コード例 #1
0
ファイル: Program.cs プロジェクト: OzdemirEmrah/NMExperts
        public static void Main(string[] args)
        {
            // Load API
            try
            {
                initialized = Program.InitializeNMAPI();
            }
            catch (BadImageFormatException)
            {
                Console.WriteLine("There was an error loading the NMAPI.\n\nPlease ensure you have the correct version installed for your platform.");
            }
            catch (DllNotFoundException)
            {
                Console.WriteLine("There was an error loading the NMAPI DLL.\n\nPlease ensure you have Network Monitor 3.3 installed or try rebooting.");
            }

            CommandLineArguments commandReader = new CommandLineArguments();

            if (commandReader.ParseCommandLineArguments(args))
            {
                if (commandReader.IsNoArguments)
                {
                    Console.WriteLine(CommandLineArguments.GetUsage("ExpertExample"));
                }
                else if (commandReader.IsRequestingHelp)
                {
                    Console.WriteLine(CommandLineArguments.GetUsage("ExpertExample"));
                }
                else if (initialized)
                {
                    Console.WriteLine("Running Test Application with Arguments:");
                    Console.WriteLine("\tCapture File: " + commandReader.CaptureFileName);
                    Console.WriteLine("\tDisplay Filter: " + commandReader.DisplayFilter);
                    Console.WriteLine("\tConversation Filter: " + commandReader.ConversationFilter);
                    Console.WriteLine("\tSelected Frames: " + commandReader.SelectedFramesString);

                    Console.WriteLine();

                    bool loadedparserengine = false;

                    // Configure Parser Engine
                    uint   errno;
                    IntPtr hNplParser           = IntPtr.Zero;
                    IntPtr hFrameParserConfig   = IntPtr.Zero;
                    uint   conversationFilterId = 0;
                    uint   displayFilterId      = 0;
                    IntPtr hFrameParser         = IntPtr.Zero;

                    // Only load the parsing engine if we have to
                    if (!string.IsNullOrEmpty(commandReader.ConversationFilter) || !string.IsNullOrEmpty(commandReader.DisplayFilter))
                    {
                        Console.WriteLine("Loading Parser Engine...");

                        // Passing in null for the path will use the default configuration as specified in the Netmon UI
                        errno = NetmonAPI.NmLoadNplParser(null, NmNplParserLoadingOption.NmAppendRegisteredNplSets, pErrorCallBack, IntPtr.Zero, out hNplParser);
                        if (errno == ERROR_SUCCESS)
                        {
                            // Configure Frame Parser
                            errno = NetmonAPI.NmCreateFrameParserConfiguration(hNplParser, pErrorCallBack, IntPtr.Zero, out hFrameParserConfig);
                            if (errno == ERROR_SUCCESS)
                            {
                                // Enable Conversations
                                errno = NetmonAPI.NmConfigConversation(hFrameParserConfig, NmConversationConfigOption.None, true);
                                if (errno == ERROR_SUCCESS)
                                {
                                    // Add Filters
                                    if (!string.IsNullOrEmpty(commandReader.ConversationFilter))
                                    {
                                        Console.WriteLine("Adding Conversation Filter...");
                                        errno = NetmonAPI.NmAddFilter(hFrameParserConfig, commandReader.ConversationFilter, out conversationFilterId);
                                    }

                                    if (errno == ERROR_SUCCESS)
                                    {
                                        if (!string.IsNullOrEmpty(commandReader.DisplayFilter))
                                        {
                                            Console.WriteLine("Adding Display Filter...");
                                            errno = NetmonAPI.NmAddFilter(hFrameParserConfig, commandReader.DisplayFilter, out displayFilterId);
                                        }

                                        if (errno == ERROR_SUCCESS)
                                        {
                                            errno = NetmonAPI.NmCreateFrameParser(hFrameParserConfig, out hFrameParser, NmFrameParserOptimizeOption.ParserOptimizeNone);
                                            if (errno == ERROR_SUCCESS)
                                            {
                                                Console.WriteLine("Parser Engine Loaded Successfully!");
                                                Console.WriteLine();

