private void _Receive(int count = 0)
{
//using (_communicator = _device.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000))
//{
// _ppacketManager = new PPacketManager();
// if (_filter != null)
// _communicator.SetFilter(_filter);
// _communicator.ReceivePackets(0, ReceivePacketHandle);
//}
try
{
_communicator = _device.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000);
if (_dumpFile != null)
_packetDumpFile = _communicator.OpenDump(_dumpFile);
_ppacketManager = new PPacketManager();
if (_filter != null)
_communicator.SetFilter(_filter);
_communicator.ReceivePackets(count, ReceivePacketHandle);
}
finally
{
if (_communicator != null)
{
_communicator.Dispose();
_communicator = null;
}
if (_packetDumpFile != null)
{
_packetDumpFile.Dispose();
_packetDumpFile = null;
}
}
}
public static void DumpDetailsPacket(Packet packet)
{
if (detailsDumper == null)
{
detailsFile = Path.GetTempFileName();
detailsDumper = communicator.OpenDump(detailsFile);
}
detailsDumper.Dump(packet);
}
public void StartCapture()
{
var dev = LivePacketDevice.AllLocalMachine.FirstOrDefault(d => d.Name.Equals(Device.Name));
if (dev == null)
{
return;
}
var token = Cancellation.Token;
this.CaptureTask = new Task((state) =>
{
DumpOptions option = (DumpOptions)state;
// Open device
using (PacketCommunicator communicator = dev.Open(
65535, PacketDeviceOpenAttributes.Promiscuous,
250
))
{
if (option.Filter != null)
{
communicator.SetFilter(option.Filter);
}
using (PacketDumpFile dumpFile = communicator.OpenDump(option.Path))
{
int count = 0;
Stopwatch stopwatch = new Stopwatch();
stopwatch.Start();
while (count < option.Count &&
stopwatch.ElapsedMilliseconds < option.Durance.TotalMilliseconds)
{
token.ThrowIfCancellationRequested();
Packet packet;
var result = communicator.ReceivePacket(out packet);
if (result == PacketCommunicatorReceiveResult.Ok)
{
dumpFile.Dump(packet);
count++;
if (option.Callback != null)
{
option.Callback(null, new PacketArrivalEventArgs(packet));
}
}
}
}
}
}, Options, token, TaskCreationOptions.LongRunning);
CaptureTask.Start();
}
public static void Test_DumpPacketsToFile_02()
{
// from project SavingPacketsToADumpFile
_tr.WriteLine("Test_DumpPacketsToFile_02");
string dumpFile = @"dump\dump.pcap";
dumpFile = GetPath(dumpFile);
_tr.WriteLine("dump to file \"{0}\"", dumpFile);
PacketDevice device = SelectDevice();
if (device == null)
{
return;
}
__communicator = null;
//_rs.OnAbortExecution += new OnAbortEvent(OnAbortExecution);
_rs.OnAbortExecution = OnAbortExecution;
try
{
// Open the device : device.Open()
// snapshotLength = 65536, portion of the packet to capture 65536 guarantees that the whole packet will be captured on all the link layers
// attributes = PacketDeviceOpenAttributes.Promiscuous, promiscuous mode
// readTimeout = 1000
using (__communicator = device.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000))
{
//if (communicator.DataLink.Kind != DataLinkKind.Ethernet)
//{
// _tr.WriteLine("This program works only on Ethernet networks.");
// return;
//}
// start the capture
//var query = from packet in communicator.ReceivePackets() select packet; // where !packet.IsValid
using (PacketDumpFile dump = __communicator.OpenDump(dumpFile))
{
_tr.WriteLine("Listening on " + device.Description + "...");
// start the capture
__communicator.ReceivePackets(0, dump.Dump);
}
}
}
catch (Exception ex)
{
_tr.WriteLine(ex.Message);
}
finally
{
//_rs.OnAbortExecution -= new OnAbortEvent(OnAbortExecution);
}
}
private void backgroundWorker2_DoWork(object sender, DoWorkEventArgs e)
{
if (save.Checked)
{
using (PacketCommunicator communicator = selectedAdapter.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000))
{
using (PacketDumpFile dumpFile = communicator.OpenDump(fullpath + "Paquetes.pcap"))
{
communicator.ReceivePackets(0, dumpFile.Dump);
}
}
}
}
private void backgroundWorker2_DoWork(object sender, DoWorkEventArgs e)
{
if (save.Checked)
{
using (PacketCommunicator communicator = selectedAdapter.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000))
{
using (PacketDumpFile dumpFile = communicator.OpenDump(@"E:\networks final\.pcap"))
{
// start the capture
communicator.ReceivePackets(0, dumpFile.Dump);
}
}
}
}
private void SaveSniffing()
{
PacketDevice saveSelectedDevice = allDevices[ddlNetworkAdapters.SelectedIndex];
using (PacketCommunicator PkCommunicator = saveSelectedDevice.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000))
{
if (txtFilters.Text != "")
{
PkCommunicator.SetFilter(txtFilters.Text);
}
using (PacketDumpFile PkDumpFile = PkCommunicator.OpenDump(pcap_file))
{
PkCommunicator.ReceivePackets(0, PkDumpFile.Dump);
}
}
}
public PacketSniffer(int DeviceIndex)
{
// Retrieve the device list from the local machine
IList<LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine;
PacketDevice SelectedDevice = allDevices[DeviceIndex];
communicator = SelectedDevice.Open(65536, // portion of the packet to capture
// 65536 guarantees that the whole packet will be captured on all the link layers
PacketDeviceOpenAttributes.Promiscuous, // promiscuous mode
1000);
if (detailsDumper == null) {
detailsFile = Path.GetTempFileName();
