< IPConfig, Release, Renew & Change IPv4 | IP Helper Functions Main | Route: Routing Table, Add & Delete >
IP Helper Functions 13 Part 2
What do we have in this chapter 13 part 2?
-
Netstat
-
Retrieving the TCP Connection Table
-
Retrieving the UDP Listener Table
-
Retrieving IPv4 Protocol Statistics
|
|
Netstat
The NETSTAT.EXE utility displays the TCP connection table, the UDP listener table, and the IPv4 protocol statistics on your computer. The functions used to retrieve this information work with Windows NT 4.0 (Service Pack 4 and later), Windows 98, and Windows Me.
|
Retrieving the TCP Connection Table
The GetTcpTable() function retrieves the TCP connection table. This is the same information you see when you execute NETSTAT.EXE with the -p tcp -a options. GetTcpTable() is defined as:
DWORD GetTcpTable(PMIB_TCPTABLE pTcpTable, PDWORD pdwSize, BOOL bOrder);
The pTcpTable parameter is a pointer to an MIB_TCPTABLE application buffer that will receive the TCP connection information. The pdwSize parameter is a pointer to a variable that specifies the size of the buffer you passed in the pTcpTable parameter. If the buffer is not large enough to hold the TCP information, the function sets this parameter to the required buffer size. The bOrder parameter specifies whether the returned information should be sorted. The MIB_TCPTABLE structure returned from GetTcpTable() is defined as:
typedef struct _MIB_TCPTABLE
{
DWORD dwNumEntries;
MIB_TCPROW table[ANY_SIZE];
} MIB_TCPTABLE, *PMIB_TCPTABLE;
The fields of this structure are defined as follows:
- dwNumEntries: Specifies how many entries are in the table field.
- table: Is a pointer to an array of MIB_TCPROW structures that contain TCP connection information.
The MIB_TCPROW structure contains the IPv4 address pair that comprises a TCP connection. This structure is defined as:
typedef struct _MIB_TCPROW
{
DWORD dwState;
DWORD dwLocalAddr;
DWORD dwLocalPort;
DWORD dwRemoteAddr;
DWORD dwRemotePort;
} MIB_TCPROW, *PMIB_TCPROW;
Its fields are defined as follows:
- dwState: Specifies the state of the TCP connection, as defined in Table 16-9.
|
Table 16-9 TCP Connection States
|
|
|
Connection State |
RFC 793 Description |
|
MIB_TCP_STATE_CLOSED |
Known as the “CLOSED” state |
|
MIB_TCP_STATE_CLOSING |
Known as the “CLOSING” state |
|
MIB_TCP_STATE_CLOSE_WAIT |
Known as the “CLOSE WAIT” state |
|
MIB_TCP_STATE_DELETE_TCB |
Known as the “DELETE” state |
|
MIB_TCP_STATE_ESTAB |
Known as the “ESTABLISHED” state |
|
MIB_TCP_STATE_FIN_WAIT1 |
Known as the “FIN WAIT1” state |
|
MIB_TCP_STATE_FIN_WAIT2 |
Known as the “FIN WAIT2” state |
|
MIB_TCP_STATE_LAST_ACK |
Known as the “LAST ACK” state |
|
MIB_TCP_STATE_LISTEN |
Known as the “LISTENING” state |
|
MIB_TCP_STATE_SYN_RCVD |
Known as the “SYN RCVD” state |
|
MIB_TCP_STATE_SYN_SENT |
Known as the “SYN SENT” state |
|
MIB_TCP_STATE_TIME_WAIT |
Known as the “TIME WAIT” state |
- dwLocalAddr: Specifies a local IPv4 address for the connection.
- dwLocalPort: Specifies a local port for the connection.
- dwRemoteAddr: Specifies the remote IPv4 address for the connection.
- dwRemotePort: Specifies the remote port for the connection.
Retrieving the UDP Listener Table
The GetUdpTable() function retrieves the UDP listener table. This is the same information you see if you execute NETSTAT.EXE with the -p udp -a options. GetUdpTable() is defined as:
DWORD GetUdpTable(
PMIB_UDPTABLE pUdpTable,
PDWORD pdwSize,
BOOL bOrder
);
The pUdpTable parameter is a pointer to an MIB_UDPTABLE application buffer that will receive the UDP listener information. The pdwSize parameter is a pointer to a variable that specifies the size of the buffer you passed in the pUdpTable parameter. If the buffer is not large enough to hold the UDP information, the function sets this parameter to the required buffer size. The bOrder parameter specifies whether the returned information should be sorted. The MIB_UDPTABLE structure returned from GetUdpTable() is defined as:
typedef struct _MIB_UDPTABLE
{
DWORD dwNumEntries;
MIB_UDPROW table[ANY_SIZE];
} MIB_UDPTABLE, * PMIB_UDPTABLE;
The fields of this structure are defined as follows:
- dwNumEntries: Specifies how many entries are in the table field.