                                                loadedparserengine = true;
                                            }
                                            else
                                            {
                                                Console.WriteLine("Parser Creation Error Number = " + errno);
                                            }
                                        }
                                        else
                                        {
                                            Console.WriteLine("Display Filter Creation Error Number = " + errno);
                                        }
                                    }
                                    else
                                    {
                                        Console.WriteLine("Conversation Filter Creation Error Number = " + errno);
                                    }
                                }
                                else
                                {
                                    Console.WriteLine("Conversation Error Number = " + errno);
                                }

                                if (!loadedparserengine)
                                {
                                    NetmonAPI.NmCloseHandle(hFrameParserConfig);
                                }
                            }
                            else
                            {
                                Console.WriteLine("Parser Configuration Error Number = " + errno);
                            }

                            if (!loadedparserengine)
                            {
                                NetmonAPI.NmCloseHandle(hNplParser);
                            }
                        }
                        else
                        {
                            Console.WriteLine("Error Loading NMAPI Parsing Engine Error Number = " + errno);
                        }
                    }

                    // Wait for confirmation
                    Console.WriteLine("Press any key to continue");
                    Console.ReadKey(true);

                    // Let's open the capture file
                    // Open Capture File
                    IntPtr captureFile = IntPtr.Zero;
                    errno = NetmonAPI.NmOpenCaptureFile(commandReader.CaptureFileName, out captureFile);
                    if (errno == ERROR_SUCCESS)
                    {
                        // Retrieve the number of frames in this capture file
                        uint frameCount;
                        errno = NetmonAPI.NmGetFrameCount(captureFile, out frameCount);
                        if (errno == ERROR_SUCCESS)
                        {
                            // Loop through capture file
                            for (uint ulFrameNumber = 0; ulFrameNumber < frameCount; ulFrameNumber++)
                            {
                                // Get the Raw Frame data
                                IntPtr hRawFrame = IntPtr.Zero;
                                errno = NetmonAPI.NmGetFrame(captureFile, ulFrameNumber, out hRawFrame);
                                if (errno != ERROR_SUCCESS)
                                {
                                    Console.WriteLine("Error Retrieving Frame #" + (ulFrameNumber + 1) + " from file");
                                    continue;
                                }

                                // Need to parse once to get similar results to the UI
                                if (loadedparserengine)
                                {
                                    // Parse Frame
                                    IntPtr phParsedFrame;
                                    IntPtr phInsertedRawFrame;
                                    errno = NetmonAPI.NmParseFrame(hFrameParser, hRawFrame, ulFrameNumber, NmFrameParsingOption.FieldDisplayStringRequired | NmFrameParsingOption.FieldFullNameRequired | NmFrameParsingOption.DataTypeNameRequired, out phParsedFrame, out phInsertedRawFrame);
                                    if (errno == ERROR_SUCCESS)
                                    {
                                        // Check against Filters
                                        if (!string.IsNullOrEmpty(commandReader.ConversationFilter))
                                        {
                                            bool passed;
                                            errno = NetmonAPI.NmEvaluateFilter(phParsedFrame, conversationFilterId, out passed);
                                            if (errno == ERROR_SUCCESS)
                                            {
                                                if (passed)
                                                {
                                                    if (!string.IsNullOrEmpty(commandReader.DisplayFilter))
                                                    {
                                                        bool passed2;
                                                        errno = NetmonAPI.NmEvaluateFilter(phParsedFrame, displayFilterId, out passed2);
                                                        if (errno == ERROR_SUCCESS)
                                                        {
                                                            if (passed2)
                                                            {
                                                                PrintParsedFrameInformation(phParsedFrame, ulFrameNumber, commandReader);
                                                            }
                                                        }
                                                    }
                                                    else
                                                    {
                                                        PrintParsedFrameInformation(phParsedFrame, ulFrameNumber, commandReader);
                                                    }
                                                }
                                            }
                                        }
                                        else if (!string.IsNullOrEmpty(commandReader.DisplayFilter))
                                        {
                                            bool passed;
                                            errno = NetmonAPI.NmEvaluateFilter(phParsedFrame, displayFilterId, out passed);
                                            if (errno == ERROR_SUCCESS)
                                            {
                                                if (passed)
                                                {
                                                    PrintParsedFrameInformation(phParsedFrame, ulFrameNumber, commandReader);
                                                }
                                            }
                                        }
                                        else
                                        {
                                            PrintParsedFrameInformation(phParsedFrame, ulFrameNumber, commandReader);
                                        }

