分享
 
 
 

AFX Lite TCP Firewall by Aphex

王朝other·作者佚名  2006-01-10
窄屏简体版  字體: |||超大  

{

AFX Lite TCP Firewall by Aphex

http://www.iamaphex.cjb.net

unremote@knology.net

Usage: afxfw.exe <port> <port> <port>...

Example: afxfw.exe 25 80 1433 6667

This firewall is the simplest of it's kind. It is a packet

filtering firewall that monitors SYN packets. When a SYN

packet is sent to an unauthorized TCP port a RST packet

is sent to same port, immediately tearing down the

connection.

The rules apply to both local and remote connections.

}

program Project1;

{$APPTYPE CONSOLE}

uses

Windows,

Winsock2;

type

TIPHEADER = record

ip_verlen: byte;

ip_tos: byte;

ip_len: word;

ip_id: word;

ip_offset: word;

ip_ttl: byte;

ip_protocol: byte;

ip_checksum: word;

ip_saddr: longword;

ip_daddr: longword;

end;

TTCPHEADER = record

th_sport: word;

th_dport: word;

th_seq: longword;

th_ack: longword;

th_len: byte;

th_flags: byte;

th_win: word;

th_checksum: word;

th_upr: word;

end;

TPACKET = record

d_ip: TIPHEADER;

d_tcp: TTCPHEADER;

end;

TPACKETARRAY = array [0..sizeof(TPACKET)-1] of char;

var

WSAData: TWSAData;

ArgLoop: integer;

Ports: array [0..31] of word;

const

IOC_RCVALL: cardinal = IOC_IN or $18000000 or 1;

function IntToStr(I: integer):string;

var

v1: string;

begin

Str(I, v1);

Result := v1;

end;

function StrToInt(const S: string): integer;

var

v1: Integer;

begin

Val(S, Result, v1);

end;

function CheckSum(var Buffer; Size: integer): word;

type

TWordArray = array[0..1] of word;

var

lSumm: LongWord;

iLoop: integer;

begin

lSumm := 0;

iLoop := 0;

while Size > 1 do

begin

lSumm := lSumm + TWordArray(Buffer)[iLoop];

inc(iLoop);

Size := Size - SizeOf(word);

end;

if Size = 1 then lSumm := lSumm + Byte(TWordArray(Buffer)[iLoop]);

lSumm := (lSumm shr 16) + (lSumm and $FFFF);

lSumm := lSumm + (lSumm shr 16);

Result := word(not lSumm);

end;

procedure RSTHeader(FromIP: dword; FromPort: word; ToIP: dword; ToPort: word; var Buffer: TPACKETARRAY; var Socket: TSockAddr; var Size: dword; Seq: dword);

var

ipHdr: TIPHEADER;

tcpHdr: TTCPHEADER;

TcpHeaderLen: word;

ChecksumSize: word;

DataPointer: ^byte;

procedure IncPtr(Value: integer);

begin

DataPointer := pointer(integer(DataPointer) + Value);

end;

begin

Size := sizeof(ipHdr) + sizeof(tcpHdr);

ipHdr.ip_verlen := ((4 shl 4) or sizeof(ipHdr) div sizeof(longword));

ipHdr.ip_tos := 0;

ipHdr.ip_len := htons(Size);

ipHdr.ip_id := 0;

ipHdr.ip_offset := 0;

ipHdr.ip_ttl := 128;

ipHdr.ip_protocol := 6;

ipHdr.ip_checksum := 0;

ipHdr.ip_saddr := FromIP;

ipHdr.ip_daddr := ToIP;

ChecksumSize := 0;

tcpHdr.th_sport := FromPort;

tcpHdr.th_dport := ToPort;

tcpHdr.th_seq := htonl(Seq);

tcpHdr.th_ack := 0;

tcpHdr.th_len := 80;

tcpHdr.th_flags := 20;

tcpHdr.th_win := htons(65535);

tcpHdr.th_checksum := 0;

tcpHdr.th_upr := 0;

DataPointer := @Buffer[0];

FillChar(Buffer, SizeOf(Buffer), 0);

Move(ipHdr.ip_saddr, DataPointer^, SizeOf(ipHdr.ip_saddr));

IncPtr(SizeOf(ipHdr.ip_saddr));

ChecksumSize := ChecksumSize + sizeof(ipHdr.ip_saddr);

