public override bool HandleSession(IPSession session) {
//List<Configuration.Setting> settings = Configuration.ParserConfiguration.Settings[Name()];
//foreach(Configuration.Setting setting in settings)
// logger.AddMessage("Using property {0} with value {1}", setting.Property, setting.Value);
PacketStream stream = session.GetNextStreamDirection();
if (session.RemoteEndpoint != null && ((session.RemoteEndpoint.Port == 1521) || (session.RemoteEndpoint.Port == redirPort))) {
//we're either connected to the standard Oracle port or the redirected port
}else
return false;
while (true) {
try {
TransactionNode transaction = new TransactionNode("OracleTransaction");
transaction.Description = transaction.Name;
TransactionNode tnsNode = ExtractTNSData(stream, StreamDirection.OUT);
if(tnsNode != null)
transaction.AddChild(tnsNode);
//response stream
stream = session.GetNextStreamDirection();
if (stream.GetBytesAvailable() != 0) {
tnsNode = ExtractTNSData(stream, StreamDirection.IN);
if(tnsNode != null)
transaction.AddChild(tnsNode);
}
if(transaction.Children.Count > 0)
session.AddNode(transaction);
//request stream (if exists)
stream = session.GetNextStreamDirection();
if(stream.GetBytesAvailable() == 0)
break;
} catch (EndOfStreamException) {
break;
}
}
return true;
}
private bool HandleSwitchboardSession(IPSession session)
{
List<PacketSlice> slices = new List<PacketSlice>(1);
logger.AddMessage(String.Format("\r\n\r\nparsing session with remote endpoint: {0}\r\n", session.RemoteEndpoint));
while (true)
{
PacketStream stream = session.GetNextStreamDirection();
if (stream.GetBytesAvailable() == 0)
{
stream = session.GetNextStreamDirection();
if (stream.GetBytesAvailable() == 0)
{
break;
}
}
IPPacket pkt = stream.CurPacket;
PacketDirection direction = pkt.Direction;
try
{
string line = stream.PeekLineUTF8();
// Split the line up into CMD and the rest (being arguments, if any)
string[] tokens = line.Split(new char[] { ' ' }, 2);
logger.AddMessage(String.Format("{0} parsing command '{1}' (line: {2})",
(direction == PacketDirection.PACKET_DIRECTION_INCOMING) ? "<<" : ">>",
tokens[0], line));
// Set cmd and create an array of arguments if present
string cmd = tokens[0];
string[] arguments = new string[0];
if (tokens.Length > 1)
{
arguments = tokens[1].Split(new char[] { ' ' });
}
// Create command node
TransactionNode node = new TransactionNode("MSNSBCommand");
node.Description = cmd;
// Command field
stream.ReadBytes(StaticUtils.GetUTF8ByteCount(tokens[0]), slices);
node.AddField("Command", tokens[0], "Switchboard command.", slices);
if (arguments.Length > 0)
{
// Skip space between command and arguments
stream.ReadByte();
stream.ReadBytes(StaticUtils.GetUTF8ByteCount(tokens[1]), slices);
// Arguments fields
node.AddField("Arguments", tokens[1], "Arguments to command.", slices);
}
// Skip CRLF
stream.ReadBytes(2);
// Is there a payload?
