Beispiel #1
0
        /// <summary>
        /// Get all the records since the last call
        /// This method removes the returned records from its internal buffer
        /// </summary>
        /// <returns>List of captured records</returns>
        public static List <Record> GetRecords()
        {
            try
            {
                lock (records)
                {
                    // get the device ID, and store it if it's not in the config file already
                    deviceId = ConfigClient.Read(ConfigClient.DeviceId, true);
                    if (deviceId == null)
                    {
                        deviceId = devices[0].MacAddress.ToString();
                        ConfigClient.Write(ConfigClient.DeviceId, deviceId);
                    }

                    var recordList = new List <Record>(records);
                    records.Clear();
                    return(recordList);
                }
            }
            catch (Exception ex)
            {
                TraceLog.TraceException("GetRecords failed", ex);
                return(null);
            }
        }
Beispiel #2
0
        private static void SendLoop()
        {
            while (uploadFlag)
            {
                try
                {
                    lock (configLock)
                    {
                        // refresh the device enabled flag
                        var disabled = ConfigClient.Read(ConfigClient.Disabled);
                        if (Convert.ToBoolean(disabled))
                        {
                            collectionStatus = ControlMessage.SuspendCollection;
                        }

                        // refresh the credentials, device ID, device name in case the config tool was run
                        credentials = ConfigClient.Read(ConfigClient.Credentials, true);
                        if (deviceId == null)
                        {
                            deviceId = ConfigClient.Read(ConfigClient.DeviceId);
                        }
                        if (deviceName == null)
                        {
                            deviceName = ConfigClient.Read(ConfigClient.DeviceName);
                        }

                        // if the device isn't associated with credentials, clear the queue, otherwise send the records
                        if (credentials != null && deviceId != null)
                        {
                            Send();
                        }
                        else
                        {
                            sendQueue.Clear();
                        }
                    }
                }
                catch (Exception ex)
                {
                    TraceLog.TraceException("GetVersionLoop failed", ex);
                }

                // sleep for a minute
                Thread.Sleep(60000);
            }
        }
Beispiel #3
0
        /// <summary>
        /// Start the upload client
        /// </summary>
        public static void Start()
        {
            lock (startLock)
            {
                if (!started)
                {
                    TraceLog.TraceInfo("Starting uploader");

                    // retrieve creds and device ID
                    credentials = ConfigClient.Read(ConfigClient.Credentials);
                    deviceId    = ConfigClient.Read(ConfigClient.DeviceId);
                    deviceName  = ConfigClient.Read(ConfigClient.DeviceName);

                    // start the uploader loop on a new thread
                    ThreadStart ts     = new ThreadStart(SendLoop);
                    Thread      thread = new Thread(ts);
                    uploadFlag = true;
                    thread.Start();
                    started = true;
                }
            }
        }
Beispiel #4
0
        /// <summary>
        /// Start a network capture
        /// </summary>
        public static void Start()
        {
            lock (startingLock)
            {
                try
                {
                    // Retrieve the device list
                    devices = CaptureDeviceList.Instance;

                    // If no devices were found print an error
                    if (devices.Count < 1)
                    {
                        var error = "No devices were found on this machine";
                        TraceLog.TraceFatal(error);
                        throw new Exception(error);
                    }

                    // if capture is started on all devices, nothing to do
                    var started = true;
                    foreach (var dev in devices)
                    {
                        if (!dev.Started || !string.IsNullOrEmpty(dev.LastError))
                        {
                            started = false;
                            break;
                        }
                    }
                    if (started)
                    {
                        return;
                    }

                    // Print SharpPcap version
                    string ver = SharpPcap.Version.VersionString;
                    TraceLog.TraceInfo(string.Format("Starting collector with version {0}", ver));

                    foreach (var device in devices)
                    {
                        // reset device if already started
                        if (device.Started)
                        {
                            TraceLog.TraceInfo(string.Format("Stopping {0} {1}", device.Name, device.Description));
                            device.OnPacketArrival -= new PacketArrivalEventHandler(device_OnPacketArrival);
                            device.StopCapture();
                            device.Close();
                        }

                        // Register our handler function to the 'packet arrival' event
                        device.OnPacketArrival +=
                            new PacketArrivalEventHandler(device_OnPacketArrival);

                        // Open the device for capturing
                        int readTimeoutMilliseconds = 1000;
                        device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);

                        TraceLog.TraceInfo(string.Format("Listening on {0} {1}",
                                                         device.Name, device.Description));

                        // DNS only
                        string filter = "udp dst port 53";
                        device.Filter = filter;

                        // Start the capturing process
                        device.StartCapture();
                    }

                    // get the device ID, and store it if it's not in the config file already
                    deviceId = ConfigClient.Read(ConfigClient.DeviceId);
                    if (deviceId == null)
                    {
                        deviceId = devices[0].MacAddress.ToString();
                        ConfigClient.Write(ConfigClient.DeviceId, deviceId);
                    }
                }
                catch (Exception ex)
                {
                    TraceLog.TraceException("FATAL: Start caught exception", ex);
                    throw ex;
                }
            }
        }