public LLDPPacket(byte[] bytes, int offset, PosixTimeval timeval)
: base(timeval)
{
this.TlvCollection = new TLVCollection();
base.header = new ByteArraySegment(bytes, offset, bytes.Length - offset);
this.ParseByteArrayIntoTlvs(base.header.Bytes, base.header.Offset);
}
public ICMPv4Packet(byte[] Bytes, int Offset, PosixTimeval Timeval)
: base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, ICMPv4Fields.HeaderLength);
base.payloadPacketOrData = new PacketOrByteArraySegment();
base.payloadPacketOrData.TheByteArraySegment = base.header.EncapsulatedBytes();
}
public IPv6Packet(byte[] Bytes, int Offset, PosixTimeval Timeval)
: base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, 40);
base.header.Length = (Bytes.Length - Offset) - this.PayloadLength;
base.payloadPacketOrData = IpPacket.ParseEncapsulatedBytes(base.header, this.NextHeader, Timeval, this);
}
public TcpPacket(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, Bytes.Length - Offset);
base.header.Length = this.DataOffset * 4;
base.payloadPacketOrData = new PacketOrByteArraySegment();
base.payloadPacketOrData.TheByteArraySegment = base.header.EncapsulatedBytes();
}
public TcpPacket(byte[] Bytes, int Offset, PosixTimeval Timeval)
: base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, Bytes.Length - Offset);
base.header.Length = this.DataOffset * 4;
base.payloadPacketOrData = new PacketOrByteArraySegment();
base.payloadPacketOrData.TheByteArraySegment = base.header.EncapsulatedBytes();
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="LinkLayerType">
/// A <see cref="LinkLayers"/>
/// </param>
/// <param name="Timeval">
/// A <see cref="PosixTimeval"/>
/// </param>
/// <param name="Data">
/// A <see cref="System.Byte"/>
/// </param>
public RawCapture(LinkLayers LinkLayerType,
PosixTimeval Timeval,
byte[] Data)
{
this.LinkLayerType = LinkLayerType;
this.Timeval = Timeval;
this.Data = Data;
}
public override bool Equals(object obj)
{
if ((obj == null) || (base.GetType() != obj.GetType()))
{
return(false);
}
PosixTimeval timeval = (PosixTimeval)obj;
return((this.Seconds == timeval.Seconds) && (this.MicroSeconds == timeval.MicroSeconds));
}
public TcpPacket(byte[] Bytes, int Offset, PosixTimeval Timeval, Packet ParentPacket) : this(Bytes, Offset, Timeval)
{
this.ParentPacket = ParentPacket;
if (this.ParentPacket is IPv4Packet)
{
IPv4Packet parentPacket = (IPv4Packet)this.ParentPacket;
int num = parentPacket.TotalLength - (parentPacket.HeaderLength * 4);
int num2 = num - this.Header.Length;
base.payloadPacketOrData.TheByteArraySegment.Length = num2;
}
}
public IPv4Packet(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, Bytes.Length - Offset);
if (this.TotalLength < 20)
{
object[] objArray1 = new object[] { "TotalLength ", this.TotalLength, " < HeaderMinimumLength ", 20 };
throw new InvalidOperationException(string.Concat(objArray1));
}
base.header.Length = this.HeaderLength * 4;
base.payloadPacketOrData = IpPacket.ParseEncapsulatedBytes(base.header, this.NextHeader, Timeval, this);
}
public IPv4Packet(byte[] Bytes, int Offset, PosixTimeval Timeval)
: base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, Bytes.Length - Offset);
if (this.TotalLength < 20)
{
object[] objArray1 = new object[] { "TotalLength ", this.TotalLength, " < HeaderMinimumLength ", 20 };
throw new InvalidOperationException(string.Concat(objArray1));
}
base.header.Length = this.HeaderLength * 4;
base.payloadPacketOrData = IpPacket.ParseEncapsulatedBytes(base.header, this.NextHeader, Timeval, this);
