在Delphi 7中无法通过GetExtendedTcpTable获取正确的端口号 [英] Not getting correct port number by GetExtendedTcpTable in delphi 7
问题描述
我已经实现了以下代码,用于通过功能getTCPExtendedTable获取TCP信息:
I have implemented the following code for getting TCP information by the Function getTCPExtendedTable :
const
ANY_SIZE = 1;
iphlpapi = 'iphlpapi.dll'; //For using the DLL
TCP_TABLE_OWNER_PID_ALL = 5;
{States of the Connections}
MIB_TCP_STATE:
array[1..12] of string = ('CLOSED', 'LISTEN', 'SYN-SENT ','SYN-RECEIVED', 'ESTABLISHED', 'FIN-WAIT-1',
'FIN-WAIT-2', 'CLOSE-WAIT', 'CLOSING','LAST-ACK', 'TIME- WAIT', 'delete TCB');
{record of type MIB_TCPROW:
typedef struct _MIB_TCPROW
{
DWORD dwState;
DWORD dwLocalAddr;
DWORD dwLocalPort;
DWORD dwRemoteAddr;
DWORD dwRemotePort;
}//MIB_TCPROW, *PMIB_TCPROW;
type
{The type of the TCP table structure to retrieve.
This parameter can be one of the values from the TCP_TABLE_CLASS enumeration. }
TCP_TABLE_CLASS = Integer;
PMibTcpRowOwnerPid = ^TMibTcpRowOwnerPid;
TMibTcpRowOwnerPid = packed record
dwState : DWORD;
dwLocalAddr : DWORD;
dwLocalPort : DWORD;
dwRemoteAddr: DWORD;
dwRemotePort: DWORD;
dwOwningPid : DWORD;
end;
{record of type MIB_TCPTABLE:
typedef struct _MIB_TCPTABLE
{
DWORD dwNumEntries;
MIB_TCPROW table[ANY_SIZE];
} //MIB_TCPTABLE, *PMIB_TCPTABLE
PMIB_TCPTABLE_OWNER_PID = ^MIB_TCPTABLE_OWNER_PID;
MIB_TCPTABLE_OWNER_PID = packed record
dwNumEntries: DWord;
table: array [0..ANY_SIZE - 1] OF TMibTcpRowOwnerPid;
end;
//Defintion
GetExtendedTcpTable:function (pTcpTable: Pointer; dwSize: PDWORD; bOrder: BOOL; lAf: ULONG; TableClass: TCP_TABLE_CLASS; Reserved: ULONG): DWord; stdcall;
procedure TFmainViewTCP.ShowCurrentTCPConnections;
var
Error : DWORD;
TableSize : DWORD;
i : integer;
IpAddress : in_addr;
RemoteIp : string;
LocalIp : string;
ProcName:string;
FExtendedTcpTable : PMIB_TCPTABLE_OWNER_PID;
begin
i:=0;
TableSize := 0;
Error := GetExtendedTcpTable(nil, @TableSize, False,AF_INET, TCP_TABLE_OWNER_PID_ALL, 0);
if Error <> ERROR_INSUFFICIENT_BUFFER then
Exit;
GetMem(FExtendedTcpTable, TableSize);
try
if GetExtendedTcpTable(FExtendedTcpTable, @TableSize, TRUE,AF_INET,TCP_TABLE_OWNER_PID_ALL, 0) = NO_ERROR then
begin
for i := 0 to FExtendedTcpTable.dwNumEntries - 1 do
begin
IpAddress.s_addr := FExtendedTcpTable.Table[i].dwRemoteAddr;
RemoteIp := string(inet_ntoa(IpAddress));
IpAddress.s_addr := FExtendedTcpTable.Table[i].dwLocalAddr;
LocalIp := string(inet_ntoa(IpAddress));
Memo1.Lines.Add(IntToStr(FExtendedTcpTable.Table[i].dwOwningPid));
Memo1.Lines.Add(IntToStr(Lo(FExtendedTcpTable.Table[i].dwLocalPort)));
end; //for
end; //if
finally
FreeMem(FExtendedTcpTable);
end;
end;
问题是所显示的端口号类似 34560,而实际端口号类似通过netstat查看为 135。
the problem is that the port numbers displayed are like '34560' whereas the real port number is something like '135' as seen through netstat. What changes are needed to see the correct port number?
我读到我们应该只显示dwLocalPort的低16个字节。我用Lo()函数做到了。我得到了诸如 0, 8之类的答案。请帮忙。
I read that we should only display the lower 16 bytes of dwLocalPort. I did it with Lo() function. I got answers like '0','8' etc. Please Help.
先行感谢
推荐答案
端口号以网络字节顺序给出。网络字节顺序是大字节序,因此您必须反转字节顺序才能理解它。
The port numbers are given in network byte order. Network byte order is big endian and so you have to reverse the order of the bytes to make sense of it.
MIB_TCPROW_OWNER_PID 包含了此内容
The documentation for MIB_TCPROW_OWNER_PID contains this important point.
dwLocalPort和dwRemotePort成员按网络字节顺序排列。为了使用dwLocalPort或dwRemotePort成员,可能需要Windows套接字中的ntohs或inet_ntoa函数或类似的函数。
The dwLocalPort, and dwRemotePort members are in network byte order. In order to use the dwLocalPort or dwRemotePort members, the ntohs or inet_ntoa functions in Windows Sockets or similar functions may be needed.
只需通过 ntohs() ,它们对您又有意义。例如:
Simply pass the port numbers through ntohs() and they will make sense to you again. For example:
Memo1.Lines.Add(IntToStr(ntohs(FExtendedTcpTable.Table[i].dwLocalPort)));
这篇关于在Delphi 7中无法通过GetExtendedTcpTable获取正确的端口号的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
