public static MIB_TCPROW_OWNER_PID[] GetTable() { MIB_TCPROW_OWNER_PID[] tTable; int AF_INET = 2; int buffSize = 0; uint ret = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL); IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { ret = GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL); if (ret != 0) { return(null); } MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries)); tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries]; for (int i = 0; i < tab.dwNumEntries; i++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); tTable[i] = tcpRow; rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); } } finally { Marshal.FreeHGlobal(buffTable); } return(tTable); }
public static MIB_TCPROW_OWNER_PID[] GetAllTcpConnections() { MIB_TCPROW_OWNER_PID[] tTable; int AF_INET = 2; // IP_v4 int buffSize = 0; // how much memory do we need? uint ret = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); if (ret != 0 && ret != 122) // 122 insufficient buffer size { throw new Exception("bad ret on check " + ret); } IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { ret = GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); if (ret != 0) { throw new Exception("bad ret " + ret); } // get the number of entries in the table MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure( buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries)); tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries]; for (int i = 0; i < tab.dwNumEntries; i++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal .PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); tTable[i] = tcpRow; // next entry rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); } } finally { // Free the Memory Marshal.FreeHGlobal(buffTable); } return(tTable); }
public static List <TcpRecordPid> GetAllTcpConnections() { int AF_INET = 2; // IP_v4 int buffSize = 0; // getting the memory size needed uint val = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); if (val != 0 && val != 122) { throw new Exception("invalid size " + val); } IntPtr buffTable = Marshal.AllocHGlobal(buffSize); List <TcpRecordPid> lstRecords = new List <TcpRecordPid>(); try { val = GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); if (val != 0) { throw new Exception("ivalid data " + val); } // get the number of entries in the table MIB_TCPTABLE_OWNER_PID tcpTable = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tcpTable.dwNumEntries)); //tTable = new MIB_TCPROW_OWNER_PID[tcpTable.dwNumEntries]; for (int i = 0; i < tcpTable.dwNumEntries; i++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); //tTable[i] = tcpRow; lstRecords.Add(new TcpRecordPid( new IPAddress(tcpRow.localAddr), new IPAddress(tcpRow.remoteAddr), BitConverter.ToUInt16(new byte[2] { tcpRow.localPort2, tcpRow.localPort1 }, 0), // reverse order BitConverter.ToUInt16(new byte[2] { tcpRow.remotePort2, tcpRow.remotePort1 }, 0), // reverse order tcpRow.owningPid, tcpRow.state)); // next entry rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); } } finally { // Free the Memory Marshal.FreeHGlobal(buffTable); } return(lstRecords); }
//public TcpRow[] GetAllTcpConnections() public static MIB_TCPROW_OWNER_PID[] GetAllTcpConnections() { if (getAllTcpConnections_cached == null || getAllTcpConnections_cached_lastTime + new TimeSpan(0, 0, 1) < DateTime.Now) { // TcpRow is my own class to display returned rows in a nice manner. // TcpRow[] tTable; MIB_TCPROW_OWNER_PID[] tTable; int AF_INET = 2; // IP_v4 int buffSize = 0; // how much memory do we need? uint ret = NativeMethods.GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL); IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { ret = NativeMethods.GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL); if (ret != 0) { return(new MIB_TCPROW_OWNER_PID[0]); } // get the number of entries in the table //MibTcpTable tab = (MibTcpTable)Marshal.PtrToStructure(buffTable, typeof(MibTcpTable)); MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); //IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.numberOfEntries) ); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries)); // buffer we will be returning //tTable = new TcpRow[tab.numberOfEntries]; tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries]; //for (int i = 0; i < tab.numberOfEntries; i++) for (int i = 0; i < tab.dwNumEntries; i++) { //MibTcpRow_Owner_Pid tcpRow = (MibTcpRow_Owner_Pid)Marshal.PtrToStructure(rowPtr, typeof(MibTcpRow_Owner_Pid)); MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); //tTable[i] = new TcpRow(tcpRow); tTable[i] = tcpRow; rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); // next entry } } finally { // Free the Memory Marshal.FreeHGlobal(buffTable); } getAllTcpConnections_cached = tTable; getAllTcpConnections_cached_lastTime = DateTime.Now; } return(getAllTcpConnections_cached); }
//return the MIB_TCPROW_OWNER_PID array as connection public MIB_TCPROW_OWNER_PID[] GetAllTcpConnections() { MIB_TCPROW_OWNER_PID[] tTable; int AF_INET = 2; // IP_v4 int buffSize = 0; // what the size of the memory we need to allocate for the table? uint ret = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); //set pointer to buffer IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { //getting the buffer ret = GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); if (ret != 0) { return(null); } //convert pointer to MIB_TCPTABLE_OWNER_PID pointer MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries)); tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries]; //reading the row from buffer using next position pointer //size of MIB_TCPROW_OWNER_PID for (int i = 0; i < tab.dwNumEntries; i++) { //convert pointer to MIB_TCPROW_OWNER_PID pointer MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); //save row in table tTable[i] = tcpRow; //go to the next entry. rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); } } finally { // clear buffer Marshal.FreeHGlobal(buffTable); } return(tTable); }
internal List <Tcp> GetExtendedTcpTable() { int AF_INET = 2; int buffSize = 20000; byte[] buffer = new byte[buffSize]; int res = GetExtendedTcpTable(buffer, out buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); if (res != NO_ERROR) { throw new InvalidOperationException("Error get extended tcp table"); } MIB_TCPTABLE_OWNER_PID tcpExtendedTable = new MIB_TCPTABLE_OWNER_PID(); int nOffset = 0; tcpExtendedTable.dwNumEntries = Convert.ToInt32(buffer[nOffset]); nOffset += 4; tcpExtendedTable.table = new MIB_TCPROW_OWNER_PID[tcpExtendedTable.dwNumEntries]; for (int i = 0; i < tcpExtendedTable.dwNumEntries; i++) { int st = Convert.ToInt32(buffer[nOffset]); tcpExtendedTable.table[i].State = ConvertState(st); tcpExtendedTable.table[i].dwState = st; nOffset += 4; tcpExtendedTable.table[i].Local = BufferToIPEndPoint(buffer, ref nOffset, false); tcpExtendedTable.table[i].Remote = BufferToIPEndPoint(buffer, ref nOffset, true); tcpExtendedTable.table[i].dwOwningPid = BufferToInt(buffer, ref nOffset); tcpExtendedTable.table[i].ProcessName = GetProcessName(tcpExtendedTable.table[i].dwOwningPid); } List <Tcp> tcps = new List <Tcp>(); for (int i = 0; i < tcpExtendedTable.table.Length; i++) { Tcp tcp = new Tcp { ProcessId = tcpExtendedTable.table[i].dwOwningPid, LocalIp = tcpExtendedTable.table[i].Local.Address.ToString(), LocalPort = tcpExtendedTable.table[i].Local.Port, RemoteIp = tcpExtendedTable.table[i].Remote.Address.ToString(), RemotePort = tcpExtendedTable.table[i].Remote.Port, ProcessName = tcpExtendedTable.table[i].ProcessName, State = tcpExtendedTable.table[i].State }; if (HideLocal && (tcp.LocalIp == "0.0.0.0" || tcp.LocalIp == "127.0.0.1")) { continue; } tcps.Add(tcp); } return(tcps); }
public MIB_TCPROW_OWNER_PID[] SelectAllTcpConnections() { MIB_TCPROW_OWNER_PID[] tTable; int AF_INET = 2; // IP_v4 int buffSize = 0; // calculate memory usage uint res = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { res = GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); if (res != 0) { return(null); } // get the number of entries in the table MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries)); // buffer we will be returning tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries]; for (int i = 0; i < tab.dwNumEntries; i++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); tTable[i] = tcpRow; //getting the next entry // C/C++ baseAddress+= sizeof( MIB_TCPROW_OWNER_PID); rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); } } finally { // Free the Memory Marshal.FreeHGlobal(buffTable); } return(tTable); }
public static MIB_TCPROW_OWNER_PID[] GetAllTcpConnections() { MIB_TCPROW_OWNER_PID[] tcpConnectionRows; int AF_INET = 2; // IPv4 int buffSize = 0; // use WinAPI GetExtendedTcpTable to query all active tcp connection information uint ret = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_TYPE.TCP_TABLE_OWNER_PID_ALL, 0); if (ret != 0 && ret != 122) // 122 means insufficient buffer size { throw new Exception("Error occurred when trying to query tcp table, return code: " + ret); } IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { ret = GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_TYPE.TCP_TABLE_OWNER_PID_ALL, 0); if (ret != 0) { throw new Exception("Error occurred when trying to query tcp table, return code: " + ret); } // get the number of entries in the table MIB_TCPTABLE_OWNER_PID table = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(table.dwNumEntries)); tcpConnectionRows = new MIB_TCPROW_OWNER_PID[table.dwNumEntries]; for (int i = 0; i < table.dwNumEntries; i++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); tcpConnectionRows[i] = tcpRow; rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); } } finally { // free memory Marshal.FreeHGlobal(buffTable); } return(tcpConnectionRows); }
public MIB_TCPROW_OWNER_PID[] GetAllTcpConnections() { // TcpRow is my own class to display returned rows in a nice manner. MIB_TCPROW_OWNER_PID[] tTable; int AF_INET = 2; // IP_v4 int buffSize = 0; // how much memory do we need? uint ret = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL); IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { ret = GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL); if (ret != 0) { return(null); } // get the number of entries in the table MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries)); // buffer we will be returning; tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries]; for (int i = 0; i < tab.dwNumEntries; i++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); tTable[i] = tcpRow; rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); // next entry } } finally { // Free the Memory Marshal.FreeHGlobal(buffTable); } return(tTable); }
public static MIB_TCPROW_OWNER_PID[] GetTcpTableEx() { MIB_TCPROW_OWNER_PID[] tTable; int buffSize = 0; // Determine much memory is needed uint ret = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, (int)AddressFamily.InterNetwork, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL); IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { ret = GetExtendedTcpTable(buffTable, ref buffSize, true, (int)(int)AddressFamily.InterNetwork, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL); if (ret != 0) { return(null); } // get the number of entries in the table MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries)); // buffer we will be returning tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries]; for (int i = 0; i < tab.dwNumEntries; i++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); tTable[i] = tcpRow; rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); // next entry } } finally { // Free the Memory Marshal.FreeHGlobal(buffTable); } return(tTable); }
private static MIB_TCPROW_OWNER_PID[] GetAllTcpConnections() { const int NO_ERROR = 0; const int IP_v4 = 2; MIB_TCPROW_OWNER_PID[] tTable = null; int buffSize = 0; GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, IP_v4, TCP_TABLE_OWNER_PID_ALL, 0); IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { if (NO_ERROR != GetExtendedTcpTable(buffTable, ref buffSize, true, IP_v4, TCP_TABLE_OWNER_PID_ALL, 0)) { return(null); } MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries)); tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries]; int rowSize = Marshal.SizeOf(typeof(MIB_TCPROW_OWNER_PID)); for (int i = 0; i < tab.dwNumEntries; i++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); tTable[i] = tcpRow; rowPtr = (IntPtr)((long)rowPtr + rowSize); } } catch { } finally { Marshal.FreeHGlobal(buffTable); } return(tTable); }
public static List <TcpProcessRecord> GetAllTcpConnections() { int bufferSize = 0; List <TcpProcessRecord> tcpTableRecords = new List <TcpProcessRecord>(); // Getting the size of TCP table, that is returned in 'bufferSize' variable. uint result = GetExtendedTcpTable(IntPtr.Zero, ref bufferSize, true, AF_INET, TcpTableClass.TCP_TABLE_OWNER_PID_ALL); // Allocating memory from the unmanaged memory of the process by using the // specified number of bytes in 'bufferSize' variable. IntPtr tcpTableRecordsPtr = Marshal.AllocHGlobal(bufferSize); try { // The size of the table returned in 'bufferSize' variable in previous // call must be used in this subsequent call to 'GetExtendedTcpTable' // function in order to successfully retrieve the table. result = GetExtendedTcpTable(tcpTableRecordsPtr, ref bufferSize, true, AF_INET, TcpTableClass.TCP_TABLE_OWNER_PID_ALL); // Non-zero value represent the function 'GetExtendedTcpTable' failed, // hence empty list is returned to the caller function. if (result != 0) { return(new List <TcpProcessRecord>()); } // Marshals data from an unmanaged block of memory to a newly allocated // managed object 'tcpRecordsTable' of type 'MIB_TCPTABLE_OWNER_PID' // to get number of entries of the specified TCP table structure. MIB_TCPTABLE_OWNER_PID tcpRecordsTable = (MIB_TCPTABLE_OWNER_PID) Marshal.PtrToStructure(tcpTableRecordsPtr, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr tableRowPtr = (IntPtr)((long)tcpTableRecordsPtr + Marshal.SizeOf(tcpRecordsTable.dwNumEntries)); // Reading and parsing the TCP records one by one from the table and // storing them in a list of 'TcpProcessRecord' structure type objects. for (int row = 0; row < tcpRecordsTable.dwNumEntries; row++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal. PtrToStructure(tableRowPtr, typeof(MIB_TCPROW_OWNER_PID)); tcpTableRecords.Add(new TcpProcessRecord( new IPAddress(tcpRow.localAddr), new IPAddress(tcpRow.remoteAddr), BitConverter.ToUInt16(new byte[2] { tcpRow.localPort[1], tcpRow.localPort[0] }, 0), BitConverter.ToUInt16(new byte[2] { tcpRow.remotePort[1], tcpRow.remotePort[0] }, 0), tcpRow.owningPid, tcpRow.state)); tableRowPtr = (IntPtr)((long)tableRowPtr + Marshal.SizeOf(tcpRow)); } } catch (OutOfMemoryException) { } catch (Exception) { } finally { Marshal.FreeHGlobal(tcpTableRecordsPtr); } return(tcpTableRecords != null?tcpTableRecords.Distinct() .ToList <TcpProcessRecord>() : new List <TcpProcessRecord>()); }
/// <summary> /// Add to list TCP connections using IPv4. /// </summary> /// <param name="table"></param> static void GetIPv4Info(MIB_TCPTABLE_OWNER_PID* table) { uint tblSize = table->dwNumEntries; // Number of elements in table. var firstRow = &table->table; // The first element in table. for (uint i = 0; i < tblSize; ++i) { MIB_TCPROW_OWNER_PID row = firstRow[i]; SocketList.Add(new CSocket("TCP", row.dwLocalAddr, row.dwLocalPort, row.dwRemoteAddr, row.dwRemotePort, row.dwOwningPid, row.dwState)); } }
//根据端口找PID private void TrySetProcessId(int port) { int bufferSize = 0; uint result = GetExtendedTcpTable(IntPtr.Zero, ref bufferSize, true, INET, TcpTableClass.TCP_TABLE_OWNER_PID_ALL); IntPtr tcpTableRecordsPtr = Marshal.AllocHGlobal(bufferSize); try { result = GetExtendedTcpTable(tcpTableRecordsPtr, ref bufferSize, true, INET, TcpTableClass.TCP_TABLE_OWNER_PID_ALL); MIB_TCPTABLE_OWNER_PID tcpRecordsTable = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(tcpTableRecordsPtr, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr tableRowPtr = (IntPtr)((long)tcpTableRecordsPtr + Marshal.SizeOf(tcpRecordsTable.dwNumEntries)); for (int row = 0; row < tcpRecordsTable.dwNumEntries; row++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(tableRowPtr, typeof(MIB_TCPROW_OWNER_PID)); int localPort = BitConverter.ToUInt16(new byte[2] { tcpRow.localPort[1], tcpRow.localPort[0] }, 0); int remotePort = BitConverter.ToUInt16(new byte[2] { tcpRow.remotePort[1], tcpRow.remotePort[0] }, 0); int pid = tcpRow.owningPid; if (localPort == port) { Process p = Process.GetProcessById(pid); //IE比较烦,要获取最先启动的那个主进程 这里不知道怎么找,暂时通过启动时间找,是否靠谱待验证 if (p.ProcessName == "iexplore") { DateTime time = DateTime.MaxValue; Process[] procs = Process.GetProcessesByName("iexplore"); for (int ii = 0; ii < procs.Length; ii++) { if (time == DateTime.MaxValue) { pid = procs[ii].Id; time = procs[ii].StartTime; continue; } else if (procs[ii].StartTime < time) { pid = procs[ii].Id; time = procs[ii].StartTime; continue; } } } this.ProcessId = pid; break; } tableRowPtr = (IntPtr)((long)tableRowPtr + Marshal.SizeOf(tcpRow)); //IPAddress localIp, IPAddress remoteIp, ushort localPort,ushort remotePort, int pId, MibTcpState state //tcpTableRecords.Add(new TcpProcessRecord( // new IPAddress(tcpRow.localAddr), // new IPAddress(tcpRow.remoteAddr), // BitConverter.ToUInt16(new byte[2] { // tcpRow.localPort[1], // tcpRow.localPort[0] }, 0), // BitConverter.ToUInt16(new byte[2] { // tcpRow.remotePort[1], // tcpRow.remotePort[0] }, 0), // tcpRow.owningPid, tcpRow.state)); } } catch (Exception ex) { } finally { Marshal.FreeHGlobal(tcpTableRecordsPtr); } }
public static List <TcpConnectionInfo> GetTcpConnections(IPVersion ipVersion, Dictionary <int, Process> processesByPid = null) { int bufferSize = 0; List <TcpConnectionInfo> tcpTableRecords = new List <TcpConnectionInfo>(); int ulAf = AF_INET; if (ipVersion == IPVersion.IPv6) { ulAf = AF_INET6; } // Getting the initial size of TCP table. uint result = Iphlpapi.GetExtendedTcpTable(IntPtr.Zero, ref bufferSize, true, ulAf, TcpTableClass.TCP_TABLE_OWNER_PID_ALL); // Allocating memory as an IntPtr with the bufferSize. IntPtr tcpTableRecordsPtr = Marshal.AllocHGlobal(bufferSize); try { // The IntPtr from last call, tcpTableRecoresPtr must be used in the subsequent // call and passed as the first parameter. result = Iphlpapi.GetExtendedTcpTable(tcpTableRecordsPtr, ref bufferSize, true, ulAf, TcpTableClass.TCP_TABLE_OWNER_PID_ALL); // If not zero, the call failed. if (result != 0) { return(new List <TcpConnectionInfo>()); } // Marshals data fron an unmanaged block of memory to the // newly allocated managed object 'tcpRecordsTable' of type // 'MIB_TCPTABLE_OWNER_PID' to get number of entries of TCP // table structure. // Determine if IPv4 or IPv6. if (ipVersion == IPVersion.IPv4) { MIB_TCPTABLE_OWNER_PID tcpRecordsTable = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(tcpTableRecordsPtr, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr tableRowPtr = (IntPtr)((long)tcpTableRecordsPtr + Marshal.SizeOf(tcpRecordsTable.dwNumEntries)); // Read and parse the TCP records from the table and store them in list // 'TcpConnection' structure type objects. for (int row = 0; row < tcpRecordsTable.dwNumEntries; row++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(tableRowPtr, typeof(MIB_TCPROW_OWNER_PID)); // Add row to list of TcpConnetions. tcpTableRecords.Add(new TcpConnectionInfo( Protocol.TCP, new IPAddress(tcpRow.localAddr), new IPAddress(tcpRow.remoteAddr), BitConverter.ToUInt16(new byte[2] { tcpRow.localPort[1], tcpRow.localPort[0] }, 0), BitConverter.ToUInt16(new byte[2] { tcpRow.remotePort[1], tcpRow.remotePort[0] }, 0), tcpRow.owningPid, tcpRow.state, GetProcessNameByPid(tcpRow.owningPid, processesByPid))); tableRowPtr = (IntPtr)((long)tableRowPtr + Marshal.SizeOf(tcpRow)); } } else if (ipVersion == IPVersion.IPv6) { MIB_TCP6TABLE_OWNER_PID tcpRecordsTable = (MIB_TCP6TABLE_OWNER_PID)Marshal.PtrToStructure(tcpTableRecordsPtr, typeof(MIB_TCP6TABLE_OWNER_PID)); IntPtr tableRowPtr = (IntPtr)((long)tcpTableRecordsPtr + Marshal.SizeOf(tcpRecordsTable.dwNumEntries)); // Read and parse the TCP records from the table and store them in list // 'TcpConnection' structure type objects. for (int row = 0; row < tcpRecordsTable.dwNumEntries; row++) { MIB_TCP6ROW_OWNER_PID tcpRow = (MIB_TCP6ROW_OWNER_PID)Marshal.PtrToStructure(tableRowPtr, typeof(MIB_TCP6ROW_OWNER_PID)); tcpTableRecords.Add(new TcpConnectionInfo( Protocol.TCP, new IPAddress(tcpRow.localAddr, tcpRow.localScopeId), new IPAddress(tcpRow.remoteAddr, tcpRow.remoteScopeId), BitConverter.ToUInt16(new byte[2] { tcpRow.localPort[1], tcpRow.localPort[0] }, 0), BitConverter.ToUInt16(new byte[2] { tcpRow.remotePort[1], tcpRow.remotePort[0] }, 0), tcpRow.owningPid, tcpRow.state, GetProcessNameByPid(tcpRow.owningPid, processesByPid))); tableRowPtr = (IntPtr)((long)tableRowPtr + Marshal.SizeOf(tcpRow)); } } } catch (OutOfMemoryException outOfMemoryException) { throw outOfMemoryException; } catch (Exception exception) { throw exception; } finally { Marshal.FreeHGlobal(tcpTableRecordsPtr); } return(tcpTableRecords != null?tcpTableRecords.Distinct().ToList() : new List <TcpConnectionInfo>()); }
private static Connection[] GetTCP() { MIB_TCPROW_OWNER_PID[] tTable; int AF_INET = 2; int buffSize = 0; uint ret = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); IntPtr buffTable = Marshal.AllocHGlobal(buffSize); try { ret = GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL, 0); if (ret != 0) { Connection[] con = new Connection[0]; return(con); } MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID)); IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries)); tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries]; for (int i = 0; i < tab.dwNumEntries; i++) { MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID)); tTable[i] = tcpRow; rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow)); // next entry } } finally { Marshal.FreeHGlobal(buffTable); } Connection[] cons = new Connection[tTable.Length]; for (int i = 0; i < tTable.Length; i++) { IPAddress localip = new IPAddress(BitConverter.GetBytes(tTable[i].dwLocalAddr)); IPAddress remoteip = new IPAddress(BitConverter.GetBytes(tTable[i].dwRemoteAddr)); byte[] barray = BitConverter.GetBytes(tTable[i].dwLocalPort); int localport = (barray[0] * 256) + barray[1]; barray = BitConverter.GetBytes(tTable[i].dwRemotePort); int remoteport = (barray[0] * 256) + barray[1]; string state; switch (tTable[i].dwState) { case 1: state = "Closed"; break; case 2: state = "LISTENING"; break; case 3: state = "SYN SENT"; break; case 4: state = "SYN RECEIVED"; break; case 5: state = "ESTABLISHED"; break; case 6: state = "FINSIHED 1"; break; case 7: state = "FINISHED 2"; break; case 8: state = "CLOSE WAIT"; break; case 9: state = "CLOSING"; break; case 10: state = "LAST ACKNOWLEDGE"; break; case 11: state = "TIME WAIT"; break; case 12: state = "DELETE TCB"; break; default: state = "UNKNOWN"; break; } Connection tmp = new Connection(localip, localport, remoteip, remoteport, (int)tTable[i].dwOwningPid, state); cons[i] = (tmp); } return(cons); }