bool hasPayload = false;
if (arguments.Length > 0)
{
List<string> payloadCommands =
(direction == PacketDirection.PACKET_DIRECTION_OUTGOING) ? payloadCommandsFromClient : payloadCommandsFromServer;
hasPayload = payloadCommands.Contains(cmd);
}
if (hasPayload)
{
int payloadLength = -1;
try
{
payloadLength = (int)Convert.ToUInt32(arguments[arguments.Length - 1]);
}
catch (FormatException)
{
}
if (payloadLength > 0)
{
TransactionNode payloadNode = new TransactionNode(node, "Payload");
logger.AddMessage(String.Format("Parsing {0} bytes of payload", payloadLength));
PayloadFormat format = PayloadFormat.TEXT;
string cmdUpper = cmd.ToUpper();
if (payloadCommandFormats.ContainsKey(cmdUpper))
format = payloadCommandFormats[cmdUpper];
if (format == PayloadFormat.MESSAGE)
{
SBParseMSG(stream, payloadNode, payloadLength);
}
else
{
string body = stream.ReadStringUTF8(payloadLength, slices);
switch (format)
{
case PayloadFormat.SLP:
payloadNode.AddTextField("MSNSLP", body, "MSNSLP data.", slices);
break;
case PayloadFormat.XML:
payloadNode.AddXMLField("XML", body, "XML data.", slices);
break;
default:
payloadNode.AddTextField("Text", body, "Text.", slices);
break;
}
}
}
}
session.AddNode(node);
}
catch (EndOfStreamException e)
{
logger.AddMessage(String.Format("MSNSwitchboard: EOS at {0} ({1})", stream.Position, e));
break;
}
}
logger.AddMessage("done with session\r\n\r\n");
return true;
}
public override bool HandleSession(IPSession session)
{
logger.AddMessage(String.Format("session.LocalEndpoint={0}, session.RemoteEndpoint={1}",
session.LocalEndpoint, session.RemoteEndpoint));
if (session.RemoteEndpoint != null && session.RemoteEndpoint.Port == MSN_SB_PORT)
return HandleSwitchboardSession(session);
PacketStream stream = session.GetNextStreamDirection();
if (stream.GetBytesAvailable() < 8)
return false;
List<PacketSlice> lenSlices = new List<PacketSlice>(1);
UInt32 len = stream.ReadU32LE(lenSlices);
if (len != 4)
return false;
List<PacketSlice> contentSlices = new List<PacketSlice>(1);
string str = stream.ReadCStringASCII((int) len, contentSlices);
if (str != "foo")
return false;
TransactionNode magicNode = new TransactionNode("MSNP2PDirectMagic");
magicNode.Description = magicNode.Name;
magicNode.AddField("Length", len, "Magic length.", lenSlices);
magicNode.AddField("Magic", str, "Magic string.", contentSlices);
TransactionNode requestNode = ReadNextP2PDirectMessage(stream, "Request");
stream = session.GetNextStreamDirection();
TransactionNode responseNode = ReadNextP2PDirectMessage(stream, "Response");
TransactionNode handshakeNode = new TransactionNode("MSNP2PDirectHandshake");
handshakeNode.Description = handshakeNode.Name;
handshakeNode.AddChild(requestNode);
handshakeNode.AddChild(responseNode);
session.AddNode(magicNode);
session.AddNode(handshakeNode);
ReadAllP2PDirectMessages(session, session.GetNextStreamDirection());
ReadAllP2PDirectMessages(session, session.GetNextStreamDirection());
return true;
}
private void ReadAllP2PDirectMessages(IPSession session, PacketStream stream)
{
while (stream.GetBytesAvailable() > 0)
{
try
{
TransactionNode node = ReadNextP2PDirectMessage(stream, "MSNP2PDirectMessage");
session.AddNode(node);
}
catch (EndOfStreamException e)
{
logger.AddMessage(String.Format("MSNP2PDirect: EOS at {0} ({1})", stream.Position, e));
break;
}
}
}
public override bool HandleSession(IPSession session)
{
PacketStream stream = session.GetNextStreamDirection();
string line;
try
{
line = stream.PeekLineUTF8();
}
catch (EndOfStreamException)
{
return false;
}
string[] tokens = line.Split(new char[] { ' ' });
if (!tokens[tokens.Length - 1].StartsWith("HTTP/1."))
{
return false;
}
// At this point it should be safe enough to assume we're
// dealing with an HTTP session.
while (true)
{
try
{
TransactionNode transaction = new TransactionNode("HTTPTransaction");
TransactionNode request = ExtractHttpData(stream, HTTPTransactionType.REQUEST);
transaction.AddChild(request);
string desc = request.Description;
stream = session.GetNextStreamDirection();
if (stream.GetBytesAvailable() != 0)
{
TransactionNode response = ExtractHttpData(stream, HTTPTransactionType.RESPONSE);
transaction.AddChild(response);
if (response.Fields.ContainsKey("Result") &&
((string)response.Fields["Result"]).StartsWith("100 "))
{
response = ExtractHttpData(stream, HTTPTransactionType.RESPONSE, "Response2");
transaction.AddChild(response);
}
desc += " => " + response.Description;
}
transaction.Description = desc;
session.AddNode(transaction);
stream = session.GetNextStreamDirection();
if (stream.GetBytesAvailable() == 0)
break;
}
catch (EndOfStreamException)
{
logger.AddMessage("HTTP premature EOF");
break;
}
catch (ProtocolError)
{
logger.AddMessage("HTTP protocol error");
break;
}
}
return true;
}