Esempio n. 1
0
 public TcpHeader(IPHeader ip)
 {
     if (ip.Protocol == IPProtocol.Tcp)
     {
         data            = ip.Data;
         headerOffset    = ip.DataOffset;
         sourcePort      = data[headerOffset] << 8 | data[headerOffset + 1];
         destinationPort = data[headerOffset + 2] << 8 | data[headerOffset + 3];
         flags           = (TcpFlags)(data[headerOffset + 13] & 0x3f);
         dataOffset      = headerOffset + ((data[headerOffset + 12] & 0xF0) >> 2);
         dataLength      = ip.DataLength - (dataOffset - headerOffset);
     }
     else
     {
         throw new PacketFormatException("Packet is not TCP");
     }
 }
Esempio n. 2
0
 public UdpHeader(IPHeader ip)
 {
     headerOffset = ip.DataOffset;
     if (ip.Protocol == IPProtocol.Udp)
     {
         data = ip.Data;
         if (data.Length < headerOffset + 2)
         {
             throw new PacketFormatException("Packet too short: sourcePort");
         }
         sourcePort = data[headerOffset] << 8 | data[headerOffset + 1];
         if (data.Length < headerOffset + 4)
         {
             throw new PacketFormatException("Packet too short: destinationPort");
         }
         destinationPort = data[headerOffset + 2] << 8 | data[headerOffset + 3];
         dataOffset      = headerOffset + 14;
         dataLength      = ip.DataLength - (dataOffset - headerOffset);
     }
     else
     {
         throw new PacketFormatException("Packet is not UDP");
     }
 }
Esempio n. 3
0
 public UdpHeader(IPHeader ip)
 {
     headerOffset = ip.DataOffset;
       if (ip.Protocol == IPProtocol.Udp) {
     data = ip.Data;
     if (data.Length < headerOffset + 2) throw new PacketFormatException("Packet too short: sourcePort");
     sourcePort = data[headerOffset] << 8 | data[headerOffset + 1];
     if (data.Length < headerOffset + 4) throw new PacketFormatException("Packet too short: destinationPort");
     destinationPort = data[headerOffset + 2] << 8 | data[headerOffset + 3];
     dataOffset = headerOffset + 14;
     dataLength = ip.DataLength - (dataOffset - headerOffset);
       } else {
     throw new PacketFormatException("Packet is not UDP");
       }
 }
Esempio n. 4
0
        static void Main(string[] args)
        {
            var pcap = new Pcap();
              pcap.Open(ConfigurationManager.AppSettings["Adapter"]);

              var address = IPAddress.Parse(ConfigurationManager.AppSettings["Address"]);
              var port = UInt16.Parse(ConfigurationManager.AppSettings["Port"]);

              Packet packet = null;

              long tx = 0, rx = 0;

              while (true)
              {
            if ((packet = pcap.Next()) != null)
            {
              var eth = new EthernetHeader(packet.Data);
              if (eth.Protocol == (int)EthernetProtocol.IP)
              {
            var ip = new IPHeader(eth);
            if (ip.Protocol == IPProtocol.Tcp)
            {
              var tcp = new TcpHeader(ip);
              if (ip.SourceIp.Equals(address) && tcp.SourcePort == port) rx += tcp.Length;
              else if (ip.DestinationIp.Equals(address) && tcp.DestinationPort == port) tx += tcp.Length;
            }
              }
            }

            if (KeyPressed())
            {
              Console.WriteLine("{0},{1}", tx, rx);
              tx = 0;
              rx = 0;
            }
              }
        }
Esempio n. 5
0
 public TcpHeader(IPHeader ip)
 {
     if (ip.Protocol == IPProtocol.Tcp) {
     data = ip.Data;
     headerOffset = ip.DataOffset;
     sourcePort = data[headerOffset] << 8 | data[headerOffset + 1];
     destinationPort = data[headerOffset + 2] << 8 | data[headerOffset + 3];
     flags = (TcpFlags)(data[headerOffset + 13] & 0x3f);
     dataOffset = headerOffset + ((data[headerOffset + 12] & 0xF0) >> 2);
     dataLength = ip.DataLength - (dataOffset - headerOffset);
       } else {
     throw new PacketFormatException("Packet is not TCP");
       }
 }
Esempio n. 6
0
 public void Assign(IPHeader ip, UdpHeader udp)
 {
     Source = new IPEndPoint(ip.SourceIp, udp.SourcePort);
       Destination = new IPEndPoint(ip.DestinationIp, udp.DestinationPort);
       Protocol = ip.Protocol;
 }
Esempio n. 7
0
 public Flow(IPHeader ip, UdpHeader udp)
 {
     Assign(ip, udp);
 }
Esempio n. 8
0
 public Flow(IPHeader ip, TcpHeader tcp)
 {
     Assign(ip, tcp);
 }
Esempio n. 9
0
        public void Execute()
        {
            Packet packet;
              EthernetHeader eth;
              IPHeader ip;