}
public TcpPacket(byte[] Bytes, int Offset, PosixTimeval Timeval, Packet ParentPacket)
: this(Bytes, Offset, Timeval)
{
this.ParentPacket = ParentPacket;
if (this.ParentPacket is IPv4Packet)
{
IPv4Packet parentPacket = (IPv4Packet) this.ParentPacket;
int num = parentPacket.TotalLength - (parentPacket.HeaderLength * 4);
int num2 = num - this.Header.Length;
base.payloadPacketOrData.TheByteArraySegment.Length = num2;
}
}
public static Packet ParsePacket(LinkLayers LinkLayer, PosixTimeval Timeval, byte[] PacketData)
{
LinkLayers layers = LinkLayer;
if (layers != LinkLayers.Ethernet)
{
if (layers != LinkLayers.LinuxSLL)
{
throw new NotImplementedException("LinkLayer of " + LinkLayer + " is not implemented");
}
return(new LinuxSLLPacket(PacketData, 0, Timeval));
}
return(new EthernetPacket(PacketData, 0, Timeval));
}
public void ReportStatistics(SharpPcap.WinPcap.StatisticsModePacket statsPacket, PosixTimeval lastTimeval,string sensorId)
{
Console.WriteLine("stats packet:\t" + statsPacket.RecievedPackets + "\t" + statsPacket.RecievedBytes + "\t" + statsPacket.Timeval.CompareTo(lastTimeval));
}
/// <summary>
/// Search through all the frag we have collected to see if one fits
/// </summary>
/// <param name="net_src"></param>
/// <param name="net_dst"></param>
/// <param name="srcport"></param>
/// <param name="dstport"></param>
/// <param name="index"></param>
/// <param name="timestamp"></param>
/// <param name="acknowledged"></param>
/// <returns></returns>
private bool CheckFragments(long net_src,
long net_dst,
uint srcport,
uint dstport,
int index,
PosixTimeval timestamp,
uint acknowledged)
{
try
{
tcp_frag prev = null;
tcp_frag current;
ulong lowest_seq;
current = _frags[index];
if (current != null)
{
lowest_seq = current.seq;
while (current != null)
{
if ((lowest_seq > current.seq))
{
lowest_seq = current.seq;
}
if (current.seq < _seq[index])
{
ulong newseq;
/* this sequence number seems dated, but
check the end to make sure it has no more
info than we have already seen */
newseq = current.seq + current.len;
if (newseq > _seq[index])
{
ulong new_pos;
/* this one has more than we have seen. let's get the
payload that we have not seen. This happens when
part of this frame has been retransmitted */
new_pos = _seq[index] - current.seq;
if (current.data_len > new_pos)
{
//sc->dlen = current.data_len - new_pos;
byte[] tmpData = new byte[current.data_len - new_pos];
Buffer.BlockCopy(current.data, (int)new_pos, tmpData, 0, (int)(current.data_len - new_pos));
SavePacketData(net_src,
net_dst,
srcport,
dstport,
index,
tmpData,
timestamp);
}
_seq[index] += (current.len - new_pos);
}
/* Remove the fragment from the list as the "new" part of it
* has been processed or its data has been seen already in
* another packet. */
if (prev != null)
{
prev.next = current.next;
}
else
{
_frags[index] = current.next;
}
return true;
}
if (current.seq == _seq[index])
{
/* this fragment fits the stream */
if (current.data != null)
{
SavePacketData(net_src,
net_dst,
srcport,
dstport,
index,
current.data,
timestamp);
}
_seq[index] += current.len;
if (prev != null)
{
prev.next = current.next;
}
else
{
_frags[index] = current.next;
}
current.data = null;
current = null;
return true;
}
prev = current;
current = current.next;
}
if (acknowledged > lowest_seq)
{
/* There are frames missing in the capture file that were seen
* by the receiving host. Add dummy stream chunk with the data
* "[xxx bytes missing in capture file]".
