监视端口(200分)

  • 主题发起人 主题发起人 netameng
  • 开始时间 开始时间
N

netameng

Unregistered / Unconfirmed
GUEST, unregistred user!
如何知道有哪些本地程序在进行端口监听?就如同天网一样。或如同NBTSTAT一样,知道
线程也可以。
 
没有人答?
 
是netstat而不是nbtstat。
来自OopsWare:
(* ----------------------------------------------------------*)
(* *)
(* Netstat ( Built by Delphi 4 ) *)
(* *)
(* Copyright (C)2001,OopsWare Corp. Oops! *)
(* Jan 10, 2001 *)
(* http://oopsware.qzone.com *)
(* *)
(* This program implements a subset of the Netstat program's *)
(* functionality. Specifically, it enumerates and displays *)
(* information about all UDP and TCP endpoints. *)
(* *)
(* ----------------------------------------------------------*)

program Netstat;
{$APPTYPE CONSOLE}
uses
SysUtils,
Windows,
WinSock;

type
TAsnOctetString = record
stream: pByte;
length: Cardinal;
dynamic: Boolean;
end;

TAsnObjectIdentifier = record
idLength: Cardinal;
ids: Pointer;
end;
pAsnObjectIdentifier = ^TAsnObjectIdentifier;

TAsnObjectSyntax = record
case asnType: Byte of
0: (number: LongInt);
1: (unsigned32: Cardinal);
2: (counter64: Int64);
3: (AsnString: TAsnOctetString);
4: (bits: TAsnOctetString);
5: (AsnObject: TAsnObjectIdentifier);
7: (sequence: TAsnOctetString);
8: (address: TAsnOctetString);
9: (counter: Cardinal);
10:(gauge: Cardinal);
11:(ticks: Cardinal);
12:(arbitrary: TAsnOctetString);
end;

TRFC1157VarBind = record
name: TAsnObjectIdentifier;
value: TAsnObjectSyntax;
end;
pRFC1157VarBind = ^TRFC1157VarBind;

TRFC1157VarBindList = record
list: pRFC1157VarBind;
len: DWord
end;
pRFC1157VarBindList = ^TRFC1157VarBindList;

pTcpInfo = ^TTcpInfo;
TTcpInfo = record
prev: pTcpInfo;
next: pTcpInfo;
state: Cardinal;
localip: Cardinal;
localport: Cardinal;
remoteip: Cardinal;
remoteport: Cardinal;
end;

TSnmpExtensionInit = function(dwTimeZeroReference:DWord;
hPollForTrapEvent: PHandle;
pFirstSupportedRegion: pAsnObjectIdentifier
):Boolean; stdcall;

TSnmpExtensionQuery = function(requestType: Byte;
variableBindings: pRFC1157VarBindList;
errorStatus: pLongInt;
errorIndex: pLongInt
):Boolean; stdcall;

const
HOSTNAMELEN = 256;
PORTNAMELEN = 256;
ADDRESSLEN = HOSTNAMELEN+PORTNAMELEN;
tcpidentifiers: array[0..9]of Cardinal = (1,3,6,1,2,1,6,13,1,1);
udpidentifiers: array[0..9]of Cardinal = (1,3,6,1,2,1,7,5,1,1);
TcpState: array [0..11] of PChar =
('???','CLOSED', 'LISTENING', 'SYN_SENT',
'SEN_RECEIVED', 'ESTABLISHED', 'FIN_WAIT', 'FIN_WAIT2',
'CLOSE_WAIT', 'CLOSING', 'LAST_ACK', 'TIME_WAIT');

var
MySnmpExtensionInit: TSnmpExtensionInit;
MySnmpExtensionQuery: TSnmpExtensionQuery;
wsaData: TWSAData;
hTrapEvent: THandle;
hIdentifier: TAsnObjectIdentifier;
bindList: TRFC1157VarBindList;
bindEntry: TRFC1157VarBind;
TcpInfoTable: TTcpInfo;
UdpInfoTable: TTcpInfo;
CurrentIndex: Cardinal;
newEntry, CurrentEntry: pTcpInfo;
errorStatus, errorIndex: LongInt;
localaddr, remoteaddr: array[1..ADDRESSLEN]of Char;
localname, remotename: array[1..HOSTNAMELEN]of Char;
remoteport, localport: array[1..PORTNAMELEN]of Char;

function GetPortName(Port: Integer; Proto, Name: PChar; NameLen: Integer):PChar;
var Srvent: PServEnt;
begin
Srvent:=GetServByPort(htons(WORD(Port)), Proto);
if Srvent=nil then StrPLCopy(Name, Format('%d', [Port]), NameLen)
else StrPLCopy(Name, Format('%s', [Srvent^.s_name]), NameLen);
Result:=Name;
end;

function GetIpHostName(Local: Boolean; IpAddr: DWord; Name: PChar; NameLen: Integer):PChar;
var HostEnt: PHostEnt;
nIpAddr: DWord;
begin
nIpAddr:=htonl(IpAddr);
if IpAddr=0 then begin
if not Local then StrPCopy(Name, Format('%d.%d.%d.%d',[(nIpAddr shr 24) and $FF,
(nIpAddr shr 16) and $FF,
(nIpAddr shr 8) and $FF,
nIpAddr and $FF]))
else Gethostname(Name, NameLen);
end else begin
if (IpAddr=$0100007F) then
if Local then Gethostname(Name, NameLen)
else StrCopy(Name, 'localhost')
else begin
HostEnt:=GetHostByAddr(@IpAddr, Sizeof(nIpAddr), PF_INET);
if HostEnt<>nil then StrCopy(Name, HostEnt^.h_name)
else StrPCopy(Name, Format('%d.%d.%d.%d',[(nIpAddr shr 24) and $FF,
(nIpAddr shr 16) and $FF,
(nIpAddr shr 8) and $FF,
nIpAddr and $FF]))
end;
end;
Result:=Name;
end;

function LoadInetMibEntryPoints: Boolean;
var hInetLib: THandle;
begin
Result:=False;
hInetLib:=LoadLibrary('inetmib1.dll');
if hInetLib=0 then Exit;
@MySnmpExtensionInit:=GetProcAddress(hInetLib, 'SnmpExtensionInit');
if @MySnmpExtensionInit=nil then Exit;
@MySnmpExtensionQuery:=GetProcAddress(hInetLib, 'SnmpExtensionQuery');
if @MySnmpExtensionQuery=nil then Exit;
Result:=True;
end;

{ begin main() func! }

begin
if WSAStartup($0101, wsaData)<>0 then begin
WriteLn('Could not initialize Winsock.');
Exit;
end;
if not LoadInetMibEntryPoints then begin
WriteLn('Could not load extension DLL.');
Exit;
end;
if not MySnmpExtensionInit(GetCurrentTime, @hTrapEvent, @hIdentifier) then begin
WriteLn('Could not initialize extension DLL.');
Exit;
end;

WriteLn('Netstat 1.0a Copyright (c) 1995-2001, OopsWare Corp. China.');
WriteLn('');