                                        NetmonAPI.NmCloseHandle(phInsertedRawFrame);
                                        NetmonAPI.NmCloseHandle(phParsedFrame);
                                    }
                                    else
                                    {
                                        Console.WriteLine("Error Parsing Frame #" + (ulFrameNumber + 1) + " from file");
                                    }
                                }
                                else
                                {
                                    // Just print what I just deleted...
                                    uint pulLength;
                                    errno = NetmonAPI.NmGetRawFrameLength(hRawFrame, out pulLength);
                                    if (errno == ERROR_SUCCESS)
                                    {
                                        if (commandReader.IsSelected(ulFrameNumber))
                                        {
                                            Console.WriteLine("Frame #" + (ulFrameNumber + 1) + " (Selected) Frame Length(bytes): " + pulLength);
                                        }
                                        else
                                        {
                                            Console.WriteLine("Frame #" + (ulFrameNumber + 1) + " Frame Length(bytes): " + pulLength);
                                        }
                                    }
                                    else
                                    {
                                        Console.WriteLine("Error Getting Frame Length for Frame #" + (ulFrameNumber + 1));
                                    }
                                }

                                NetmonAPI.NmCloseHandle(hRawFrame);
                            }
                        }
                        else
                        {
                            Console.WriteLine("Error Retrieving Capture File Length");
                        }

                        // Close Capture File to Cleanup
                        NetmonAPI.NmCloseHandle(captureFile);
                    }
                    else
                    {
                        Console.WriteLine("Could not open capture file: " + commandReader.CaptureFileName);
                        Console.WriteLine(CommandLineArguments.GetUsage("ExpertExample"));
                    }

                    if (loadedparserengine)
                    {
                        NetmonAPI.NmCloseHandle(hFrameParser);
                        NetmonAPI.NmCloseHandle(hFrameParserConfig);
                        NetmonAPI.NmCloseHandle(hNplParser);
                    }
                }
            }
            else
            {
                Console.WriteLine(commandReader.LastErrorMessage);
                Console.WriteLine(CommandLineArguments.GetUsage("ExpertExample"));
            }

            // Pause so we can see the results when launched from Network Monitor
            Console.WriteLine();
            Console.WriteLine("Press any key to continue");
            Console.ReadKey();

            if (initialized)
            {
                CloseNMAPI();
            }
        }
コード例 #2
0
        public IntPtr CreateFrameParser()
        {
            IntPtr FrameParser    = IntPtr.Zero;
            UInt32 ret            = 0;
            IntPtr pCallerContext = IntPtr.Zero;
            IntPtr nplParser      = IntPtr.Zero;

            // Use NULL to load default NPL set.
            ret = NetmonAPI.NmLoadNplParser(null, NmNplParserLoadingOption.NmAppendRegisteredNplSets, pParserCallback, pCallerContext, out nplParser);
            if (ret != ERROR_SUCCESS)
            {
                Console.WriteLine("Failed to load NPL Parser");
                return(FrameParser);
            }
            IntPtr frameParserConfig = IntPtr.Zero;

            ret = NetmonAPI.NmCreateFrameParserConfiguration(nplParser, pParserCallback, pCallerContext, out frameParserConfig);
            if (ret != ERROR_SUCCESS)
            {
                Console.WriteLine("Failed to load frame parser configuration.");
                NetmonAPI.NmCloseHandle(nplParser);//release the handler
                return(FrameParser);
            }
            else  //now start to add filter
            {
                ret = NetmonAPI.NmConfigReassembly(frameParserConfig, NmReassemblyConfigOption.None, true);
                if (ret != ERROR_SUCCESS)
                {
                    Console.WriteLine("Failed to config reassembly.");
                    return(FrameParser);
                }
                String pfilterString = _filterString;

                Console.WriteLine(pfilterString);

                ret = NetmonAPI.NmAddFilter(frameParserConfig, pfilterString, out ulfilterId);
                if (ret != ERROR_SUCCESS)
                {
                    Console.WriteLine("error to create filter,info:" + ret.ToString());
                    NetmonAPI.NmCloseHandle(frameParserConfig);
                    NetmonAPI.NmCloseHandle(nplParser);
                    return(FrameParser);
                }