*/
//dummy_str = g_strdup_printf("[%d bytes missing in capture file]",
// (int)(lowest_seq - seq[idx]));
//sc->dlen = (guint32)strlen(dummy_str);
byte[] dummyData = new byte[(lowest_seq - _seq[index])];
SavePacketData(net_src,
net_dst,
srcport,
dstport,
index,
dummyData,
timestamp);
_seq[index] = lowest_seq;
return true;
}
}
return false;
}
catch (Exception ex)
{
//this.Log().Error(ex.ToString());
return false;
}
}
/// <summary>
/// Writes the payload data to the database
/// </summary>
/// <param name="net_src"></param>
/// <param name="net_dst"></param>
/// <param name="srcport"></param>
/// <param name="dstport"></param>
/// <param name="index"></param>
/// <param name="data"></param>
/// <param name="timestamp"></param>
private void SavePacketData(long net_src,
long net_dst,
uint srcport,
uint dstport,
int index,
byte[] data,
PosixTimeval timestamp)
{
try
{
// Ignore empty packets
if (data.Length == 0)
{
return;
}
if (data.Length == 1)
{
if (data[0] == 0)
{
return;
}
}
PacketWritten = true;
PreviousPacketEndOffset = CurrentOffset;
CurrentOffset += data.Length;
DataSize += data.Length;
_storage.Write(data, 0, data.Length);
bool isOutBound = false;
if (index == 0)
{
isOutBound = true;
}
}
catch (Exception ex)
{
//this.Log().Error(ex.ToString());
}
}
public InternetPacket(PosixTimeval Timeval)
: base(Timeval)
{
}
public UdpPacket(byte[] Bytes, int Offset, PosixTimeval Timeval, Packet ParentPacket) : this(Bytes, Offset, Timeval)
{
this.ParentPacket = ParentPacket;
}
public Packet(PosixTimeval timeval)
{
this.timeval = timeval;
}
public InternetPacket(PosixTimeval Timeval) : base(Timeval)
{
}
// The callback function for the SharpPcap library
private void device_PcapOnPacketArrival(object sender, CaptureEventArgs e)
{
Packet packet;
try
{
packet = PacketDotNet.Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
}
catch (Exception ex)
{
//System.Console.Write(ex.Message); //todo: sometimes get error raw packet not implemented?
return;
}
if (firstTimeStamp == 0)
{
firstTimeStamp = decimal.Parse(e.Packet.Timeval.Seconds.ToString() + "." + e.Packet.Timeval.MicroSeconds.ToString());
}
totalPackets++;
UdpPacket udpPacket = (UdpPacket)packet.Extract(typeof(UdpPacket));
if (udpPacket != null)
{
HandleDNS(udpPacket);
return;
}
IpPacket ipPacket = (IpPacket)packet.Extract(typeof(IpPacket));
TcpPacket tcpPacket = (TcpPacket)packet.Extract(typeof(TcpPacket));
if (tcpPacket == null) return;
totalTCPPackets++;
Connection c = new Connection(tcpPacket);
TcpRecon recon = null;
curPacket = tcpPacket;
curPacketTime = e.Packet.Timeval;
if (!sharpPcapDict.ContainsKey(c))
{
c.generateFileName(outDir);
recon = new TcpRecon(c.fileName);
recon.LastSourcePort = tcpPacket.SourcePort;
recon.StreamStartTimeStamp = e.Packet.Timeval.Seconds.ToString() + "." + e.Packet.Timeval.MicroSeconds.ToString();
decimal curTime = decimal.Parse(recon.StreamStartTimeStamp);
recon.relativeTimeStamp = (curTime - firstTimeStamp).ToString();
sharpPcapDict.Add(c, recon);
if (!IPExists("tcp: " + ipPacket.DestinationAddress)) ips.Add("tcp: " + ipPacket.DestinationAddress);
if (!IPExists("tcp: " + ipPacket.SourceAddress)) ips.Add("tcp: " + ipPacket.SourceAddress);
owner.Invoke(NewStream, recon);
}else{
recon = sharpPcapDict[c];
}
//can contain fragments and out of order packets
recon.ReassemblePacket(ipPacket.SourceAddress.Address,
ipPacket.DestinationAddress.Address,
tcpPacket, e.Packet.Timeval);
if (recon.PacketWritten) //reassembly/reordering complete data was saved this time..
