private static void device_OnPacketArrival(object sender, CaptureEventArgs e) { try { var sniff = new SniffedPacket(); var packet = PacketDotNet.Packet.ParsePacket(LinkLayers.Ethernet, e.Packet.Data); sniff.physical = packet; sniff.posixTime = e.Packet.Timeval; if (packet is PacketDotNet.EthernetPacket) { var eth = ((PacketDotNet.EthernetPacket)packet); //Console.WriteLine("Original Eth packet: " + eth.ToString()); sniff.network = eth; var ip = (PacketDotNet.IpPacket)packet.Extract(typeof(PacketDotNet.IpPacket)); if (ip != null) { //Console.WriteLine("Original IP packet: " + ip.ToString()); sniff.transport = ip; if (sniff.transport.Protocol == IPProtocolType.TCP) { var tcp = (PacketDotNet.TcpPacket)packet.Extract(typeof(PacketDotNet.TcpPacket)); if (tcp != null) { //Console.WriteLine("Original TCP packet: " + tcp.ToString()); sniff.application.tcp = tcp; sniff.sessionID = ip.SourceAddress.ToString() + ":" + ip.DestinationAddress.ToString(); } } else if (sniff.transport.Protocol == IPProtocolType.UDP) {//try to capture as UDP? var udp = (PacketDotNet.UdpPacket)packet.Extract(typeof(PacketDotNet.UdpPacket)); if (udp != null) { //Console.WriteLine("Original UDP packet: " + udp.ToString()); sniff.application.udp = udp; } } } //Console.WriteLine("Manipulated Eth packet: " + eth.ToString()); } QueueOfSniffedPackets.Enqueue(sniff); //slow down the reading of the file System.Threading.Thread.Sleep(2); //Console.WriteLine("Packet read."); }catch (Exception ex) { Console.WriteLine(ex.Message); } }
private static SniffedPacket ExtractTCPPacket(CaptureEventArgs e) { var sniff = new SniffedPacket(); try { //Sniff hte Incomming packet var packet = PacketDotNet.Packet.ParsePacket(LinkLayers.Ethernet, e.Packet.Data); sniff.physical = packet; sniff.posixTime = e.Packet.Timeval; if (packet is PacketDotNet.EthernetPacket) { var eth = ((PacketDotNet.EthernetPacket)packet); sniff.network = eth; var ip = (PacketDotNet.IpPacket)packet.Extract(typeof(PacketDotNet.IpPacket)); if (ip != null) { sniff.transport = ip; if (sniff.transport.Protocol == IPProtocolType.TCP) { var tcp = (PacketDotNet.TcpPacket)packet.Extract(typeof(PacketDotNet.TcpPacket)); if (tcp != null) { sniff.application.tcp = tcp; sniff.sessionID = ip.SourceAddress.ToString() + ":" + ip.DestinationAddress.ToString(); } } } } } catch (Exception ex) { Console.WriteLine(ex.Message); } return(sniff); }