/// <summary>
/// Saves flow table to JSON output file.
/// </summary>
/// <param name="v"></param>
/// <param name="table"></param>
private static void SaveToJson(string filename, FlowTable table)
{
using (var file = File.CreateText(filename))
using (var writer = new JsonTextWriter(file))
{
writer.WriteStartArray();
foreach (var(flow, index) in table.Entries.Select((x, i) => (x, i + 1)))
{
var jObject = new JObject
{
{ "Id", index },
{ "Protocol", flow.Key.Protocol.ToString() },
{ "SourceAddress", flow.Key.SourceEndpoint.Address.ToString() },
{ "SourcePort", flow.Key.SourceEndpoint.Port },
{ "DestinationAddress", flow.Key.DestinationEndpoint.Address.ToString() },
{ "DestinationPort", flow.Key.DestinationEndpoint.Port },
{ "FirstSeen", flow.Value.FirstSeen },
{ "LastSeen", flow.Value.LastSeen },
{ "Octets", flow.Value.Octets },
{ "Packets", flow.Value.Packets }
};
jObject.WriteTo(writer);
}
writer.WriteEndArray();
}
}
/// <summary>
/// Initializes the model required
/// </summary>
public DiagramController()
{
validatepermissions = new validatePermissions();
DiagramModel = new DiagramTable();
ProcessModel = new ProcessesTable();
HardwareModel = new HardwareTable();
FlowModel = new FlowTable();
hardwareReferenceTable = new HardwareReferenceTable();
}
/// <summary>
/// Saves content of each flow to the specified folder.
/// </summary>
/// <param name="folder"></param>
/// <param name="table"></param>
private static void SaveFlows(string folder, FlowTable table)
{
foreach (var(flow, index) in table.Entries.Select((x, i) => (x, i + 1)))
{
var path = Path.Combine(folder, index.ToString()) + ".pcap";
var pcapfile = new CaptureFileWriterDevice(path);
foreach (var(packet, time) in flow.Value.PacketList)
{
pcapfile.Write(new RawCapture(linkLayers, time, packet.Bytes));
}
}
}
/// <summary>
/// Processes the provided packet and creates or updates the corresponding flow.
/// </summary>
public void ProcessFrame(FrameData frame)
{
if (frame == null)
{
return;
}
TotalFrameCount++;
var key = m_keyProvider.GetKey(frame);
if (FlowTable.TryGetValue(key, out var value))
{
PacketFlowUpdate(value, frame);
}
else
{
var flowUid = string.Empty;
FlowTable[key] = PacketFlowFrom(key, frame, flowUid);
}
}
void PrintTable(Stopwatch sw, FlowTable table, int packets, int parserErrors)
{
Console.Clear();
Console.WriteLine($"Time: {sw.Elapsed}");
Console.WriteLine($"Packets: {packets} ");
Console.WriteLine($"Flows: {table.Count} ");
Console.WriteLine($"Errors: {parserErrors}");
Console.WriteLine();
try
{
table.Enter();
var top = from t in table.Entries
orderby t.Value.Octets descending
select t;
Console.WriteLine($"Proto | Source | Destination | Pckts | Octets | Start | Duration |");
foreach (var flow in top.Take(10))
{
Console.WriteLine($"{flow.Key.Protocol,5} | {flow.Key.SourceEndpoint,-24} | {flow.Key.DestinationEndpoint,-24} | {flow.Value.Packets,5} | {flow.Value.Octets,9} | {flow.Value.FirstSeen,9} | {flow.Value.LastSeen - flow.Value.FirstSeen,9} |");
}
}
finally { table.Exit(); }
}
private static void SaveCombinedFlows(string folder, FlowTable table)
{
var indexedFlows = table.Entries.Select((flow, i) => (flow, i + 1));
Parallel.ForEach(indexedFlows, WriteFlow(folder));
}
