/// <summary> /// Starts a pass thru thread. /// </summary> /// <param name="filter">The filter.</param> /// <param name="waitHandles">The wait handles.</param> /// <param name="networkAdapters">The network adapters.</param> /// <param name="waitHandlesManualResetEvents">The wait handles manual reset events.</param> private static void PassThruThread(NdisApi filter, WaitHandle[] waitHandles, IReadOnlyList <NetworkAdapter> networkAdapters, IReadOnlyList <ManualResetEvent> waitHandlesManualResetEvents) { var ndisApiHelper = new NdisApiHelper(); var ethPackets = ndisApiHelper.CreateEthMRequest(); while (true) { var handle = WaitHandle.WaitAny(waitHandles); ethPackets.AdapterHandle = networkAdapters[handle].Handle; while (filter.ReadPackets(ref ethPackets)) { var packets = ethPackets.Packets; for (int i = 0; i < ethPackets.PacketsCount; i++) { var ethPacket = packets[i].GetEthernetPacket(ndisApiHelper); if (ethPacket.PayloadPacket is IPv4Packet iPv4Packet) { if (iPv4Packet.PayloadPacket is TcpPacket tcpPacket) { Console.WriteLine($"{iPv4Packet.SourceAddress}:{tcpPacket.SourcePort} -> {iPv4Packet.DestinationAddress}:{tcpPacket.DestinationPort}."); } } } filter.SendPackets(ref ethPackets); ethPackets.PacketsCount = 0; } waitHandlesManualResetEvents[handle].Reset(); } }
public static void PassThruThread(NdisApi filter, WaitHandle[] waitHandles, IReadOnlyList <NetworkAdapter> networkAdapters, IReadOnlyList <ManualResetEvent> waitHandlesManualResetEvents) { int port = 0; string ip = ""; var ndisApiHelper = new NdisApiHelper(); var ethRequest = ndisApiHelper.CreateEthRequest(); Console.WriteLine("\nChoose the mode"); //Console.WriteLine("\n1. Show all connections"); Console.WriteLine("\n1. Close connections by source port" + "\n2. Close connections by source IP" + "\n3. Close connections by destination port" + "\n4. Close connections by destination IP" + "\n5. Close all connections"); var mode = int.Parse(Console.ReadLine()); if (mode == 1 | mode == 3) { Console.WriteLine("\nEnter a port:"); port = int.Parse(Console.ReadLine()); } if (mode == 2 | mode == 4) { Console.WriteLine("\nEnter an IP:"); ip = (Console.ReadLine()); } while (true) { var handle = WaitHandle.WaitAny(waitHandles); ethRequest.AdapterHandle = networkAdapters[handle].Handle; while (filter.ReadPacket(ref ethRequest)) { var ethPacket = ethRequest.Packet.GetEthernetPacket(ndisApiHelper); if (ethPacket.PayloadPacket is IPv4Packet iPv4Packet) { if (iPv4Packet.PayloadPacket is TcpPacket tcpPacket) { if (mode == 1 && tcpPacket.SourcePort == port) { Console.WriteLine($"{iPv4Packet.SourceAddress}:{tcpPacket.SourcePort} -> { iPv4Packet.DestinationAddress}:{ tcpPacket.DestinationPort}."); continue; } if (mode == 3 && tcpPacket.DestinationPort == port) { Console.WriteLine($"{iPv4Packet.SourceAddress}:{tcpPacket.SourcePort} -> { iPv4Packet.DestinationAddress}:{ tcpPacket.DestinationPort}."); continue; } if (mode == 2 && iPv4Packet.SourceAddress == IPAddress.Parse(ip)) { Console.WriteLine($"{iPv4Packet.SourceAddress}:{tcpPacket.SourcePort} -> { iPv4Packet.DestinationAddress}:{ tcpPacket.DestinationPort}."); continue; } if (mode == 4 && iPv4Packet.DestinationAddress == IPAddress.Parse(ip)) { Console.WriteLine($"{iPv4Packet.SourceAddress}:{tcpPacket.SourcePort} -> { iPv4Packet.DestinationAddress}:{ tcpPacket.DestinationPort}."); continue; } if (mode == 5) { Console.WriteLine($"{iPv4Packet.SourceAddress}:{tcpPacket.SourcePort} -> { iPv4Packet.DestinationAddress}:{ tcpPacket.DestinationPort}."); continue; } } } filter.SendPacket(ref ethRequest); } waitHandlesManualResetEvents[handle].Reset(); } }
/// <summary> /// Gets the ethernet packet. /// </summary> /// <param name="packet">The packet.</param> /// <param name="ndisApiHelper">The optional Ndis API helper. Should be passed for best performance.</param> /// <returns><see cref="EthernetPacket" /> if possible; <c>null</c> otherwise.</returns> public static EthernetPacket GetEthernetPacket(this NdisApi.NDISRD_ETH_Packet packet, NdisApiHelper ndisApiHelper = null) { if (ndisApiHelper != null) { try { var pinnedArray = ndisApiHelper.GetPinnedArray(packet.Buffer); return(new EthernetPacket(new ByteArraySegment(pinnedArray, NdisApi.IntermediateBufferBufferOffset, NdisApi.MAX_ETHER_FRAME))); } catch { // This can occur when you've unpinned the array. // In this case, return null, as the code below will be invalid as well. return(null); } } return(new EthernetPacket(new ByteArraySegment(packet.GetIntermediateBuffer().Buffer))); }