public Flow(IPHeader ip, UdpHeader udp)
{
Assign(ip, udp);
}
public void Assign(IPHeader ip, UdpHeader udp)
{
Source = new IPEndPoint(ip.SourceIp, udp.SourcePort);
Destination = new IPEndPoint(ip.DestinationIp, udp.DestinationPort);
Protocol = ip.Protocol;
}
public void Execute()
{
Packet packet;
EthernetHeader eth;
IPHeader ip;
Flow key = new Flow();
FlowStats stats;
try {
//BinaryReader log = new BinaryReader(new FileStream(@"c:\users\gavin\desktop\20081006.dat", FileMode.Open, FileAccess.Read));
while (!terminated) {
try {
/*packet = new Packet();
packet.Time = log.ReadInt64();
packet.Length = log.ReadInt32();
packet.Data = log.ReadBytes(log.ReadInt32());*/
packet = pcap.Next();
} catch (Exception e) {
packet = null;
throw;
}
if (packet != null) {
if (dump != null) {
dump.Write(packet.Time);
dump.Write(packet.Length);
int i = Math.Min(packet.Data.Length, 64);
dump.Write(i);
dump.Write(packet.Data, 0, i);
dump.Flush();
}
eth = new EthernetHeader(packet.Data);
if (eth.Protocol == (int)EthernetProtocol.IP) {
ip = new IPHeader(eth);
if (ip.Protocol == IPProtocol.Tcp) {
TcpHeader tcp = new TcpHeader(ip);
key = new Flow(ip, tcp);
stats = tracker.Resolve(key, packet.Time);
stats.Last = packet.Time;
stats.Packets++;
// Bytes at IP, including IP header
stats.Bytes += ip.Length;
#region debugging
/*
// TODO: Verify sorted order of queue - should be right now
FlowStats check = queue.Head;
while (check != null) {
if (check.Next != null) Debug.Assert(check.Last >= check.Next.Last);
check = check.Next;
}
*/
#endregion
} else if (ip.Protocol == IPProtocol.Udp) {
try {
UdpHeader udp = new UdpHeader(ip);
key = new Flow(ip, udp);
stats = tracker.Resolve(key, packet.Time);
stats.Last = packet.Time;
stats.Packets++;
// Bytes at IP, including IP header
stats.Bytes += ip.Length;
} catch (IndexOutOfRangeException e) {
using (StreamWriter errorLog = new StreamWriter(Path.Combine(LogFolder, "error.log"), true)) {
errorLog.WriteLine(DateTime.Now);
errorLog.WriteLine(e.Message);
errorLog.WriteLine(e.StackTrace);
errorLog.WriteLine();
}
if (dump != null) {
dump.Write(packet.Time);
dump.Write(packet.Length);
dump.Write(packet.Data.Length);
dump.Write(packet.Data, 0, packet.Data.Length);
dump.Flush();
}
} catch (Exception ex) {
}
} else if (ip.Protocol == IPProtocol.Icmp) {
// TODO: Deal with ICMP
} else if (ip.Protocol == IPProtocol.Gre) {
// TODO: Deal with GRE
}
} else {
// TODO: deal with non-IP
}
#region Age flows
/**/
while (tracker.Count > 0 && tracker.Tail.Last < packet.Time - ExpiryInterval) {
stats = tracker.Tail;
Dump(stats);
tracker.Remove(stats);
}
writer.Flush();
/**/
#endregion
}
packets++;
}
} catch (EndOfStreamException e) {
// TODO: nothing
} catch (Exception e) {
//debug.WriteLine("ERROR: " + e.Message);
//debug.Flush();
throw e;
}
}