Database Search
If you can't find the information using the categories below, post a question over in our WinBatch Tech Support Forum.
TechHome
TCPIP and IP Address
- !!For grabbing IP addresses, also see...
- Automate DHCP Server
- Change from Static IP Address to DHCP
- Change IP Address Automatically
- Determine External IP Address
- Get Extended IP Address Data
- Get IP address of Workstation that Locked out an NT account
- Get MAC Address (Reg Method)
- Get MAC Address
- Get System IP and File Append
- How to Change a Remote IP Address
- How to Check if TCP IP is Installed
- IP Detector and Email Notification
- Look for the Bound IPs
- Massive IP Address Change
- Net Configuration Sample Code
- NT 4.0 IP Address Translation
- Run Winipcfg Write Output Parse Output
- Scan a Local Subnet for IP and Log
- Subnet Calculations
- TCP Port Status Script
- Using WinIpCfg and Grabbing IP with FileRead
- WinItemNameId and IP address
Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
TCP Port Status Script
Keywords: tcp port status tcpstat netstat
; tcpstat.wbt Return information similar to 'netstat -anp tcp'
;
; The purpose of referencing the DLL was to avoid the need for relying on
; external commands (other than the DLL) to get netstat results and two
; commands which run in the POSIX subsystem to parse the data (grep and wc).
;
;
;The GetTcpTable function retrieves the TCP connection table.
;
;DWORD GetTcpTable(
; PMIB_TCPTABLE pTcpTable, // buffer for the connection table
; PDWORD pdwSize, // size of the buffer
; BOOL bOrder // sort the table?
;);
;
;Parameters
;pTcpTable
; [out] Pointer to a buffer that receives the TCP connection table as a MIB_TCPTABLE structure.
;pdwSize
; [in, out] On input, specifies the size of the buffer pointed to by the pTcpTable parameter.
; On output, if the buffer is not large enough to hold the returned connection table,
; the function sets this parameter equal to the required buffer size.
;
;bOrder
; [in] Specifies whether the connection table should be sorted. If this parameter is TRUE,
; the table is sorted in the order of:
; Local IP address
; Local port
; Remote IP address
; Remote port
;
;Return Values
; If the function succeeds, the return value is NO_ERROR.
; If the function fails, use FormatMessage to obtain the message string for the returned error.
system32dir=DirWindows(1)
dllname=StrCat(system32dir,"iphlpapi.dll")
entrypoint="GetTcpTable"
Run("f:\tcpstat\tcpstat.cmd","") ; pipe 'netstat -anp tcp' into a file for comparison
; The GetTcpTable states that if the buffer to hold the data is too small, the function returns
; the necessary buffer size which is why the function is first called with lpnull and a pointer
; to a binary buffer to receive the required buffer size.
bbdwSize=BinaryAlloc(4) ; create 4 byte buffer
BinaryPoke4(bbdwSize,0,0) ; set first byte in buffer to zero
DLLCall(dllname,long:entrypoint,lpnull,lpbinary:bbdwsize,long:0) ; call function
size=BinaryPeek4(bbdwsize,0) ; read buffer size populated by the DLL function
binbuf=BinaryAlloc(size) ; create a binary buffer with the required size
BinaryEodSet(binbuf,size) ; set end of buffer to match its size
outputbuf=BinaryAlloc(size+300) ; create a binary buffer to use for output
outputheader=StrCat("Port State,Local IP,Local Port,Remote IP,Remote Port",@CRLF)
BinaryPokeStr(outputbuf,0,outputheader)
result=DLLCall(dllname,long:entrypoint,lpbinary:binbuf,lpbinary:bbdwsize,long:1) ; call function
;result=DLLCall(dllhnd,long:"GetTcpStatistics",lpbinary:binbuf)
; Function filled the binary buffer with the number of entries and a table with their values
; as specified by PMIB_TCPTABLE above.
;
;The MIB_TCPTABLE structure contains a table of TCP connections.
;
;typedef struct _MIB_TCPTABLE {
; DWORD dwNumEntries; // number of entries in the table
; MIB_TCPROW table[ANY_SIZE]; // array of TCP connections
;} MIB_TCPTABLE, *PMIB_TCPTABLE;
;Members
; dwNumEntries
; Specifies the number of entries in the table.
; table[ANY_SIZE]
; Pointer to a table of TCP connections implemented as an array of MIB_TCPROW structures.
;
numberofentries=BinaryPeek4(binbuf,0) ; Get number of entries
;
;
;The MIB_TCPROW structure contains information for a TCP connection.
