// 只在讀檔中用到
private void SipProcess()
{
foreach (string file in mOpenFileDialog.FileNames)
{
SIPTrace.PacketFileRTP(new StringBuilder(file), new StringBuilder(FileStoragePath.GetPath_SIP()));
}
}
static public void GetDBHandler(DBDataType type, out SQLiteConnection connection, out SQLiteCommand cmd)
{
string path;
string FileName;
switch (type)
{
case DBDataType.SSL:
path = FileStoragePath.GetPath_SSL();
FileName = DateTime.Now.ToString("tt hh.mm.ss") + ".db";
if (!File.Exists(path + "\\" + FileName))
{
SQLiteConnection.CreateFile(path + "\\" + FileName);
}
connection = new SQLiteConnection("Data source=" + path + "\\" + FileName);
connection.Open(); // Open
cmd = connection.CreateCommand(); //create command
cmd.CommandText = @"CREATE TABLE IF NOT EXISTS SSL (UserIP TEXT, ServerIP TEXT, UserPort TEXT, ServerPort TEXT , CipherSuite TEXT, Pubkey TEXT, SessionKey TEXT, NewSeesionTicket TEXT,Country TEXT,StateOrProvince TEXT,Locality TEXT,Organization TEXT,CommonName TEXT)";
cmd.ExecuteNonQuery();
return;
}
connection = null;
cmd = null;
}
private void mBtnSelectPacketFile_Click(object sender, EventArgs e)
{
mOpenFileDialog.Title = "Select file";
mOpenFileDialog.Multiselect = true;
mOpenFileDialog.Filter = "Pcap files (*.pcap)|*.pcap|Pcapng files (*.pcapng)|*.pcapng";
mOpenFileDialog.InitialDirectory = Directory.GetCurrentDirectory() + "//" + FileStoragePath.GetPath_MainFolder() + "//";
//mOpenFileDialog.Filter = "Pcap |*.pcap | Pcapng |*.pcapng";
ReadPacpFile PacketFileReader = new ReadPacpFile(mReadFileProgressBar);
if (mOpenFileDialog.ShowDialog() == DialogResult.OK)
{
List <string> fileNames = new List <string>();
foreach (string filename in mOpenFileDialog.FileNames)
{
fileNames.Add(filename);
}
if (!PacketFileReader.OpenFile(fileNames))
{
MessageBox.Show("Open File Fail");
return;
}
}
else
{
return;
}
PacketFileReader.PackerHandler = new PackerHandler(ReadPacketFileHandler);
mPacketTrace.Items.Clear();
SIPTrace = new SIPTRACE();
SSLTrace = new SSLTracer(FileStoragePath.GetPath_TotalPackets());
listIPTrace = new List <IPTraceInfo>(); // new a IPTrace List
PacketQueue = new Queue <RawCapture>(); // new a PacketQueue
trdGetPacketFromQueue = new Thread(GetPacketFromQueue); // Start thread to get packet from queue and then analyze.
trdUpdateListUI = new Thread(UpdateListUI); // Stert thread to update list UI.
Thread SipThread = new Thread(SipProcess);
trdGetPacketFromQueueAct = true; // Used to control GetPacketFromQueue thread to stop whem it's false
trdUpdateListUIAct = true;
Status = EnumStatus.OpenFile;
PacketFileReader.Start();
trdGetPacketFromQueue.Start();
trdUpdateListUI.Start();
SipThread.Start();
TotalPacketStream = 0;
mStatusStreams.Text = "Total Streams(Byte) : 0 ";
this.Text = "Packets Monitor ( Open File )";
mStatusMonitor.Text = "Status : Open File... ";
}
// Received pakcets will be push into queue. ( This is a callback function.)
private void PushPacketToQueue(object sender, CaptureEventArgs e)
{
Packet packet;
try
{
packet = PacketDotNet.Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
if (e.Packet.LinkLayerType != LinkLayers.Ethernet)
{
return;
}
// Write the packet to pcap file .
