protected abstract string _GetNameForPacket(OPacket packet);
private bool _ParsePacket(RawCapture r, OPacket p)
{
Packet packet = PacketDotNet.Packet.ParsePacket(r.LinkLayerType, r.Data);
IpPacket ip = PacketDotNet.IpPacket.GetEncapsulated(packet);
if (null == ip)
{
return false;
}
p.SetSourceIP(ip.SourceAddress.ToString());
p.SetDestinationIP(ip.DestinationAddress.ToString());
p.SetLength(r.Data.Length);
p.SetTimeCollected(r.Timeval.Seconds);
TcpPacket tcp = PacketDotNet.TcpPacket.GetEncapsulated(packet);
if (null != tcp)
{
p.SetProtocol(tcp.DestinationPort);
return true;
}
// UdpPacket udp = PacketDotNet.UdpPacket.GetEncapsulated(packet);
// if (null != udp)
// {
// p.SetProtocol(udp.DestinationPort);
// return true;
// }
return false;
}
private void _ThreadProc()
{
while (false == _requestStop)
{
bool _sleep = false;
// Get packet from packet queue
lock (_sync)
{
// If there is no packets
if (_capturedPackets.Count <= 0)
{
_sleep = true;
}
}
// If there is no packet captured
if (true == _sleep)
{
Thread.Sleep(100);
continue;
}
// At this time, we have packets captured
// We have to handle this packet;
List<RawCapture> curPacket = null;
lock(_sync)
{
curPacket = _capturedPackets;
_capturedPackets = new List<RawCapture>();
}
foreach(RawCapture r in curPacket)
{
// 1. Parse packet
OPacket packet = new OPacket();
if (false == _ParsePacket(r, packet))
{
continue;
}
// 2. Save packet to database
lock (_sync)
{
_db.SavePacket(packet, r.Data);
}
int nNextNo = lstPackets.Items.Count + 1;
ListViewItem item = new ListViewItem(nNextNo.ToString());
item.SubItems.Add(packet.GetTimeCollected().ToString());
item.SubItems.Add(packet.GetSourceIP());
item.SubItems.Add(packet.GetDestinationIP());
item.SubItems.Add(ProtocolInfo.instanceOf().ConvertToString(packet.GetProtocol()));
item.SubItems.Add(r.Data.Length.ToString());
// We need to show captured packet in the UI
// but, this code is running in different thread from the UI thread
// So, we have to use BeginInvoke to transfer request to UI thread
this.Invoke(new Action(delegate ()
{
lstPackets.Items.Add(item);
}
));
// Add OPacket object in the list
_curPacketList.AddPacket(packet);
}
curPacket.Clear();
}
}
public bool QueryPackets(ulong startTime, ulong endTime, List<int> protocolList, OCurrentPacketList curPackets)
{
if (null == _dbConnection)
{
return false;
}
// Build Query statement
string sql = BuildSQLStatement(startTime, endTime, protocolList);
SQLiteCommand command = new SQLiteCommand(sql, _dbConnection);
SQLiteDataReader reader = command.ExecuteReader();
while (reader.Read())
{
OPacket pac = new OPacket();
pac.SetTimeCollected((ulong)(Int64)reader[0]);
pac.SetSourceIP((string)reader[1]);
pac.SetDestinationIP((string)reader[2]);
pac.SetProtocol((int)(Int64)reader[3]);
pac.SetLength((int)(Int64)reader[4]);
pac.SetPacketStoredPath((string)reader[5]);
curPackets.AddPacket(pac);
}
return true;
}
public void SavePacket(OPacket packet, byte[] rawData)
{
if (null == _dbConnection)
{
return;
}
// Save packet data into the file system
string _path = OArchive.GetArchiveFolder();
_path += "\\";
_path += _GetTempName();
// Save packet data
if (false == _SavePacketAsFile(_path, rawData))
{
return;
}
packet.SetPacketStoredPath(_path);
// Save into the Database
string sql = "INSERT INTO packets (collected_time, src_ip, dest_ip, dest_port, length, packet_path) values ";
string sqlValue = "(";
sqlValue += packet.GetTimeCollected();
sqlValue += ", ";
sqlValue += "\"";
sqlValue += packet.GetSourceIP();
sqlValue += "\"";
sqlValue += ", ";
sqlValue += "\"";
sqlValue += packet.GetDestinationIP();
sqlValue += "\"";
sqlValue += ", ";
sqlValue += Convert.ToString(packet.GetProtocol());
sqlValue += ", ";
sqlValue += "\"";
sqlValue += Convert.ToString(packet.GetLength());
sqlValue += "\"";
sqlValue += ", ";
sqlValue += "\"";
sqlValue += packet.GetPacketStoredPath();
sqlValue += "\"";
sqlValue += ")";
sql += sqlValue;
SQLiteCommand command = new SQLiteCommand(sql, _dbConnection);
command.ExecuteNonQuery();
}
public void AddPacket(OPacket packet)
{
_list.Add(packet);
}
protected override string _GetNameForPacket(OPacket packet)
{
string res;
res = (packet.GetTimeCollected() - _basetime).ToString();
return res;
}
protected override string _GetNameForPacket(OPacket packet)
{
string res = ProtocolInfo.instanceOf().ConvertToString(packet.GetProtocol());
return res;
}