- table: Is a pointer to an array of MIB_UDPROW structures that contain UDP listener information.
The MIB_UDPROW structure contains the IPv4 address in which UDP is listening for datagrams. This structure is defined as:
typedef struct _MIB_UDPROW
{
DWORD dwLocalAddr;
DWORD dwLocalPort;
} MIB_UDPROW, * PMIB_UDPROW;
Its fields are defined as follows:
- dwLocalAddr: Specifies the local IPv4 address.
- dwLocalPort: Specifies the local port.
Retrieving IPv4 Protocol Statistics
Four functions are available for receiving IPv4 statistics: GetIpStatistics(), GetIcmpStatistics(), GetTcpStatistics(), and GetUdpStatistics(). These functions produce the same information that is returned from NETSTAT.EXE when you call it with the -s parameter. The first statistics function, GetIpStatistics(), retrieves the IPv4 statistics for the current computer and is defined as:
DWORD GetIpStatistics(PMIB_IPSTATS pStats);
The pStats parameter is a pointer to an MIB_IPSTATS structure that receives the current IPv4 statistics for your computer. The MIB_IPSTATS structure is defined as:
typedef struct _MIB_IPSTATS
{
DWORD dwForwarding;
DWORD dwDefaultTTL;
DWORD dwInReceives;
DWORD dwInHdrErrors;
DWORD dwInAddrErrors;
DWORD dwForwDatagrams;
DWORD dwInUnknownProtos;
DWORD dwInDiscards;
DWORD dwInDelivers;
DWORD dwOutRequests;
DWORD dwRoutingDiscards;
DWORD dwOutDiscards;
DWORD dwOutNoRoutes;
DWORD dwReasmTimeout;
DWORD dwReasmReqds;
DWORD dwReasmOks;
DWORD dwReasmFails;
DWORD dwFragOks;
DWORD dwFragFails;
DWORD dwFragCreates;
DWORD dwNumIf;
DWORD dwNumAddr;
DWORD dwNumRoutes;
} MIB_IPSTATS, *PMIB_IPSTATS;
The fields of this structure are defined as follows:
- dwForwarding: Specifies whether IPv4 forwarding is enabled or disabled on your computer.
- dwDefaultTTL: Specifies the initial TTL value for datagrams originating on your computer.
- dwInReceives: Specifies the number of datagrams received.
- dwInHdrErrors: Specifies the number of datagrams received with bad headers.
- dwInAddrErrors: Specifies the number of datagrams received with bad addresses.
- dwForwDatagrams: Specifies the number of datagrams forwarded.
- dwInUnknownProtos: Specifies the number of datagrams received with an unknown protocol.
- dwInDiscards: Specifies the number of datagrams received that were discarded.
- dwInDelivers: Specifies the number of datagrams received that were delivered.
- dwOutRequests: Specifies the number of datagrams that IPv4 has requested to transmit.
- dwRoutingDiscards: Specifies the number of outgoing datagrams discarded.
- dwOutDiscards: Specifies the number of transmitted datagrams discarded.
- dwOutNoRoutes: Specifies the number of datagrams that did not have a routing destination.
- dwReasmTimeout: Specifies the maximum amount of time for a fragmented datagram to arrive.
- dwReasmReqds: Specifies the number of datagrams that require assembly.
- dwReasmOks: Specifies the number of datagrams that were successfully reassembled.
- dwFragFails: Specifies the number of datagrams that could not be fragmented.
- dwFragCreates: Specifies the number of datagrams that were fragmented.
- dwNumIf: Specifies the number of IPv4 interfaces available on your computer.
- dwNumAddr: Specifies the number of IPv4 addresses identified on your computer.
- dwNumRoutes: Specifies the number of routes available in the routing table.
The second statistics function, GetIcmpStatistics(), retrieves ICMP statistics and is defined as:
DWORD GetIcmpStatistics(PMIB_ICMP pStats);
The pStats parameter is a pointer to an MIB_ICMP structure that receives the current ICMP statistics for your computer. The MIB_ICMP structure is defined as:
typedef struct _MIB_ICMP
{
MIBICMPINFO stats;
} MIB_ICMP,*PMIB_ICMP;
As you can see, MIB_ICMP is a structure containing a MIBICMPINFO structure that is defined as:
typedef struct _MIBICMPINFO
{
MIBICMPSTATS icmpInStats;
MIBICMPSTATS icmpOutStats;
} MIBICMPINFO;
The MIBICMPINFO structure receives incoming or outgoing ICMP information through an MIBICMPSTATS structure. The icmpInStats parameter receives incoming data and icmpOutStats receives outgoing data. The MIBICMPSTATS structure is defined as:
typedef struct _MIBICMPSTATS
{
DWORD dwMsgs;
DWORD dwErrors;
DWORD dwDestUnreachs;
DWORD dwTimeExcds;
DWORD dwParmProbs;
DWORD dwSrcQuenchs;
DWORD dwRedirects;
DWORD dwEchos;
DWORD dwEchoReps;
DWORD dwTimestamps;
DWORD dwTimestampReps;
DWORD dwAddrMasks;
DWORD dwAddrMaskReps;
} MIBICMPSTATS;
The fields of this structure are defined as follows:
- dwMsgs: Specifies the number of messages sent or received.