;
;typedef struct _MIB_TCPROW {
; DWORD dwState; // state of the connection
; DWORD dwLocalAddr; // address on local computer
; DWORD dwLocalPort; // port number on local computer
; DWORD dwRemoteAddr; // address on remote computer
; DWORD dwRemotePort; // port number on remote computer
;} MIB_TCPROW, *PMIB_TCPROW;
;
;dwstate -- Specifies the state of the TCP connection. This member can have one of the following values.
; as defined in the header file iprtrmib.h.
;
; #define MIB_TCP_STATE_CLOSED 1
; #define MIB_TCP_STATE_LISTEN 2
; #define MIB_TCP_STATE_SYN_SENT 3
; #define MIB_TCP_STATE_SYN_RCVD 4
; #define MIB_TCP_STATE_ESTAB 5
; #define MIB_TCP_STATE_FIN_WAIT1 6
; #define MIB_TCP_STATE_FIN_WAIT2 7
; #define MIB_TCP_STATE_CLOSE_WAIT 8
; #define MIB_TCP_STATE_CLOSING 9
; #define MIB_TCP_STATE_LAST_ACK 10
; #define MIB_TCP_STATE_TIME_WAIT 11
; #define MIB_TCP_STATE_DELETE_TCB 12
;
;dwLocalAddr -- Specifies the address for the connection on the local computer.
;dwLocalPort -- Specifies the port number for the connection on the local computer.
;dwRemoteAddr -- Specifies the address for the connection on the remote computer.
;dwRemotePort -- Specifies the port number the connection on the remote computer.
;
x=4 ; buffer start location for connection table information
for y = 1 to numberofentries ; loop through binary structure for entry info (20 byte increments [5 entries of 4 byte values])
portstate=BinaryPeek(binbuf,x) ; first byte of first 32bit entry (port status)
localaddr1=BinaryPeek(binbuf,x + 4) ; first byte of second 32bit entry (first IP octet)
localaddr2=BinaryPeek(binbuf,x + 5) ; second byte of second 32bit entry (second IP octet)
localaddr3=BinaryPeek(binbuf,x + 6) ; third byte of second 32bit entry (third IP octet)
localaddr4=BinaryPeek(binbuf,x + 7) ; fourth byte of second 32bit entry (fourth IP octet)
localaddr=StrCat(localaddr1,".",localaddr2,".",localaddr3,".",localaddr4) ; append octets to form local IP address
portv1=BinaryPeek(binbuf,x + 8) ; first byte of third 32bit entry (first port value)
portv2=BinaryPeek(binbuf,x + 9) ; second byte of third 32bit entry (second port value)
localport=(portv1 << 8) + portv2 ; shift first byte over 8 plus second byte to get local port
If portstate == 2 ;Listening port doesn't have remote connection
remoteaddr="0.0.0.0"
remoteport="0"
Else
remoteaddr1=BinaryPeek(binbuf,x + 12) ; first byte of fourth 32bit entry (first IP octet)
remoteaddr2=BinaryPeek(binbuf,x + 13) ; second byte of fourth 32bit entry (second IP octet)
remoteaddr3=BinaryPeek(binbuf,x + 14) ; third byte of fourth 32bit entry (third IP octet)
remoteaddr4=BinaryPeek(binbuf,x + 15) ; fourth byte of fourth 32bit entry (fourth IP octet)
remoteaddr=StrCat(remoteaddr1,".",remoteaddr2,".",remoteaddr3,".",remoteaddr4) ; append octets to form remote IP address
portv1=BinaryPeek(binbuf,x + 16) ; first byte of fifth 32bit entry (first port value)
portv2=BinaryPeek(binbuf,x + 17) ; second byte of fifth 32bit entry (second port value)
remoteport= (portv1 << 8 ) + portv2 ; shift first byte over 8 plus second byte to get remote port
Endif
values=StrCat(portstate,",",localaddr,",",localport,",",remoteaddr,",",remoteport,@CRLF); append table row entries together
outputbufend=BinaryEODGet(outputbuf) ; get end of output buffer information
BinaryPokeStr(outputbuf,outputbufend,values) ; insert row entry information into output buffer
x=x+20 ; increment row entry start position by offset of 20
next
BinaryWrite(binbuf,"f:\tcpstat\debug.bin") ; write buffer information from 'GetTcpTable' as a hex file to debug
BinaryWrite(outputbuf,"f:\tcpstat\tcpstat.txt") ; write processed buffer info into a results file
BinaryFree(binbuf)
BinaryFree(bbdwsize)
; parse output buffer for statistics here and send results to SQL database
BinaryFree(outputbuf)
exit
Article ID: W14976
File Created: 2001:11:08:12:41:16
Last Updated: 2001:11:08:12:41:16