FileInfo PcapFile_Total = new FileInfo(AllPcapFileWriter.Name);
if (PcapFile_Total.Length < PcapFileMaxSizeOfByte) // 200 MB
{
AllPcapFileWriter.Write(packet.Bytes);
}
else
{
AllPcapFileWriter = new CaptureFileWriterDevice(FileStoragePath.GetPath_TotalPackets() + "\\" + DateTime.Now.ToString("tt hh.mm.ss.pcap"));
AllPcapFileWriter.Write(packet.Bytes);
}
// The Packet is too small , it does not be analyzed .
if (packet.Bytes.Length <= 60)
{
return;
}
lock (PacketQueueLock)
{
// push the packet to the queue .
PacketQueue.Enqueue(e.Packet);
}
}
catch
{
return;
}
}
private void mBtnOpenFolder_Click(object sender, EventArgs e)
{
System.Diagnostics.Process.Start(FileStoragePath.GetPath_MainFolder());
}
// Click button to Capture packets
private void mBtnStartMonitor_Click(object sender, EventArgs e)
{
// If it's monitoring . Don't click it again.
if (Status == EnumStatus.Monitor)
{
MessageBox.Show("Is Monitoring... \rDon't Click It Again ! ", "Alarm");
return;
}
if (Device == null)
{
MessageBox.Show("Please Select One Interface or File.", "Alarm");
return;
}
// Set event to handle packets when packet arrived.
Device.OnPacketArrival -= new PacketArrivalEventHandler(PushPacketToQueue); // 若暫停過後重新按開始則必須先把之前的事件函數去除,否則會重複執行函數
Device.OnPacketArrival += new PacketArrivalEventHandler(PushPacketToQueue);
int readTimeoutMilliseconds = 1000;
if (Device is AirPcapDevice)
{
// NOTE: AirPcap devices cannot disable local capture
var airPcap = Device as AirPcapDevice;
airPcap.Open(SharpPcap.WinPcap.OpenFlags.Promiscuous, readTimeoutMilliseconds);
}
else if (Device is WinPcapDevice)
{
var winPcap = Device as WinPcapDevice;
winPcap.Open(SharpPcap.WinPcap.OpenFlags.Promiscuous, readTimeoutMilliseconds);
}
else if (Device is LibPcapLiveDevice)
{
var livePcapDevice = Device as LibPcapLiveDevice;
livePcapDevice.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
}
else
{
MessageBox.Show("unknown device type of " + Device.GetType().ToString(), "Error");
}
mPacketTrace.Items.Clear();
AllPcapFileWriter = new CaptureFileWriterDevice(FileStoragePath.GetPath_TotalPackets() + "\\" + DateTime.Now.ToString("tt hh.mm.ss.pcap"));
SIPTrace = new SIPTRACE();
SSLTrace = new SSLTracer(FileStoragePath.GetPath_TotalPackets());
listIPTrace = new List <IPTraceInfo>(); // new a IPTrace List
PacketQueue = new Queue <RawCapture>(); // new a PacketQueue
trdGetPacketFromQueue = new Thread(GetPacketFromQueue); // Start thread to get packet from queue and then analyze.
trdUpdateListUI = new Thread(UpdateListUI); // Stert thread to update list UI.
trdGetPacketFromQueueAct = true; // Used to control GetPacketFromQueue thread to stop whem it's false
trdUpdateListUIAct = true;
Device.StartCapture();
trdGetPacketFromQueue.Start();
trdUpdateListUI.Start();
Status = EnumStatus.Monitor;
TotalPacketStream = 0;
mStatusStreams.Text = "Total Streams(Byte) : 0 ";
this.Text = "Packets Monitor ( Monitoring from " + Device.Description + " )";
mStatusMonitor.Text = "Status : Montioring... ";
//MessageBox.Show("Monitoring ...", "Succeed");
}