- dwErrors: Specifies the number of errors sent or received.
- dwDestUnreachs: Specifies the number of “destination unreachable” messages sent or received.
- dwTimeExcds: Specifies the number of TTL-exceeded messages sent or received.
- dwParmProbs: Specifies the number of messages sent or received that indicate a datagram contains bad IPv4 information.
- dwSrcQuenchs: Specifies the number of source quench messages sent or received.
- dwRedirects: Specifies the number of redirection messages sent or received.
- dwEchos: Specifies the number of ICMP echo requests sent or received.
- dwEchoReps: Specifies the number of ICMP echo replies sent or received.
- dwTimestamps: Specifies the number of timestamp requests sent or received.
- dwTimestampReps: Specifies the number of timestamp replies sent or received.
- dwAddrMasks: Specifies the number of address masks sent or received.
- dwAddrMaskReps: Specifies the number of address mask replies sent or received.
The third statistics function, GetTcpStatistics(), retrieves TCP statistics on your computer and is defined as:
DWORD GetTcpStatistics(PMIB_TCPSTATS pStats);
The pStats parameter is a pointer to an MIB_TCPSTATS structure that receives the current IP statistics for your computer. The MIB_TCPSTATS structure is defined as:
typedef struct _MIB_TCPSTATS
{
DWORD dwRtoAlgorithm;
DWORD dwRtoMin;
DWORD dwRtoMax;
DWORD dwMaxConn;
DWORD dwActiveOpens;
DWORD dwPassiveOpens;
DWORD dwAttemptFails;
DWORD dwEstabResets;
DWORD dwCurrEstab;
DWORD dwInSegs;
DWORD dwOutSegs;
DWORD dwRetransSegs;
DWORD dwInErrs;
DWORD dwOutRsts;
DWORD dwNumConns;
} MIB_TCPSTATS, *PMIB_TCPSTATS;
The fields of this structure are defined as follows:
- dwRtoAlgorithm: Specifies which retransmission algorithm is being used. The valid values are MIB_TCP_RTO_CONSTANT, MIB_TCP_ RTO_RSRE, MIB_TCP_RTO_VANJ, and MIB_TCP_RTO_OTHER, which is for other types.
- dwRtoMin: Specifies the minimum retransmission timeout in milliseconds.
- dwRtoMax: Specifies the maximum retransmission timeout in milliseconds.
- dwMaxConn: Specifies the maximum number of connections allowed.
- dwActiveOpens: Specifies how many times the machine is initiating a connection with a server.
- dwPassiveOpens: Specifies how many times the machine is listening for a connection from a client.
- dwAttemptFails: Specifies how many connection attempts have failed.
- dwEstabResets: Specifies the number of established connections that have been reset.
- dwCurrEstab: Specifies the number of connections that are currently established.
- dwInSegs: Specifies the number of segments received.
- dwOutSegs: Specifies the number of segments transmitted (excluding segments that have been retransmitted).
- dwRetransSegs: Specifies the number of segments retransmitted.
- dwInErrs: Specifies the number of errors received.
- dwOutRsts: Specifies the number of segments transmitted with the reset flag set.
- dwNumConns: Specifies the total number of connections.
The last statistics function, GetUdpStatistics(), retrieves UDP statistics on your computer and is defined as:
DWORD GetUdpStatistics(PMIB_UDPSTATS pStats);
The pStats parameter is a pointer to an MIB_UDPSTATS structure that receives the current IPv4 statistics for your computer. The MIB_UDPSTATS structure is defined as:
typedef struct _MIB_UDPSTATS
{
DWORD dwInDatagrams;
DWORD dwNoPorts;
DWORD dwInErrors;
DWORD dwOutDatagrams;
DWORD dwNumAddrs;
} MIB_UDPSTATS,*PMIB_UDPSTATS;
This structure's fields are defined as follows:
- dwInDatagrams: Specifies the number of datagrams received.
- dwNoPorts: Specifies the number of datagrams discarded because the port number was bad.
- dwInErrors: Specifies the number of erroneous datagrams received (excluding the datagrams counted in dwNoPorts).
- dwOutDatagrams: Specifies the number of datagrams transmitted.
- dwNumAddrs: Specifies the total number of UDP entries in the listener table.
< IPConfig, Release, Renew & Change IPv4 | IP Helper Functions Main | Route: Routing Table, Add & Delete >