                //add the properties
                foreach (String propertyString in _properties)
                {
                    Console.WriteLine("add property:" + propertyString);
                    UInt32 ulpropertyId;
                    ret = NetmonAPI.NmAddProperty(frameParserConfig, propertyString, out ulpropertyId);
                    if (ret == ERROR_SUCCESS)
                    {
                        PropertyIdDict.Add(propertyString, ulpropertyId);
                    }
                    else
                    {
                        Console.WriteLine("error when add property:" + propertyString);
                    }
                }
                //add fields
                foreach (String filedString in _fields)
                {
                    Console.WriteLine("add field:" + filedString);
                    UInt32 ulfieldId;
                    ret = NetmonAPI.NmAddField(frameParserConfig, filedString, out ulfieldId);
                    if (ret == ERROR_SUCCESS)
                    {
                        FieldIdDict.Add(filedString, ulfieldId);
                    }
                    else
                    {
                        Console.WriteLine("error when add field:" + filedString);
                    }
                }


                ret = NetmonAPI.NmCreateFrameParser(frameParserConfig, out FrameParser, NmFrameParserOptimizeOption.ParserOptimizeNone);

                if (ret != ERROR_SUCCESS)
                {
                    Console.WriteLine("failed to create frame parser, info:" + ret.ToString());

                    return(FrameParser);
                }
            }

            return(FrameParser);
        }
コード例 #3
0
        static void Main(string[] args)
        {
            // / / Initialize NetworkMonitor API

            NM_API_CONFIGURATION apiConfig = new NM_API_CONFIGURATION();

            apiConfig.Size = (ushort)(System.Runtime.InteropServices.Marshal.SizeOf(apiConfig));
            NetmonAPI.NmGetApiConfiguration(ref apiConfig);
            apiConfig.ThreadingMode = 0;
            NetmonAPI.NmApiInitialize(ref apiConfig);

            IntPtr nplPointer = IntPtr.Zero;

            NetmonAPI.NmLoadNplParser(null, NmNplParserLoadingOption.NmAppendRegisteredNplSets, pErrorCallBack, IntPtr.Zero, out nplPointer);


            // / / Initialize Frame parser
            IntPtr parserConfigPointer;

            NetmonAPI.NmCreateFrameParserConfiguration(nplPointer, pErrorCallBack, IntPtr.Zero, out parserConfigPointer);

            NetmonAPI.NmConfigConversation(parserConfigPointer, NmConversationConfigOption.None, true);

            IntPtr ParserPointer;

            NetmonAPI.NmCreateFrameParser(parserConfigPointer, out ParserPointer, NmFrameParserOptimizeOption.ParserOptimizeNone);


            // / / Parse capture file
            IntPtr captureFileHandle;

            NetmonAPI.NmOpenCaptureFile("auto.cap", out captureFileHandle);

            uint rawFrameCount;

            NetmonAPI.NmGetFrameCount(captureFileHandle, out rawFrameCount);

            uint   frameNumber = 0;
            IntPtr rawFrame;

            NetmonAPI.NmGetFrame(captureFileHandle, frameNumber, out rawFrame);

            IntPtr parsedFrame;
            IntPtr insRawFrame;

            NetmonAPI.NmParseFrame(ParserPointer, rawFrame, frameNumber, NmFrameParsingOption.FieldDisplayStringRequired | NmFrameParsingOption.FieldFullNameRequired | NmFrameParsingOption.DataTypeNameRequired, out parsedFrame, out insRawFrame);

            uint fieldCount;

            NetmonAPI.NmGetFieldCount(parsedFrame, out fieldCount);

            uint BUFFER_SIZE = 1024;

            char[] name = new char[BUFFER_SIZE * 2];
            unsafe
            {
                fixed(char *pstr = name)
                {
                    NetmonAPI.NmGetFieldName(parsedFrame, 0, NmParsedFieldNames.NamePath, BUFFER_SIZE * 2, pstr);
                }
            }

            String fieldName = new String(name).Replace("\0", String.Empty);

            NetmonAPI.NmCloseHandle(captureFileHandle);
        }