void build_interface_list() {
  signed int v1;
  char outbuf[76*32];
  int bytes_returned;

  v1 = WSASocketA(2, 2, 0, 0, 0, 0);
  if ( v1 != -1 ) {
  /* SIO_GET_INTERFACE_LIST = 0x4004747f, i/o control code for
     retrieving interface list */
  if ( !WSAIoctl(v1, 0x4004747Fu, 0, 0, outbuf, sizeof(outbuf), (DWORD
       *)&bytes_returned, 0, 0) )
     check_interface_IPs(bytes_returned / 76, outbuf);
     closesocket(v1);
  }
}

void check_interface_IPs(int num_interfaces, void* interface_list) {
  EnterCriticalSection(lpCriticalSection);
  for (i=0; i < 32; i++)
  intf_active[i] = 0;
  for(int i=0; i < num_interfaces; i++) {
iflags  = *(_DWORD *)(interface_list + 76*i);
ipaddr  = *(_DWORD *)(interface_list + 76*i + 8);
netmask = *(_DWORD *)(interface_list + 76*i + 56);

if (iflags & 1 && !(iflags & 4) ) {
    if (is_legit_IP_address(ipaddr) && (_BYTE)ipaddr != 127 ) {
    for (j=0; j < 32; j++) {
        if ( intf_ips[j] == ipaddr && intf_netmasks[j] == netmask ) {
           intf_active[j] = 1;
           break;
        }
    }
    if (j < 32) continue;
   
    for (j=0; j < 32; j++) {
        if ( !intf_used[j] ) {
           intf_used[j] = 1;        
           intf_ips[j] = ipaddr;     
           intf_netmasks[j] = netmask;    
           /* checks for 10./8, 172.16-31 and 192.168/16 space */ 
           intf_pvt_subnet[j] = is_private_subnet(ipaddr);
           intf_active[j] = 1;      
        }
    }
}
  }
  }
  LeaveCriticalSection(lpCriticalSection);
} 

bool is_legit_IP_address(int a1) {
  int v2;
  v2 = a1 & 0xFFFFFF;

  return !((1 << (a1 & 0x1F)) & dword_9B9604[(unsigned __int8)((_BYTE)a1 >> 5)])
    && a1 & 0xFF000000                   /* *.*.*.0 addresses */
    && (a1 & 0xFF000000) != 0xFF00000000 /* *.*.*.255 addresses */
    && (unsigned short)(a1 & 0xFEFF) != 4806
    && (_WORD)a1 != 65193                /* 169.254.*.* (dhcp failure self-assigned
                                            addresses) */
    && v2 != 192                         /* 192.0.0.0/24  reserved */
    && v2 != 131264                      /* 192.0.2.0/24 earmarked for books etc*/
    /* 192.88.89.0/24 no idea why this is blacklisted.  This belongs to Teledyne Brown
       Engineering in Huntsville Alabama */
    && v2 != 5855424     
    /* 253.255.255 (a possible typo.) They may wanted 0xffffdf which translates to
       223.255.255 the beginning of multicast range instead of 0xfffffd */
    && v2 != 16777213;    
}

bool is_private_subnet(unsigned short a1) {
     return a1 == 0xA8C0 ||                        /* 192.168 /16 */
         (_BYTE)a1 == 10 ||                        /* 10.0.0.0/8 */
         (unsigned short)(a1 & 0xF0FF) == 0x10AC;  /* 172.16 - 172.31 */
}
SOURCE LISTING 3:  Interface management code



 


 







Acknowledements

  This material is based upon work supported through the U.S. Army Research Office under the Cyber-TA Research Grant No. W911NF-06-1- 0316 and by the National Science Foundation, Grant No. CNS-07-16 612. The views expressed in this document are those of the authors and do not necessarily represent the official position of the sponsors.