bindEntry.name.idLength := $0A;
bindEntry.name.ids := @(tcpidentifiers[0]);
bindList.list := @bindEntry;
bindList.len := 1;
TcpInfoTable.prev := @TcpInfoTable;
TcpInfoTable.next := @TcpInfoTable;
CurrentIndex := 1;
CurrentEntry := @TcpInfoTable;
while True do begin
if not MySnmpExtensionQuery($A1, @bindList, @errorStatus, @errorIndex ) then Exit;
// Terminate when we're no longer seeing TCP information
if bindEntry.name.idLength<$0A then break;
// Go back to start of table if we're reading info about the next byte
if CurrentIndex <> (pDWord(Integer(bindEntry.name.ids)+9*Sizeof(Cardinal)))^ then begin
CurrentEntry := TcpInfoTable.next;
CurrentIndex := (pDWord(Integer(bindEntry.name.ids)+9*Sizeof(Cardinal)))^;
end;
case (pDWord(Integer(bindEntry.name.ids)+9*Sizeof(Cardinal)))^ of
1: begin // Always allocate a new structure
newEntry := AllocMem(Sizeof(TTcpInfo));
newEntry^.prev := CurrentEntry;
newEntry^.next := @TcpInfoTable;
CurrentEntry^.next := newEntry;
CurrentEntry := newEntry;
CurrentEntry^.state := bindEntry.value.number;
end;
2: begin
CurrentEntry^.localip := (pDWord(bindEntry.value.address.stream))^;
CurrentEntry := CurrentEntry^.next;
end;
3: begin
CurrentEntry^.localport := bindEntry.value.number;
CurrentEntry := CurrentEntry^.next;
end;
4: begin
CurrentEntry^.remoteip :=(pDWord(bindEntry.value.address.stream))^;
CurrentEntry := CurrentEntry^.next;
end;
5: begin
CurrentEntry^.remoteport := bindEntry.value.number;
CurrentEntry := CurrentEntry^.next;
end;
end;
end;
WriteLn(Format('%7s %-30s %-30s %s', ['Proto', 'Local', 'Remote', 'State']));
CurrentEntry := TcpInfoTable.next;
while CurrentEntry<>@TcpInfoTable do begin
StrPCopy(@localaddr[1], Format('%s:%s', [
GetIpHostName(True, CurrentEntry^.localip, PChar(@localname[1]), HOSTNAMELEN),
GetPortName(CurrentEntry^.localport, 'tcp', PChar(@localport[1]), PORTNAMELEN )] ));
if CurrentEntry^.remoteip<>0
then StrPCopy(@remoteaddr[1], Format('%s:%s', [
GetIpHostName( False, CurrentEntry^.remoteip, PChar(@remotename[1]), HOSTNAMELEN),
GetPortName( currentEntry^.remoteport, 'tcp', PChar(@remoteport[1]), PORTNAMELEN)] ))
else StrPCopy(@remoteaddr[1], Format('%s:0', [
GetIpHostName( False, CurrentEntry^.remoteip, PChar(@remotename[1]), HOSTNAMELEN)]));
WriteLn(Format('%7s %-30s %-30s %s',[
'TCP', PChar(@localaddr[1]), PChar(@remoteaddr[1]),
TcpState[currentEntry^.state] ]));
CurrentEntry := CurrentEntry^.next;
end;

bindEntry.name.idLength := $0A;
bindEntry.name.ids := @(udpidentifiers[0]);
bindList.list := @bindEntry;
bindList.len := 1;
UdpInfoTable.prev := @UdpInfoTable;
UdpInfoTable.next := @UdpInfoTable;
// Roll through UDP endpoints
CurrentIndex := 1;
CurrentEntry := @UdpInfoTable;
while True do begin
if not MySnmpExtensionQuery( $A1, @bindList, @errorStatus, @errorIndex ) then Exit;
if bindEntry.name.idLength < $0A then break;
// Go back to start of table if we're reading info about the next byte
if CurrentIndex <> (pDWord(Integer(bindEntry.name.ids)+9*Sizeof(Cardinal)))^ then begin
CurrentEntry := UdpInfoTable.next;
CurrentIndex := (pDWord(Integer(bindEntry.name.ids)+9*Sizeof(Cardinal)))^;
end;
// Build our TCP information table
case (pDWord(Integer(bindEntry.name.ids)+9*Sizeof(Cardinal)))^ of
1: begin // Always allocate a new structure
newEntry := AllocMem(Sizeof(TTcpInfo));
newEntry^.prev := CurrentEntry;
newEntry^.next := @UdpInfoTable;
CurrentEntry^.next := newEntry;
CurrentEntry := newEntry;
CurrentEntry^.localip := (pDWord(bindEntry.value.address.stream))^;
end;
2: begin
currentEntry^.localport := bindEntry.value.number;
currentEntry := currentEntry^.next;
end;
end;
end;
// Now print the connection information
CurrentEntry := UdpInfoTable.next;
while CurrentEntry <> @UdpInfoTable do begin
WriteLn(Format('%7s %s:%s', ['UDP',
GetIpHostName( True, CurrentEntry^.localip, PChar(@localname[1]), HOSTNAMELEN),
GetPortName( CurrentEntry^.localport, 'udp', PChar(@localport[1]), PORTNAMELEN) ]));
CurrentEntry := currentEntry^.next;
end;
WriteLn('');
WriteLn('Press ENTER key to Continue ...');
Readln;
end.
 
NBTSTAT是针对一个设备的监听程序。
 
后退
顶部