Hi,
I need to write a program that would control the access of any applications to the Internet. The result of this program should be a log file containing the application name + the Internet address. Is it possible to do this ?
FiveTech Support Forums
FiveWin / Harbour / xBase community
Board index FiveWin for Harbour/xHarbour Monitored Internet access.
Dear Yuri,
Try this:
#include "hbwin.ch"
#include "hbole.ch"
#include "hbtrace.ch"
PROCEDURE Main()
LOCAL oWMI, oLocator, oServices
LOCAL cNamespace := "ROOT\StandardCIMv2"
LOCAL cQuery := "SELECT LocalAddress, RemoteAddress, OwningProcess FROM MSFT_NetTCPConnection WHERE State = 4" // Established connections
LOCAL oEnum, oObject
LOCAL cRemoteIP, nPID, cAppName
LOCAL nVariant, oProcessServices, oProcEnum, oProcObject
LOCAL cProcQuery, cLogFile := "wmi_internet_log.txt"
LOCAL hFile
// Initialize COM
IF !OleInitialize()
? "Failed to initialize OLE"
RETURN
ENDIF
// Open log file
hFile := FCreate(cLogFile)
IF hFile == F_ERROR
? "Failed to open log file:", cLogFile
OleUninitialize()
RETURN
ENDIF
// Create WMI Locator
oLocator := __OleCreate("WbemScripting.SWbemLocator")
IF Empty(oLocator)
? "Failed to create IWbemLocator"
FClose(hFile)
OleUninitialize()
RETURN
ENDIF
// Connect to WMI Services
oServices := oLocator:ConnectServer(cNamespace, NIL, NIL, NIL, NIL, NIL, 0, NIL)
IF Empty(oServices)
? "Failed to connect to WMI namespace:", cNamespace
oLocator:Release()
FClose(hFile)
OleUninitialize()
RETURN
ENDIF
? "Monitoring network connections... Press any key to stop."
DO WHILE Inkey(0) == 0
// Execute query for TCP connections
oEnum := oServices:ExecQuery(cQuery, "WQL", .F.)
IF Empty(oEnum)
? "Failed to execute query"
LOOP
ENDIF
oObject := oEnum:Next(1)
DO WHILE !Empty(oObject)
// Get RemoteAddress as string (IP)
nVariant := OleAutoItem(oObject, "RemoteAddress")
cRemoteIP := iif(ValType(nVariant) == "C", nVariant, "Unknown")
// Get OwningProcess PID
nVariant := OleAutoItem(oObject, "OwningProcess")
nPID := iif(ValType(nVariant) == "N", nVariant, 0)
IF nPID > 0
// Query process name by PID in root\cimv2
oProcessServices := oLocator:ConnectServer("root\cimv2", NIL, NIL, NIL, NIL, NIL, 0, NIL)
IF !Empty(oProcessServices)
cProcQuery := "SELECT Name FROM Win32_Process WHERE ProcessId = " + AllTrim(Str(Int(nPID)))
oProcEnum := oProcessServices:ExecQuery(cProcQuery, "WQL", .F.)
oProcObject := oProcEnum:Next(1)
IF !Empty(oProcObject)
nVariant := OleAutoItem(oProcObject, "Name")
cAppName := iif(ValType(nVariant) == "C", nVariant, "Unknown")
// Log: "appname.exe - IP"
FWrite(hFile, cAppName + " - " + cRemoteIP + Chr(13) + Chr(10))
? "Logged:", cAppName, "-", cRemoteIP
oProcObject:Release()
ENDIF
oProcEnum:Release()
oProcessServices:Release()
ENDIF
ENDIF
oObject := oEnum:Next(1)
ENDDO
oEnum:Release()
// Poll every 5 seconds
SysRefresh()
Inkey(5000)
ENDDO
// Cleanup
oServices:Release()
oLocator:Release()
FClose(hFile)
OleUninitialize()
? "Monitoring stopped. Check", cLogFile
RETURNThank you, Antonio ! I'll try.
oServices := oLocator:ConnectServer(cNamespace, NIL, NIL, NIL, NIL, NIL, 0, NIL)I get an error
Error description: Error WbemScripting.SWbemLocator/3 DISP_E_MEMBERNOTFOUND: CONNECTSERVER
Args:
[ 1] = C ROOT\StandardCIMv2
[ 2] = U
[ 3] = U
[ 4] = U
[ 5] = U
[ 6] = U
[ 7] = N 0
[ 8] = U