{
if (recon.LastSourcePort != tcpPacket.SourcePort) //previous entry is now complete so lets add it.
{
AddNewNode(recon);
recon.LastSourcePort = tcpPacket.SourcePort;
}
}
}
public EthernetPacket(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, EthernetFields.HeaderLength);
base.payloadPacketOrData = ParseEncapsulatedBytes(base.header, this.Type, Timeval);
}
public LinuxSLLPacket(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, LinuxSLLFields.SLLHeaderLength);
base.payloadPacketOrData = EthernetPacket.ParseEncapsulatedBytes(base.header, this.EthernetProtocolType, Timeval);
}
public ApplicationPacket(PosixTimeval Timeval) : base(Timeval)
{
}
public DataLinkPacket(PosixTimeval Timeval) : base(Timeval)
{
}
public ApplicationPacket(PosixTimeval Timeval)
: base(Timeval)
{
}
public ICMPv6Packet(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, Bytes.Length - Offset);
}
public IGMPv2Packet(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
throw new NotImplementedException();
}
internal static PacketOrByteArraySegment ParseEncapsulatedBytes(ByteArraySegment Header, EthernetPacketType Type, PosixTimeval Timeval)
{
ByteArraySegment segment = Header.EncapsulatedBytes();
PacketOrByteArraySegment segment2 = new PacketOrByteArraySegment();
EthernetPacketType type = Type;
if (type != EthernetPacketType.IpV4)
{
if (type == EthernetPacketType.Arp)
{
segment2.ThePacket = new ARPPacket(segment.Bytes, segment.Offset, Timeval);
return(segment2);
}
if (type == EthernetPacketType.IpV6)
{
segment2.ThePacket = new IPv6Packet(segment.Bytes, segment.Offset, Timeval);
return(segment2);
}
if (type == EthernetPacketType.PointToPointProtocolOverEthernetSessionStage)
{
segment2.ThePacket = new PPPoEPacket(segment.Bytes, segment.Offset, Timeval);
return(segment2);
}
if (type == EthernetPacketType.LLDP)
{
segment2.ThePacket = new LLDPPacket(segment.Bytes, segment.Offset, Timeval);
return(segment2);
}
segment2.TheByteArraySegment = segment;
return(segment2);
}
segment2.ThePacket = new IPv4Packet(segment.Bytes, segment.Offset, Timeval);
return(segment2);
}
internal static PacketOrByteArraySegment ParseEncapsulatedBytes(ByteArraySegment Header, EthernetPacketType Type, PosixTimeval Timeval)
{
ByteArraySegment segment = Header.EncapsulatedBytes();
PacketOrByteArraySegment segment2 = new PacketOrByteArraySegment();
EthernetPacketType type = Type;
if (type != EthernetPacketType.IpV4)
{
if (type == EthernetPacketType.Arp)
{
segment2.ThePacket = new ARPPacket(segment.Bytes, segment.Offset, Timeval);
return segment2;
}
if (type == EthernetPacketType.IpV6)
{
segment2.ThePacket = new IPv6Packet(segment.Bytes, segment.Offset, Timeval);
return segment2;
}
if (type == EthernetPacketType.PointToPointProtocolOverEthernetSessionStage)
{
segment2.ThePacket = new PPPoEPacket(segment.Bytes, segment.Offset, Timeval);
return segment2;
}
if (type == EthernetPacketType.LLDP)
{
segment2.ThePacket = new LLDPPacket(segment.Bytes, segment.Offset, Timeval);
return segment2;
}
segment2.TheByteArraySegment = segment;
return segment2;
}
segment2.ThePacket = new IPv4Packet(segment.Bytes, segment.Offset, Timeval);
return segment2;
}
public IGMPv2Packet(byte[] Bytes, int Offset, PosixTimeval Timeval)
: base(Timeval)
{
throw new NotImplementedException();