Move(ipHdr.ip_daddr, DataPointer^, sizeof(ipHdr.ip_daddr));

IncPtr(SizeOf(ipHdr.ip_daddr));

ChecksumSize := ChecksumSize + sizeof(ipHdr.ip_daddr);

IncPtr(1);

Inc(ChecksumSize);

Move(ipHdr.ip_protocol, DataPointer^, sizeof(ipHdr.ip_protocol));

IncPtr(sizeof(ipHdr.ip_protocol));

ChecksumSize := ChecksumSize + sizeof(ipHdr.ip_protocol);

TcpHeaderLen := htons(sizeof(tcpHdr));

Move(TcpHeaderLen, DataPointer^, sizeof(TcpHeaderLen));

IncPtr(sizeof(TcpHeaderLen));

ChecksumSize := ChecksumSize + sizeof(TcpHeaderLen);

Move(tcpHdr, DataPointer^, sizeof(tcpHdr));

IncPtr(sizeof(tcpHdr));

ChecksumSize := ChecksumSize + sizeof(tcpHdr);

tcpHdr.th_checksum := CheckSum(Buffer, ChecksumSize);

FillChar(Buffer, sizeof(Buffer), 0);

DataPointer := @Buffer[0];

Move(ipHdr, DataPointer^, sizeof(ipHdr));

IncPtr(sizeof(ipHdr));

Move(tcpHdr, DataPointer^, sizeof(tcpHdr));

Socket.sin_family := AF_INET;

Socket.sin_port := 0;

Socket.sin_addr.S_addr := ToIP;

end;

procedure Main;

var

rSocket, sSocket: TSocket;

Data, RST: TPACKET;

BytesReceived, BytesSent: dword;

Control: dword;

SockAddrIn: TSockAddrIn;

ArgLoop, Option: integer;

function GetInAddr: TInAddr;

var

Host: array[0..128] of char;

HostEnt: PHostEnt;

begin

GetHostName(@Host, 128);

HostEnt := GetHostByName(@Host);

Result := PInAddr(HostEnt^.h_addr_list^)^

end;

begin

if WSAStartup(WINSOCK_VERSION, WSAData) = 0 then

begin

rSocket := Socket(PF_INET, SOCK_RAW, 0);

sSocket := Socket(PF_INET, SOCK_RAW, 0);

if ((rSocket <> INVALID_SOCKET) and (sSocket <> INVALID_SOCKET)) then

begin

SetSockOpt(sSocket, 0, 2, @Option, SizeOf(Option));

SockAddrIn.sin_family := AF_INET;

SockAddrIn.sin_addr := GetInAddr;

SockAddrIn.sin_port := htons(0);

bind(rSocket, @SockAddrIn, SizeOf(SockAddrIn));

WSAIoctl(rSocket, IOC_RCVALL, @Control, SizeOf(Control), nil, 0, @BytesReceived, nil, nil);

while rSocket <> INVALID_SOCKET do

begin

BytesReceived := recv(rSocket, Data, SizeOf(Data), 0);

if BytesReceived > 0 then

begin

if Data.d_ip.ip_protocol = 6 then

begin

if (Data.d_tcp.th_flags and 2) <> 0 then

begin

for ArgLoop := 0 to 31 do

begin

if Ports[ArgLoop] = htons(Data.d_tcp.th_dport) then

begin

RSTHeader(Data.d_ip.ip_saddr, Data.d_tcp.th_sport, Data.d_ip.ip_daddr, Data.d_tcp.th_dport, TPACKETARRAY(RST), SockAddrIn, BytesSent, ntohl(Data.d_tcp.th_seq) + 1);

SendTo(sSocket, RST, BytesSent, 0, SockAddrIn, sizeof(SockAddrIn));

Break;

end;

end;

end;

end;

end

else

begin

Break;

end;

end;

end;

end;

WSACleanup;

end;

begin

WriteLn('AFX Lite TCP Firewall by Aphex');

WriteLn('http://www.iamaphex.cjb.net');

WriteLn('unremote@knology.net');

if ParamStr(1) = '' then

begin

WriteLn('');

WriteLn('Usage: afxfw.exe <port> <port> <port>...');

Halt(0);

end;

for ArgLoop := 1 to 32 do

begin

if ParamStr(ArgLoop) <> '' then

begin

Ports[ArgLoop - 1] := StrToInt(ParamStr(ArgLoop));

end;

end;

Main;

end.

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有