;
1077		}
1078		return _serializer;
1079	}
1080
1081	size_t GetSeriSize()
1082	{
1083		size_t nSize = 0;
1084
1085		nSize += sizeof(m_GateMac) + sizeof(m_GateIp) + sizeof(int) ;
1086		nSize += TypeSize::get_size( m_strAreaName );
1087
1088		return nSize;
1089	}
1090
1091	void Clear()
1092	{
1093		memset(m_GateMac, 0, sizeof(m_GateIp));
1094		m_GateIp = 0;
1095	}
1096};
1097//////////////////////////////////////////////////////////////////////////
1098// 动态防御泡泡
1099class KActiveDefendInfo : public IKPopData
1100{
1101public:
1102
1103	KActiveDefendInfo(){}
1104
1105	KActiveDefendInfo( UINT uIp, UINT uDefendTime )
1106	{
1107		m_uIp			= uIp;
1108		m_uDefendTime	= uDefendTime;
1109	}
1110	~KActiveDefendInfo()
1111	{}
1112
1113	UINT GetIp()
1114	{
1115		return m_uIp;
1116	}
1117
1118	UINT GetDefendTime()
1119	{
1120		return m_uDefendTime;
1121	}
1122
1123	virtual int Serialize(IKPopDataSerializer* _serializer)
1124	{
1125		if (!_serializer->IsLoading())
1126		{
1127			_serializer->BeginTag("KActiveDefendInfo");
1128			SerializeIp(_serializer, "Ip", ntohl( (unsigned int)m_uIp) );
1129			_serializer->AddPop("DefendTime", (int)m_uDefendTime);
1130			_serializer->EndTag("KActiveDefendInfo");
1131		}
1132		return 0;
1133	}
1134
1135	bin_archive& Serialize(bin_archive &_serializer)
1136	{
1137		if(_serializer.is_loading())
1138		{
1139			_serializer >> m_uIp;
1140			_serializer >> m_uDefendTime;
1141		}
1142		else
1143		{
1144			_serializer << m_uIp;
1145			_serializer << m_uDefendTime;
1146		}
1147		return _serializer;
1148	}
1149
1150	size_t GetSeriSize()
1151	{
1152		size_t nSize = 0;
1153		nSize += sizeof( m_uDefendTime );
1154		nSize += sizeof( m_uIp );
1155		return nSize;
1156	}
1157
1158private:
1159
1160	UINT	m_uIp;
1161	UINT	m_uDefendTime;
1162};
1163
1164//////////////////////////////////////////////////////////////////////////
1165//区域改变泡泡
1166class KChangeAreaInfo : public IKPopData
1167{
1168public:
1169
1170	KChangeAreaInfo( )
1171	{}
1172
1173	KChangeAreaInfo( ATL::CString& strAreaName, int areaType )
1174	{
1175		m_strAreaName	= strAreaName;
1176		m_areaType		= areaType;
1177	}
1178
1179	KChangeAreaInfo( LPCTSTR strAreaName, int areaType )
1180	{
1181		m_strAreaName	= strAreaName;
1182		m_areaType		= areaType;
1183	}
1184
1185	~KChangeAreaInfo()
1186	{}
1187
1188	void GetAreaName( ATL::CString& strAreaName )
1189	{
1190		strAreaName = m_strAreaName;
1191	}
1192
1193	int GetAreaType()
1194	{
1195		return m_areaType;
1196	}
1197
1198	virtual int Serialize(IKPopDataSerializer* _serializer)
1199	{
1200		if (!_serializer->IsLoading())
1201		{
1202			_serializer->BeginTag("KChangeAreaInfo");
1203			_serializer->AddPop("AreaName", m_strAreaName);
1204			_serializer->AddPop("AreaType", (int)m_areaType);
1205			_serializer->EndTag("KChangeAreaInfo");
1206		}
1207		return 0;
1208	}
1209
1210	bin_archive& Serialize(bin_archive &_serializer)
1211	{
1212		if(_serializer.is_loading())
1213		{
1214			_serializer >> m_strAreaName;
1215			_serializer >> m_areaType;
1216		}
1217		else
1218		{
1219			_serializer << m_strAreaName;
1220			_serializer << m_areaType;
1221		}
1222		return _serializer;
1223	}
1224
1225	size_t GetSeriSize()
1226	{
1227		size_t nSize = 0;
1228		nSize += TypeSize::get_size( m_strAreaName );
1229		nSize += sizeof( m_areaType );
1230		return nSize;
1231	}
1232
1233private:
1234
1235	ATL::CString	m_strAreaName;
1236	int				m_areaType;
1237};
1238
1239//////////////////////////////////////////////////////////////////////////
1240class KPopUpdateInfo: public IKPopData
1241{
1242public:
1243	KPopUpdateInfo(DWORD nStatus ): m_nUpdateStatus(nStatus)
1244	{}
1245
1246	~KPopUpdateInfo()
1247	{}
1248
1249	virtual int Serialize(IKPopDataSerializer* _serializer)
1250	{
1251		if (!_serializer->IsLoading())
1252		{
1253			_serializer->BeginTag("KPopUpdateInfo");
1254			_serializer->AddPop("UpdateStatus", (int)m_nUpdateStatus);
1255			_serializer->EndTag("KPopUpdateInfo");
1256		}
1257		return 0;
1258	}
1259
1260	bin_archive& Serialize(bin_archive &_serializer)
1261	{
1262		if(_serializer.is_loading())
1263		{
1264			_serializer >> m_nUpdateStatus;
1265		}
1266		else
1267		{
1268			_serializer << m_nUpdateStatus;
1269		}
1270		return _serializer;
1271	}
1272
1273	size_t GetSeriSize()
1274	{
1275		return sizeof(m_nUpdateStatus);
1276	}
1277
1278private:
1279	DWORD			m_nUpdateStatus;
1280};
1281//////////////////////////////////////////////////////////////////////////
1282// 
1283#pragma pack(pop)