}
public ARPPacket(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, ARPFields.HeaderLength);
}
public ICMPv6Packet(byte[] Bytes, int Offset, PosixTimeval Timeval)
: base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, Bytes.Length - Offset);
}
public DataLinkPacket(PosixTimeval Timeval)
: base(Timeval)
{
}
public UdpPacket(byte[] Bytes, int Offset, PosixTimeval Timeval, Packet ParentPacket)
: this(Bytes, Offset, Timeval)
{
this.ParentPacket = ParentPacket;
}
public RawPacket(LinkLayers LinkLayerType, PosixTimeval Timeval, byte[] Data)
{
this.LinkLayerType = LinkLayerType;
this.Timeval = Timeval;
this.Data = Data;
}
public IpPacket(PosixTimeval Timeval) : base(Timeval)
{
this.DefaultTimeToLive = 0x40;
}
public InternetLinkLayerPacket(PosixTimeval timeval) : base(timeval)
{
}
public SessionPacket(PosixTimeval Timeval) : base(Timeval)
{
}
public void ReassemblePacket(long srcIP, long dstIP, TcpPacket tcpPacket, PosixTimeval timeVal)
{
try
{
ushort sourcePort = 0;
ushort destinationPort = 0;
//if (proto == IPProtocolType.TCP) {
PacketWritten = false;
sourcePort = tcpPacket.SourcePort;
destinationPort = tcpPacket.DestinationPort;
// If the payload length is zero bail out
ulong length = (ulong)(tcpPacket.PayloadData.Length);
if (length == 0)
{
//Console.WriteLine("Invalid length (TCP): " + ip.Source.ToString() + "#" + ip.Destination.ToString());
//return;
}
if (tcpPacket.Fin == true)
{
this.HasFin = true;
}
ReassembleTcp((ulong)tcpPacket.SequenceNumber,
tcpPacket.AcknowledgmentNumber,
length,
tcpPacket.PayloadData,
(ulong)tcpPacket.PayloadData.Length,
tcpPacket.Syn,
srcIP,
dstIP,
(uint)tcpPacket.SourcePort,
(uint)tcpPacket.DestinationPort,
timeVal);
//}
if (TimestampFirstPacket == null)
{
TimestampFirstPacket = timeVal;
}
TimestampLastPacket = timeVal;
}
catch (Exception ex)
{
//this.Log().Error(ex.ToString());
}
}
public LinuxSLLPacket(byte[] Bytes, int Offset, PosixTimeval Timeval)
: base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, LinuxSLLFields.SLLHeaderLength);
base.payloadPacketOrData = EthernetPacket.ParseEncapsulatedBytes(base.header, this.EthernetProtocolType, Timeval);
}
/// <summary>
/// Reconstructs the tcp session
/// </summary>
/// <param name="sequence">Sequence number of the tcp packet</param>
/// <param name="length">The size of the original packet data</param>
/// <param name="data">The captured data</param>
/// <param name="data_length">The length of the captured data</param>
/// <param name="synflag"></param>
/// <param name="net_src">The source ip address</param>
/// <param name="net_dst">The destination ip address</param>
/// <param name="srcport">The source port</param>
/// <param name="dstport">The destination port</param>
/// <param name="timestamp">Packet timestamp</param>
private void ReassembleTcp(ulong sequence,
uint acknowledgement,
ulong length,
byte[] data,
ulong data_length,
bool synflag,
long net_src,
long net_dst,
uint srcport,
uint dstport,
PosixTimeval timestamp)
{
try
{
long srcx, dstx;
int src_index, j;
bool first = false;
ulong newseq;
tcp_frag tmp_frag;
src_index = -1;
/* Now check if the packet is for this connection. */
srcx = net_src;
dstx = net_dst;
/* Check to see if we have seen this source IP and port before.
(Yes, we have to check both source IP and port; the connection
might be between two different ports on the same machine.) */
for (j = 0; j < 2; j++)
{
if (_srcAddr[j] == srcx && _srcPort[j] == srcport)
{
src_index = j;
//break;
}
}
/* we didn't find it if src_index == -1 */
if (src_index < 0)
{
/* assign it to a src_index and get going */
for (j = 0; j < 2; j++)
{
if (_srcPort[j] == 0)
{
_srcAddr[j] = srcx;
_srcPort[j] = srcport;
src_index = j;
first = true;
break;
}
}
}
if (src_index < 0)
{
throw new Exception("Too many addresses!");
}
/* Before adding data for this flow to the data_out_file, check whether
* this frame acks fragments that were already seen. This happens when
* frames are not in the capture file, but were actually seen by the
* receiving host (Fixes bug 592).
*/
if (_frags[1 - src_index] != null)
{
while (CheckFragments(net_src,
net_dst,
srcport,
dstport,
1 - src_index,
timestamp,
acknowledgement)) ;
}
/* now that we have filed away the srcs, lets get the sequence number stuff figured out */
if (first)
{
/* this is the first time we have seen this src's sequence number */
_seq[src_index] = sequence + length;
if (synflag)
{
_seq[src_index]++;
}
SavePacketData(net_src,
net_dst,
srcport,
dstport,
src_index,
data,
timestamp);
return;
}
/* if we are here, we have already seen this src, let's
try and figure out if this packet is in the right place */
if (sequence < _seq[src_index])
{
/* this sequence number seems dated, but
check the end to make sure it has no more
info than we have already seen */
newseq = sequence + length;
if (newseq > _seq[src_index])
{
ulong new_len;
/* this one has more than we have seen. let's get the
payload that we have not seen. */
new_len = _seq[src_index] - sequence;
if (data_length <= new_len)
{
data = null;
data_length = 0;
}
else
{
data_length -= new_len;
byte[] tmpData = new byte[data_length];
Buffer.BlockCopy(data, (int)new_len, tmpData, 0, (int)data_length);
//for (ulong i = 0; i < data_length; i++)
//{
// tmpData[i] = data[i + new_len];
//}
data = tmpData;
}
sequence = _seq[src_index];
length = newseq - _seq[src_index];
/* this will now appear to be right on time :) */
}
}
if (sequence == _seq[src_index])
{
/* right on time */
_seq[src_index] += length;
if (synflag)
{
_seq[src_index]++;
}
if (data != null)
{
SavePacketData(net_src,
net_dst,
srcport,
dstport,
src_index,
data,
timestamp);
}
/* done with the packet, see if it caused a fragment to fit */
while (CheckFragments(net_src,
net_dst,
srcport,
dstport,
src_index,
timestamp,
acknowledgement)) ;
}
else
{
/* out of order packet */
if (data_length > 0 && sequence > _seq[src_index])
{
tmp_frag = new tcp_frag();
tmp_frag.data = data;
tmp_frag.seq = sequence;
tmp_frag.len = length;
tmp_frag.data_len = data_length;
if (_frags[src_index] != null)
{
tmp_frag.next = _frags[src_index];
}
else
{
tmp_frag.next = null;
}
_frags[src_index] = tmp_frag;
}
}
}
catch (Exception ex)
{
//this.Log().Error(ex.ToString());
}
}
internal static PacketOrByteArraySegment ParseEncapsulatedBytes(ByteArraySegment Header, PosixTimeval Timeval)
{
ByteArraySegment segment = Header.EncapsulatedBytes();
return(new PacketOrByteArraySegment {
ThePacket = new PPPPacket(segment.Bytes, segment.Offset, Timeval)
});
}
public ICMPv4Packet(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, ICMPv4Fields.HeaderLength);
base.payloadPacketOrData = new PacketOrByteArraySegment();
base.payloadPacketOrData.TheByteArraySegment = base.header.EncapsulatedBytes();
}
public PPPPacket(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, PPPFields.HeaderLength);
base.payloadPacketOrData = ParseEncapsulatedBytes(base.header, Timeval, this.Protocol);
}
public LLDPPacket(byte[] bytes, int offset, PosixTimeval timeval) : base(timeval)
{
this.TlvCollection = new TLVCollection();
base.header = new ByteArraySegment(bytes, offset, bytes.Length - offset);
this.ParseByteArrayIntoTlvs(base.header.Bytes, base.header.Offset);
}
public SessionPacket(PosixTimeval Timeval)
: base(Timeval)
{
}
public IPv6Packet(byte[] Bytes, int Offset, PosixTimeval Timeval) : base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, 40);
base.header.Length = (Bytes.Length - Offset) - this.PayloadLength;
base.payloadPacketOrData = IpPacket.ParseEncapsulatedBytes(base.header, this.NextHeader, Timeval, this);
}
public Packet(PosixTimeval timeval)
{
this.timeval = timeval;
}
public EthernetPacket(byte[] Bytes, int Offset, PosixTimeval Timeval)
: base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, EthernetFields.HeaderLength);
base.payloadPacketOrData = ParseEncapsulatedBytes(base.header, this.Type, Timeval);
}
public InternetLinkLayerPacket(PosixTimeval timeval)
: base(timeval)
{
}
public ARPPacket(byte[] Bytes, int Offset, PosixTimeval Timeval)
: base(Timeval)
{
base.header = new ByteArraySegment(Bytes, Offset, ARPFields.HeaderLength);
}
internal static PacketOrByteArraySegment ParseEncapsulatedBytes(ByteArraySegment Header, PosixTimeval Timeval)
{
ByteArraySegment segment = Header.EncapsulatedBytes();
return new PacketOrByteArraySegment { ThePacket = new PPPPacket(segment.Bytes, segment.Offset, Timeval) };
}
public TransportPacket(PosixTimeval Timeval) : base(Timeval)
{
}
internal static PacketOrByteArraySegment ParseEncapsulatedBytes(ByteArraySegment Header, IPProtocolType ProtocolType, PosixTimeval Timeval, Packet ParentPacket)
{
ByteArraySegment segment = Header.EncapsulatedBytes();
PacketOrByteArraySegment segment2 = new PacketOrByteArraySegment();
IPProtocolType type = ProtocolType;
if (type == IPProtocolType.ICMP)
{
segment2.ThePacket = new ICMPv4Packet(segment.Bytes, segment.Offset, Timeval);
return(segment2);
}
if (type != IPProtocolType.TCP)
{
if (type == IPProtocolType.UDP)
{
segment2.ThePacket = new UdpPacket(segment.Bytes, segment.Offset, Timeval, ParentPacket);
return(segment2);
}
if (type == IPProtocolType.ICMPV6)
{
segment2.ThePacket = new ICMPv6Packet(segment.Bytes, segment.Offset, Timeval);
return(segment2);
}
segment2.TheByteArraySegment = segment;
return(segment2);
}
segment2.ThePacket = new TcpPacket(segment.Bytes, segment.Offset, Timeval, ParentPacket);
return(segment2);
}
internal static PacketOrByteArraySegment ParseEncapsulatedBytes(ByteArraySegment Header, PosixTimeval Timeval, PPPProtocol Protocol)
{
ByteArraySegment segment = Header.EncapsulatedBytes();
PacketOrByteArraySegment segment2 = new PacketOrByteArraySegment();
PPPProtocol protocol = Protocol;
if (protocol != PPPProtocol.IPv4)
{
if (protocol != PPPProtocol.IPv6)
{
throw new NotImplementedException("Protocol of " + Protocol + " is not implemented");
}
}
else
{
segment2.ThePacket = new IPv4Packet(segment.Bytes, segment.Offset, Timeval);
return(segment2);
}
segment2.ThePacket = new IPv6Packet(segment.Bytes, segment.Offset, Timeval);
return(segment2);
}
public static Packet ParsePacket(LinkLayers LinkLayer, PosixTimeval Timeval, byte[] PacketData)
{
LinkLayers layers = LinkLayer;
if (layers != LinkLayers.Ethernet)
{
if (layers != LinkLayers.LinuxSLL)
{
throw new NotImplementedException("LinkLayer of " + LinkLayer + " is not implemented");
}
return new LinuxSLLPacket(PacketData, 0, Timeval);
}
return new EthernetPacket(PacketData, 0, Timeval);
}