Click here to Skip to main content
11,408,835 members (61,186 online)
Click here to Skip to main content


, 9 Jun 2004
Rate this:
Please Sign up or sign in to vote.
Enhance netstat and packet filtering.

Sample Image - EnetstatX_img.jpg


This article represents an update to my previous one "Enhance netstat". What's new regarding EnetstatX? It has packet filtering capabilities, sniffing using raw sock (disabled from menu, but could be enabled and extended by developers) and pop-up taskbar notifier concerning incoming and outgoing connections.


What it does and base functionalities?

We have three base functionalities:

  • TCP connection manager
  • UDP connection manager
  • Packet filtering
  • Packet sniffing

How it does it?

  • TCP & UDP connection manager is using the following APIs:
             // Gets extended TCP Connection/UDP Listener Table //
             // ! Note -> imported function from iphlpapi.dll          //
            typedef DWORD (WINAPI *pAllocateAndGetTcpExTableFromStack)(
                 IN OUT PMIB_TCPTABLE_EX *pTcpTableEx, 
                 IN BOOL,
                 IN HANDLE,
                 IN DWORD, 
                 IN DWORD); 
            typedef DWORD (WINAPI *pAllocateAndGetUdpExTableFromStack) (
                 IN OUT PMIB_UDPTABLE_EX *pUdpTableEx , 
                 IN BOOL,
                 IN HANDLE,
                 IN DWORD, 
                 IN DWORD);
            class content: CTCPTable and CUDPClass
  • Packet filtering is using the following APIs (iphlpapi.lib):
             class content: CFilter
  • Packet sniffing is using raw socket capabilities:
             // Create a raw socket 
             socket(AF_INET, SOCK_RAW, IPPROTO_IP);
             // Set sock option
                  (const char *)&rcvtimeo,
             class content: CFilter

How to use it?

Hmmm ... Run it, and there will be no problem. The graphical interface is intuitive, I hope Wink | ;) .

Note: WinXP supported only.


In the final step, I would like to tell you guys that maybe there will be an update to this article regarding design part. I didn't have much time to do it, but if one of you are interested to cooperate or to continue this project, I can give you some ideas, and if necessary all my support. What more can be done? I was thinking that it could be nice to have a "passive OS fingerprinting" module that can detect the OS of connected computers. Another module can be to focus on "report and statistics" with compare capabilities and "what's new about my connection activities" ...




This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


About the Author

Web Developer
Romania Romania
No Biography provided

Comments and Discussions

QuestionAlways 87!!! PinmembereRRaTuM16-Mar-08 5:33 
AnswerRe: Always 87!!! PinmembereRRaTuM16-Mar-08 8:15 
GeneralPacket capture PinmemberJan Stetka16-May-07 1:29 
GeneralCompilation of project onVS 2005 Pinmemberchigo5814-Apr-06 6:02 
GeneralRe: Compilation of project onVS 2005 Pinmemberchigo5814-Apr-06 6:08 
QuestionHow to block and allow the packets so it can act as a firewall Pinsusssaravanan_vv9-Jun-05 3:57 
I like to know how to block or allow the packets so that it can act as a firewall.
Kindly help me.

Thanks and Regards
QuestionHow to list process and port on window98? Pinmemberdungbkhn16-May-05 16:57 
AnswerRe: How to list process and port on window98? Pinmembery0da17-May-05 20:56 
GeneralRe: How to list process and port on window98? Pinmemberdungbkhn18-May-05 5:57 
Generalsniff grayed PinmemberFriedhelm Schuetz11-May-05 23:48 
GeneralRe: sniff grayed Pinmembery0da12-May-05 0:18 
Generalconnection status PinsussAnonymous21-Apr-05 17:50 
Generaladding full path Pinmembermervick25-Jan-05 20:39 
QuestionHow to do this work on Win98 PinsussAnonymous27-Dec-04 17:01 
GeneralNo path /res in source PinmemberNielsR15-Sep-04 5:22 
GeneralRe: No path /res in source Pinmembery0da15-Sep-04 6:05 
Generalrunning EnestatX on Win2000 Pinmembery0da13-Jun-04 22:30 
GeneralRe: running EnestatX on Win2000 PinmemberTaknuMone14-Jun-04 3:21 
GeneralRe: running EnestatX on Win2000 Pinmemberfeldman_joel14-Jun-04 11:19 
GeneralRe: running EnestatX on Win2000 PinmemberNielsR15-Sep-04 8:15 
GeneralRe: running EnestatX on Win2000 Pinmemberzcy_beijing30-Jun-05 19:12 
GeneralRe: running EnestatX on Win2000 Pinmembersilencew5-Jul-05 9:09 
GeneralGot it to compile on w2k but... PinmemberTaknuMone12-Jun-04 16:29 
GeneralI'm waiting to give this a 5, but... Pinmemberprcarp10-Jun-04 11:47 
General... partially fixed Pinmemberprcarp10-Jun-04 12:10 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web04 | 2.8.150414.5 | Last Updated 10 Jun 2004
Article Copyright 2004 by y0da
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid