Exemple #1
0
        /// <summary>
        /// Stops the capture process.
        /// </summary>
        /// <param name="guid">The Guid to identify the capture process</param>
        /// <returns>The path where the traces are stored.</returns>
        public string StopCapture(Guid guid)
        {
            try
            {
                CaptureDetails details = _currentCaptures.Where(x => x.UniqueIdentifier == guid).FirstOrDefault();

                if (null == details)
                {
                    TraceFactory.Logger.Info("No packets are found. Either there was an error or the invalid interface id is specified.");
                    return(string.Empty);
                }

                details.CurrentThread.Abort();
                details.EndTime = DateTime.Now;

                _currentCaptures.Remove(details);

                return(details.packetsLocation);
            }
            catch (Exception ex)
            {
                TraceFactory.Logger.Info(ex.Message);
                return(string.Empty);
            }
            finally
            {
                ProcessUtil.Execute("cmd.exe", @"/C Taskkill /PID {0} /F".FormatWith(_processDetails.Where(x => x.Key == guid).FirstOrDefault().Value));
            }
        }
Exemple #2
0
        /// <summary>
        /// Start capture on the network interface corresponding to the subnet specified.
        /// </summary>
        /// <param name="packetsPath">Location to save the packets.</param>
        /// <param name="interfaceIdentifier">The network interface Id on which the traces needs to be captured.</param>
        /// <returns>The UniqueIdentifier to locate the capture details.</returns>
        public Guid StartCapture(string interfaceIdentifier = "", string packetsPath = "")
        {
            Thread currentThread = null;
            Guid   guid          = Guid.NewGuid();

            try
            {
                if (string.IsNullOrEmpty(interfaceIdentifier))
                {
                    interfaceIdentifier = NetworkInterface.GetAllNetworkInterfaces().Where(x => (x.OperationalStatus == OperationalStatus.Up && x.NetworkInterfaceType != NetworkInterfaceType.Loopback)).FirstOrDefault().Id;
                }
                if (string.IsNullOrEmpty(packetsPath))
                {
                    packetsPath = Path.Combine(Path.GetTempPath(), "{0}.pcap".FormatWith(guid.ToString()));
                }

                TraceFactory.Logger.Debug("Packet Capture Location: {0}".FormatWith(packetsPath));

                // If the directory is not exists create one
                if (!Directory.Exists(Path.GetDirectoryName(packetsPath)))
                {
                    Directory.CreateDirectory(Path.GetDirectoryName(packetsPath));
                }

                currentThread = new Thread(() => Capture(interfaceIdentifier, packetsPath, guid));

                CaptureDetails details = new CaptureDetails();
                details.UniqueIdentifier = guid;
                details.CurrentThread    = currentThread;
                details.packetsLocation  = packetsPath;
                details.StartTime        = DateTime.Now;

                currentThread.Start();
                _currentCaptures.Add(details);

                return(guid);
            }
            catch (Exception ex)
            {
                if (null != currentThread)
                {
                    StopCapture(guid);
                }

                TraceFactory.Logger.Debug("Exception details: {0}".FormatWith(ex.JoinAllErrorMessages()));

                return(Guid.Empty);
            }
        }