//public bool TryGetOperatingSystems(out IList<string> osList, IEnumerable<Packets.AbstractPacket> packetList) {
public bool TryGetOperatingSystems(out IList <DeviceFingerprint> osList, IEnumerable <Packets.AbstractPacket> packetList)
{
try {
//throw new Exception("The method or operation is not implemented.");
Packets.TcpPacket tcpPacket = null;
Packets.IPv4Packet ipPacket = null;
foreach (Packets.AbstractPacket p in packetList)
{
if (p.GetType() == typeof(Packets.TcpPacket))
{
tcpPacket = (Packets.TcpPacket)p;
}
else if (p.GetType() == typeof(Packets.IPv4Packet))
{
ipPacket = (Packets.IPv4Packet)p;
}
}
if (tcpPacket != null && ipPacket != null)
{
if (this.tcpFlagsFingerprintList[tcpPacket.FlagsRaw] == null)
{
List <TcpFingerprint> list = new List <TcpFingerprint>();
foreach (TcpFingerprint f in this.fingerprintList)
{
if (f.ContainsFingerprintsForTcpFlags(tcpPacket))
{
list.Add(f);
}
}
this.tcpFlagsFingerprintList[tcpPacket.FlagsRaw] = list.ToArray();
}
/*
* if(!this.tcpFlagsFingerprintList.ContainsKey(tcpPacket.FlagsRaw)) {
* List<TcpFingerprint> list = new List<TcpFingerprint>();
* foreach (TcpFingerprint f in this.fingerprintList) {
* if (f.ContainsFingerprintsForTcpFlags(tcpPacket))
* list.Add(f);
* }
* this.tcpFlagsFingerprintList.Add(tcpPacket.FlagsRaw, list.ToArray());
* }
*/
if (this.tcpFlagsFingerprintList[tcpPacket.FlagsRaw].Length > 0)
{
//osList=new List<string>();
osList = new List <DeviceFingerprint>();
int osListWeight = 3;//in order to avoid getting hits on tests with weight 1 and 2
foreach (TcpFingerprint f in this.tcpFlagsFingerprintList[tcpPacket.FlagsRaw])
{
int w = f.GetHighestMatchWeight(tcpPacket, ipPacket);
if (w > osListWeight)
{
osListWeight = w;
osList.Clear();
//osList.Add(f.ToString());
osList.Add(new DeviceFingerprint(f.ToString()));
}
else if (w == osListWeight)
{
//osList.Add(f.ToString());
osList.Add(new DeviceFingerprint(f.ToString()));
}
}
if (osList.Count > 0)
{
//packetList=osList;
return(true);
}
}
}
}
catch (Exception e) {
//System.Diagnostics.Debug.Print(e.ToString());
SharedUtils.Logger.Log("Satori TCP exception. " + e.ToString(), SharedUtils.Logger.EventLogEntryType.Warning);
}
osList = null;
return(false);
}
//internal void ShowDnsRecord(Packets.DnsPacket.ResourceRecord record, NetworkHost dnsServer, NetworkHost dnsClient, Packets.IPv4Packet ipPakcet, Packets.UdpPacket udpPacket) {
public DnsRecordEventArgs(Packets.DnsPacket.IDnsResponseInfo record, NetworkHost dnsServer, NetworkHost dnsClient, Packets.IPv4Packet ipPakcet, Packets.UdpPacket udpPacket)
{
this.Record = record;
this.DnsServer = dnsServer;
this.DnsClient = dnsClient;
this.IpPakcet = ipPakcet;
this.UdpPacket = udpPacket;
}