delphi 7中的GetExtendedTcpTable未获取正确的端口号
我已经实现了以下代码,用于通过函数getTCPExtendedTable获取TCP信息:delphi 7中的GetExtendedTcpTable未获取正确的端口号,delphi,Delphi,我已经实现了以下代码,用于通过函数getTCPExtendedTable获取TCP信息: const ANY_SIZE = 1; iphlpapi = 'iphlpapi.dll'; //For using the DLL TCP_TABLE_OWNER_PID_ALL = 5; {States of the Connections} MIB_TCP_STATE: array[1..12] of string = ('CLOSED', 'LISTEN', 'SYN-SENT
const
ANY_SIZE = 1;
iphlpapi = 'iphlpapi.dll'; //For using the DLL
TCP_TABLE_OWNER_PID_ALL = 5;
{States of the Connections}
MIB_TCP_STATE:
array[1..12] of string = ('CLOSED', 'LISTEN', 'SYN-SENT ','SYN-RECEIVED', 'ESTABLISHED', 'FIN-WAIT-1',
'FIN-WAIT-2', 'CLOSE-WAIT', 'CLOSING','LAST-ACK', 'TIME- WAIT', 'delete TCB');
{record of type MIB_TCPROW:
typedef struct _MIB_TCPROW
{
DWORD dwState;
DWORD dwLocalAddr;
DWORD dwLocalPort;
DWORD dwRemoteAddr;
DWORD dwRemotePort;
}//MIB_TCPROW, *PMIB_TCPROW;
type
{The type of the TCP table structure to retrieve.
This parameter can be one of the values from the TCP_TABLE_CLASS enumeration. }
TCP_TABLE_CLASS = Integer;
PMibTcpRowOwnerPid = ^TMibTcpRowOwnerPid;
TMibTcpRowOwnerPid = packed record
dwState : DWORD;
dwLocalAddr : DWORD;
dwLocalPort : DWORD;
dwRemoteAddr: DWORD;
dwRemotePort: DWORD;
dwOwningPid : DWORD;
end;
{record of type MIB_TCPTABLE:
typedef struct _MIB_TCPTABLE
{
DWORD dwNumEntries;
MIB_TCPROW table[ANY_SIZE];
} //MIB_TCPTABLE, *PMIB_TCPTABLE
PMIB_TCPTABLE_OWNER_PID = ^MIB_TCPTABLE_OWNER_PID;
MIB_TCPTABLE_OWNER_PID = packed record
dwNumEntries: DWord;
table: array [0..ANY_SIZE - 1] OF TMibTcpRowOwnerPid;
end;
//Defintion
GetExtendedTcpTable:function (pTcpTable: Pointer; dwSize: PDWORD; bOrder: BOOL; lAf: ULONG; TableClass: TCP_TABLE_CLASS; Reserved: ULONG): DWord; stdcall;
procedure TFmainViewTCP.ShowCurrentTCPConnections;
var
Error : DWORD;
TableSize : DWORD;
i : integer;
IpAddress : in_addr;
RemoteIp : string;
LocalIp : string;
ProcName:string;
FExtendedTcpTable : PMIB_TCPTABLE_OWNER_PID;
begin
i:=0;
TableSize := 0;
Error := GetExtendedTcpTable(nil, @TableSize, False,AF_INET, TCP_TABLE_OWNER_PID_ALL, 0);
if Error <> ERROR_INSUFFICIENT_BUFFER then
Exit;
GetMem(FExtendedTcpTable, TableSize);
try
if GetExtendedTcpTable(FExtendedTcpTable, @TableSize, TRUE,AF_INET,TCP_TABLE_OWNER_PID_ALL, 0) = NO_ERROR then
begin
for i := 0 to FExtendedTcpTable.dwNumEntries - 1 do
begin
IpAddress.s_addr := FExtendedTcpTable.Table[i].dwRemoteAddr;
RemoteIp := string(inet_ntoa(IpAddress));
IpAddress.s_addr := FExtendedTcpTable.Table[i].dwLocalAddr;
LocalIp := string(inet_ntoa(IpAddress));
Memo1.Lines.Add(IntToStr(FExtendedTcpTable.Table[i].dwOwningPid));
