Look at this code. It part of programm
which takes ntdll.dll(on disk file) and generates something like this
/*w2k3callx.h*/
MagicFoo (NtAcceptConnectPort, 24) //0
MagicFoo (NtAccessCheck, 32) //1
MagicFoo (NtAccessCheckAndAuditAlarm, 44) //2
MagicFoo (NtAccessCheckByType, 44) //3
MagicFoo (NtAccessCheckByTypeAndAuditAlarm, 64) //4
MagicFoo (NtAccessCheckByTypeResultList, 44) //5
MagicFoo (NtAccessCheckByTypeResultListAndAuditAlarm, 64) //6
MagicFoo (NtAccessCheckByTypeResultListAndAuditAlarmByHandle, 68) //7
MagicFoo (NtAddAtom, 12) //8
....

#####################################
...
#define MAKESECTVA(rva,sectva) (DWORD)rva-(DWORD)sectva
#define MAKERAW(rva,sraw,setcva) (DWORD)sraw+MAKESECTVA(rva,setcva)
...
void Export :: processdll(std::string dllname)
{
FILE *f_dll= fopen(dllname.c_str(),"rb");
struct pe_header_t hdr;

DWORD sectVA=0;

IMAGE_DOS_HEADER ddh;
IMAGE_NT_HEADERS32 hdr2;


char *sectdata;
char *exportData;

if(f_dll)
{
fread(&ddh,sizeof(ddh),1,f_dll);

fseek(f_dll,ddh.e_lfanew,FILE_BEGIN);

fread(&hdr2,sizeof(hdr2),1,f_dll);


#ifdef INFORMATE
printf("\n\tINFO:export va=%x(hex) ",hdr2.OptionalHeader.DataDirectory[0].VirtualAddress);
printf("\tsize=%d(decimal)",hdr2.OptionalHeader.DataDirectory[0].Size);
#endif
sectdata=(char *)malloc(sizeof(IMAGE_SECTION_HEADER)*hdr2.FileHeader.NumberOfSections);
fread(sectdata,sizeof(IMAGE_SECTION_HEADER)*hdr2.FileHeader.NumberOfSections,1,f_dll);

//PIMAGE_SECTION_HEADER sects = IMAGE_FIRST_SECTION32(&hdr2);
PIMAGE_SECTION_HEADER sects=(PIMAGE_SECTION_HEADER)sectdata;
BOOL wasfound=FALSE;
for(int i=0;i<hdr2.FileHeader.NumberOfSections;i++)
{
if(sects->VirtualAddress<=hdr2.OptionalHeader.DataDirectory[0].VirtualAddress &&
sects->VirtualAddress+sects->Misc.VirtualSize>hdr2.OptionalHeader.DataDirectory[0].VirtualAddress)
{
wasfound=TRUE;
break;
}
sects++;
}

if(wasfound)
{

exportData=(char *)malloc(hdr2.OptionalHeader.DataDirectory[0].Size);
if(exportData)
{
fseek(f_dll,
sects->PointerToRawData+
hdr2.OptionalHeader.DataDirectory[0].VirtualAddress-
sects->VirtualAddress
,FILE_BEGIN);
fread(exportData,
hdr2.OptionalHeader.DataDirectory[0].Size,
1,
f_dll);
PIMAGE_EXPORT_DIRECTORY pexp=(PIMAGE_EXPORT_DIRECTORY)exportData;
#ifdef INFORMATE
printf("\n\tINFO:exports number=%d(decimal)",pexp->NumberOfFunctions);
#endif

PDWORD address_t,name_t;
unsigned short *ordinal_t;
PDWORD raddress_t,rname_t;
unsigned short *rordinal_t;
raddress_t=address_t=(PDWORD)malloc(pexp->NumberOfFunctions*sizeof(DWORD));
fseek(f_dll,
MAKERAW(pexp->AddressOfFunctions,
sects->PointerToRawData,
sects->VirtualAddress
)
,FILE_BEGIN);
fread(address_t,pexp->NumberOfFunctions*sizeof(DWORD),1,f_dll);
rname_t=name_t=(PDWORD)malloc(pexp->NumberOfNames*sizeof(DWORD));
int offset=MAKERAW(pexp->AddressOfNames,
sects->PointerToRawData,
sects->VirtualAddress);
fseek(f_dll,
offset
,FILE_BEGIN);
fread(name_t,pexp->NumberOfNames*sizeof(DWORD),1,f_dll);
rordinal_t=ordinal_t=(unsigned short *)malloc(pexp->NumberOfNames*sizeof(DWORD));

offset=MAKERAW(pexp->AddressOfNameOrdinals,
sects->PointerToRawData,
sects->VirtualAddress);

fseek(f_dll,
offset
,FILE_BEGIN);

fread(ordinal_t,pexp->NumberOfNames*sizeof(unsigned short),1,f_dll);

for(int i=0;i<pexp->NumberOfFunctions;i++,address_t++,name_t++,ordinal_t++)
{
int ianumber=0;
unsigned char funcdata[15];
char funcname[1024];
std::string funcname2;

//(*address_t)
fseek(f_dll,
MAKERAW((*name_t),
sects->PointerToRawData,
sects->VirtualAddress)
,FILE_BEGIN);
fread(funcname,1024,1,f_dll);

if(used->find(dllname,funcname))
{
printf("\n\tFound %s",funcname);

//磬 滂耜?铕滂磬臌 脲驵?raw, ?? 徨?OrdinalBase
DWORD ordinal=*ordinal_t;



PIMAGE_SECTION_HEADER sects2=(PIMAGE_SECTION_HEADER)sectdata;
BOOL wasfound=FALSE;
for(int i=0;i<hdr2.FileHeader.NumberOfSections;i++)
{
if(sects2->VirtualAddress<=(raddress_t[ordinal]) &&
sects2->VirtualAddress+sects2->Misc.VirtualSize>(raddress_t[ordinal]))
{
wasfound=TRUE;
break;
}
sects2++;
}

if(wasfound)
{
fseek(f_dll,
MAKERAW(raddress_t[ordinal],
sects2->PointerToRawData,
sects2->VirtualAddress)
,FILE_BEGIN);

fread(funcdata,15,1,f_dll);
printf("\n\t");

/*for(int j=0;j<8;j++)
printf("%x ",funcdata[j]);*/

DWORD api_num=*((PDWORD)(&funcdata[1]));
DWORD ret_size=0x666;
if(funcdata[0xc]==(unsigned char)0xc2)
{
ret_size=*((unsigned short *)(&funcdata[13]));
}
else if(funcdata[0xc]==(unsigned char)0xc3)
ret_size=0;

if(ret_size!=0x666)
used->output(dllname,funcname,api_num,ret_size);
else
used->outputAlarm(dllname,funcname,api_num,ret_size);
}
#ifdef INFORMATE
else
{
printf("\nERROR:Section with function was not found in - %s",dllname.c_str());
}
#endif




//funcdata 耦溴疰栩 RVA 磬 趔黻鲨?





}

memset(funcname,0,strlen(funcname));
//(_dlldata [dllname])[funcname]=ianumber;
}
free(rordinal_t);
free(raddress_t);
free(rname_t);
free(exportData);
}
}
#ifdef INFORMATE
else
{
printf("\nERROR:Section with export data was not found in - %s",dllname.c_str());
}
#endif

free(sectdata);
fclose(f_dll);
}
#ifdef INFORMATE
else
{
printf("\nERROR:File access error - %s",dllname.c_str());
}
#endif
}