              Flow key = new Flow();
              FlowStats stats;

              try {
            //BinaryReader log = new BinaryReader(new FileStream(@"c:\users\gavin\desktop\20081006.dat", FileMode.Open, FileAccess.Read));
            while (!terminated) {
              try {
            /*packet = new Packet();
            packet.Time = log.ReadInt64();
            packet.Length = log.ReadInt32();
            packet.Data = log.ReadBytes(log.ReadInt32());*/
            packet = pcap.Next();
              } catch (Exception e) {
            packet = null;
            throw;
              }
              if (packet != null) {
            if (dump != null) {
              dump.Write(packet.Time);
              dump.Write(packet.Length);
              int i = Math.Min(packet.Data.Length, 64);
              dump.Write(i);
              dump.Write(packet.Data, 0, i);
              dump.Flush();
            }

            eth = new EthernetHeader(packet.Data);

            if (eth.Protocol == (int)EthernetProtocol.IP) {
              ip = new IPHeader(eth);
              if (ip.Protocol == IPProtocol.Tcp) {
                TcpHeader tcp = new TcpHeader(ip);
                key = new Flow(ip, tcp);

                stats = tracker.Resolve(key, packet.Time);

                stats.Last = packet.Time;
                stats.Packets++;
                // Bytes at IP, including IP header
                stats.Bytes += ip.Length;

                #region debugging
                /*
              // TODO: Verify sorted order of queue - should be right now
              FlowStats check = queue.Head;
              while (check != null) {
                if (check.Next != null) Debug.Assert(check.Last >= check.Next.Last);
                check = check.Next;
              }
              */
                #endregion
              } else if (ip.Protocol == IPProtocol.Udp) {
                try {
                  UdpHeader udp = new UdpHeader(ip);
                  key = new Flow(ip, udp);

                  stats = tracker.Resolve(key, packet.Time);

                  stats.Last = packet.Time;
                  stats.Packets++;
                  // Bytes at IP, including IP header
                  stats.Bytes += ip.Length;
                } catch (IndexOutOfRangeException e) {
                  using (StreamWriter errorLog = new StreamWriter(Path.Combine(LogFolder, "error.log"), true)) {
                    errorLog.WriteLine(DateTime.Now);
                    errorLog.WriteLine(e.Message);
                    errorLog.WriteLine(e.StackTrace);
                    errorLog.WriteLine();
                  }

                  if (dump != null) {
                    dump.Write(packet.Time);
                    dump.Write(packet.Length);
                    dump.Write(packet.Data.Length);
                    dump.Write(packet.Data, 0, packet.Data.Length);
                    dump.Flush();
                  }
                } catch (Exception ex) {

                }
              } else if (ip.Protocol == IPProtocol.Icmp) {
                // TODO: Deal with ICMP
              } else if (ip.Protocol == IPProtocol.Gre) {
                // TODO: Deal with GRE
              }
            } else {
              // TODO: deal with non-IP
            }

            #region Age flows
            /**/
            while (tracker.Count > 0 && tracker.Tail.Last < packet.Time - ExpiryInterval) {
              stats = tracker.Tail;
              Dump(stats);
              tracker.Remove(stats);
            }
            writer.Flush();
            /**/
            #endregion
              }
              packets++;
            }
              } catch (EndOfStreamException e) {
            // TODO: nothing
              } catch (Exception e) {
            //debug.WriteLine("ERROR: " + e.Message);
            //debug.Flush();
            throw e;
              }
        }