Memo1.Lines.Add(IntToStr(Lo(FExtendedTcpTable.Table[i].dwLocalPort)));
end; //for
end; //if
finally
FreeMem(FExtendedTcpTable);
end;
end;
const
任意大小=1;
iphlapi='iphlapi.dll'//用于使用DLL
TCP\u表\u所有者\u PID\u全部=5;
{连接状态}
MIB_TCP_状态:
字符串=('CLOSED'、'LISTEN'、'SYN-SENT'、'SYN-RECEIVED'、'ESTABLISHED'、'FIN-WAIT-1'的数组[1..12],
‘FIN-WAIT-2’、‘CLOSE-WAIT’、‘CLOSE’、‘LAST-ACK’、‘TIME-WAIT’、‘delete TCB’;
{MIB_TCPROW类型的记录:
类型定义结构\u MIB\u TCPROW
{
德沃德州;
DWORD dwLocalAddr;
DWORD dwLocalPort;
德沃德·德瓦德;
德沃德远程端口;
}//MIB_TCPROW,*PMIB_TCPROW;
类型
{要检索的TCP表结构的类型。
此参数可以是TCP_TABLE_CLASS枚举中的值之一。}
TCP_TABLE_CLASS=整数;
pmibtcprownerpid=^tmibtcprownerpid;
TMibTcpRowOwnerPid=打包记录
德沃德州:德沃德;
dwLocalAddr:DWORD;
dwLocalPort:DWORD;
dwRemoteAddr:DWORD;
dwRemotePort:DWORD;
dwOwningPid:DWORD;
结束;
{MIB_TCPTABLE类型的记录:
typedef结构_MIB_TCPTABLE
{
德沃德·德努门特里斯;
MIB_TCPROW表[任何大小];
}//MIB_TCPTABLE,*PMIB_TCPTABLE
PMIB可接受所有者PID=^MIB可接受所有者PID;
MIB_TCPTABLE_OWNER_PID=打包记录
德沃德;
表:TMibTcpRowOwnerPid的数组[0..ANY_SIZE-1];
结束;
//定义
GetExtendedTcpTable:function(pTcpTable:Pointer;dwSize:PDWORD;bOrder:BOOL;lAf:ULONG;TableClass:TCP\u TABLE\u CLASS;Reserved:ULONG):DWord;stdcall;
程序TFmainViewTCP.ShowCurrentTCP连接;
变量
错误:德沃德;
表大小:DWORD;
i:整数;
IP地址:in_addr;
RemoteIp:string;
LocalIp:字符串;
ProcName:字符串;
FExtendedTcpTable:PMIB_TCPTABLE_OWNER_PID;
开始
i:=0;
表大小:=0;
错误:=GetExtendedTptable(nil、@TableSize、False、AF\u INET、TCP\u TABLE\u OWNER\u PID\u ALL、0);
如果错误缓冲区不足,则
出口
GetMem(FExtendedTcpTable,TableSize);
尝试
如果GetExtendedTcpTable(FExtendedTcpTable,@TableSize,TRUE,AF\u INET,TCP\u TABLE\u OWNER\u PID\u ALL,0)=无错误,则
开始
对于i:=0到FExtendedTcpTable.dwNumEntries-1 do
开始
IpAddress.s_addr:=FExtendedTcpTable.Table[i].dwRemoteAddr;
RemoteIp:=字符串(inet_ntoa(IpAddress));
IpAddress.s_addr:=FExtendedTcpTable.Table[i].dwLocalAddr;
LocalIp:=字符串(inet_ntoa(IpAddress));
Memo1.Lines.Add(IntToStr(FExtendedTcpTable.Table[i].dwOwningPid));
Memo1.Lines.Add(IntToStr(Lo(FExtendedTcpTable.Table[i].dwLocalPort));
结束;//用于
结束;//如果
最后
FreeMem(FExtendedTcpTable);
结束;
结束;
问题是显示的端口号类似于“34560”,而实际的端口号类似于通过netstat看到的“135”。需要进行哪些更改才能看到正确的端口号
我读到我们应该只显示dwLocalPort较低的16字节。我是用Lo()函数实现的。我得到了类似“0”、“8”等的答案。请帮助
提前感谢端口号以网络字节顺序给出。网络字节顺序是big-endian,因此您必须颠倒字节顺序才能理解它 的文档包含这一要点 dwLocalPort和dwRemotePort成员按网络字节顺序排列。要使用dwLocalPort或dwRemotePort成员,可能需要Windows套接字中的ntohs或inet_ntoa函数或类似函数 只需将端口号传递给您,它们就会再次对您有意义。例如:
Memo1.Lines.Add(IntToStr(ntohs(FExtendedTcpTable.Table[i].dwLocalPort)));
函数返回需要转换为实际端口号的原始端口号, 这可以通过以下方式完成:
function ConvertRawPortToRealPort(RawPort : DWORD) : DWORD;
begin
Result := (RawPort div 256) + (RawPort mod 256) * 256;
end;
这将提供正确的输出