/// <summary>
/// Writes a diagnostic dump of key NTFS structures.
/// </summary>
/// <param name="writer">The writer to receive the dump.</param>
/// <param name="linePrefix">The indent to apply to the start of each line of output.</param>
public void Dump(TextWriter writer, string linePrefix)
{
writer.WriteLine(linePrefix + "NTFS File System Dump");
writer.WriteLine(linePrefix + "=====================");
////_context.Mft.Dump(writer, linePrefix);
writer.WriteLine(linePrefix);
_context.BiosParameterBlock.Dump(writer, linePrefix);
if (_context.SecurityDescriptors != null)
{
writer.WriteLine(linePrefix);
_context.SecurityDescriptors.Dump(writer, linePrefix);
}
if (_context.ObjectIds != null)
{
writer.WriteLine(linePrefix);
_context.ObjectIds.Dump(writer, linePrefix);
}
if (_context.ReparsePoints != null)
{
writer.WriteLine(linePrefix);
_context.ReparsePoints.Dump(writer, linePrefix);
}
if (_context.Quotas != null)
{
writer.WriteLine(linePrefix);
_context.Quotas.Dump(writer, linePrefix);
}
writer.WriteLine(linePrefix);
GetDirectory(MasterFileTable.RootDirIndex).Dump(writer, linePrefix);
writer.WriteLine(linePrefix);
writer.WriteLine(linePrefix + "FULL FILE LISTING");
foreach (var record in _context.Mft.Records)
{
// Don't go through cache - these are short-lived, and this is (just!) diagnostics
File f = new File(_context, record);
f.Dump(writer, linePrefix);
foreach (var stream in f.AllStreams)
{
if (stream.AttributeType == AttributeType.IndexRoot)
{
try
{
writer.WriteLine(linePrefix + " INDEX (" + stream.Name + ")");
f.GetIndex(stream.Name).Dump(writer, linePrefix + " ");
}
catch (Exception e)
{
writer.WriteLine(linePrefix + "!Exception: " + e);
}
}
}
}
writer.WriteLine(linePrefix);
writer.WriteLine(linePrefix + "DIRECTORY TREE");
writer.WriteLine(linePrefix + @"\ (5)");
DumpDirectory(GetDirectory(MasterFileTable.RootDirIndex), writer, linePrefix); // 5 = Root Dir
}
