private void Divert(DivertLayer layer)
{
const string filter = "tcp.DstPort == 80 or tcp.SrcPort == 80 or tcp.DstPort == 8082 or tcp.SrcPort == 8082";
Diversion diversion;
try
{
diversion = Diversion.Open(filter, layer, -1000, 0);
diversion.SetParam(DivertParam.QueueLength, 8192);
diversion.SetParam(DivertParam.QueueTime, 2048);
}
catch (Exception e)
{
_fileLogger.Error(Tag, e.ToString());
return;
}
if (!diversion.Handle.Valid)
{
_fileLogger.Error(Tag, $"Failed to open divert handle with error {Marshal.GetLastWin32Error()}");
return;
}
while (_running)
{
var buffer = new byte[2048];
var address = new Address();
uint receiveLength = 0;
if (!diversion.Receive(buffer, address, ref receiveLength))
{
_fileLogger.Error(Tag, $"Failed to receive packet with error {Marshal.GetLastWin32Error()}");
continue;
}
var packet = new Packet(buffer, receiveLength);
var hash = packet.GetHashCode();
if (!KvStore.Connections.ContainsKey(hash))
{
KvStore.Connections.TryAdd(hash, new Connection(diversion, address)
{
HashCode = hash
});
}
//if (!KvStore.ConnectionControllers.ContainsKey(hash))
// KvStore.ConnectionControllers.TryAdd(hash, new ConnectionController(packet,diversion));
//Controlling Logic maybe
KvStore.Connections[hash].Add(packet, address);
//KvStore.ConnectionControllers[hash].Push(packet);
//Monitoring Logic maybe
}
}
public void Open(string filter, DivertLayer layer, short priority, DivertFlags flags)
{
if (String.IsNullOrWhiteSpace(filter))
{
throw new ArgumentNullException("filter");
}
ulong m_flag = Convert.ToUInt64(flags);
WINDIVERT_LAYER m_layer = (WINDIVERT_LAYER)layer;
_divert_handle = NativeMethods.WinDivertOpen(filter, m_layer, priority, m_flag);
int lastWin32Error = Marshal.GetLastWin32Error();
if (_divert_handle.IsInvalid)
{
switch (lastWin32Error)
{
case WinError.ERROR_FILE_NOT_FOUND:
throw new Exception("The driver files WinDivert32.sys or WinDivert64.sys were not found.");
case WinError.ERROR_ACCESS_DENIED:
throw new Exception("You don't have sufficent privilege to use the driver.");
case WinError.ERROR_INVALID_PARAMETER:
throw new Exception("Filter string, layer, priority, or flags parameters contain invalid values.");
case WinError.ERROR_INVALID_IMAGE_HASH:
throw new Exception("The WinDivert32.sys or WinDivert64.sys driver does not have a valid digital signature.");
case WinError.ERROR_DRIVER_BLOCKED:
throw new Exception("The driver is blocked from operating. This can happen for various reasons, such as interference from security software, or usage inside a virtualization environment that does not support drivers.");
default:
throw new Exception("Failed to open WinDivert safe handle. Cause is unknown. Win32 Error is " + lastWin32Error);
}
}
}