detailsDumper = communicator.OpenDump(detailsFile);
}
ResetDumpFile();
}
public PacketSniffer(int DeviceIndex)
{
// Retrieve the device list from the local machine
IList <LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine;
PacketDevice SelectedDevice = allDevices[DeviceIndex];
communicator = SelectedDevice.Open(65536, // portion of the packet to capture
// 65536 guarantees that the whole packet will be captured on all the link layers
PacketDeviceOpenAttributes.Promiscuous, // promiscuous mode
1000);
if (detailsDumper == null)
{
detailsFile = Path.GetTempFileName();
detailsDumper = communicator.OpenDump(detailsFile);
}
ResetDumpFile();
}
private void backgroundWorker2_DoWork(object sender, DoWorkEventArgs e)
{
//if (save.Checked)
//{
using (PacketCommunicator communicator = selectedAdapter.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000))
{
string folderName = @"D:\Temp";
path = Path.Combine(folderName);
System.IO.Directory.CreateDirectory(path);
string fileName = System.IO.Path.GetRandomFileName();
path = System.IO.Path.Combine(path, fileName);
using (PacketDumpFile dumpFile = communicator.OpenDump(path))
{
communicator.ReceivePackets(0, dumpFile.Dump);
}
}
//}
}
private void _Receive(int count = 0)
{
//using (_communicator = _device.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000))
//{
// _ppacketManager = new PPacketManager();
// if (_filter != null)
// _communicator.SetFilter(_filter);
// _communicator.ReceivePackets(0, ReceivePacketHandle);
//}
try
{
_communicator = _device.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000);
if (_dumpFile != null)
{
_packetDumpFile = _communicator.OpenDump(_dumpFile);
}
_ppacketManager = new PPacketManager();
if (_filter != null)
{
_communicator.SetFilter(_filter);
}
_communicator.ReceivePackets(count, ReceivePacketHandle);
}
finally
{
if (_communicator != null)
{
_communicator.Dispose();
_communicator = null;
}
if (_packetDumpFile != null)
{
_packetDumpFile.Dispose();
_packetDumpFile = null;
}
}
}
static void Main(string[] args)
{
// Retrieve the device list from the local machine
IList <LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine;
if (allDevices.Count == 0)
{
Console.WriteLine("No interfaces found! Make sure WinPcap is installed.");
return;
}
// Print the list
for (int i = 0; i != allDevices.Count; ++i)
{
LivePacketDevice device = allDevices[i];
Console.Write((i + 1) + ". " + device.Name);
if (device.Description != null)
{
Console.WriteLine(" (" + device.Description + ")");
}
else
{
Console.WriteLine(" (No description available)");
}
}
int deviceIndex = 0;
do
{
Console.WriteLine("Enter the interface number (1-" + allDevices.Count + "):");
string deviceIndexString = Console.ReadLine();
if (!int.TryParse(deviceIndexString, out deviceIndex) ||
deviceIndex < 1 || deviceIndex > allDevices.Count)
{
deviceIndex = 0;
}
} while (deviceIndex == 0);
// Take the selected adapter
PacketDevice selectedDevice = allDevices[deviceIndex - 1];
// Open the device
using (PacketCommunicator communicator =
selectedDevice.Open(65536, // portion of the packet to capture
// 65536 guarantees that the whole packet will be captured on all the link layers
PacketDeviceOpenAttributes.Promiscuous, // promiscuous mode
1000)) // read timeout
{
// Check the link layer. We support only Ethernet for simplicity.
if (communicator.DataLink.Kind != DataLinkKind.Ethernet)
{
Console.WriteLine("This program works only on Ethernet networks.");
return;
}
// Compile and set the filter
// communicator.SetFilter("ip and tcp");
Console.WriteLine("Listening on " + selectedDevice.Description + "...");
// start the capture
var query = from packet in communicator.ReceivePackets()
// where !packet.IsValid
select packet;
using (PacketDumpFile dumpFile = communicator.OpenDump("dump.pcap"))
{
foreach (Packet packet in query)
{
if (packet.Length <= 60 &&
packet.Ethernet.EtherType == EthernetType.IpV4 &&
packet.Ethernet.IpV4.Protocol == IpV4Protocol.Tcp &&
packet.Ethernet.IpV4.Tcp.ControlBits == (TcpControlBits.Synchronize | TcpControlBits.Acknowledgment))
{
Console.WriteLine("Captured Packet " + packet.Timestamp);
}
// dumpFile.Dump(packet);
}
}
}
}
static void Main(string[] args)
{
// Check command line
if (args.Length != 1)
{
Console.WriteLine("usage: " + Environment.GetCommandLineArgs()[0] + " <filename>");
return;
}
// Retrieve the device list on the local machine
IList <LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine;
if (allDevices.Count == 0)
{
Console.WriteLine("No interfaces found! Make sure WinPcap is installed.");
return;
}
// Print the list
for (int i = 0; i != allDevices.Count; ++i)
{
LivePacketDevice device = allDevices[i];
Console.Write((i + 1) + ". " + device.Name);
if (device.Description != null)
{
Console.WriteLine(" (" + device.Description + ")");
}
else
{
Console.WriteLine(" (No description available)");
}
}
int deviceIndex = 0;
do
{
Console.WriteLine("Enter the interface number (1-" + allDevices.Count + "):");
string deviceIndexString = Console.ReadLine();
if (!int.TryParse(deviceIndexString, out deviceIndex) ||
deviceIndex < 1 || deviceIndex > allDevices.Count)
{
deviceIndex = 0;
}
} while (deviceIndex == 0);
// Take the selected adapter
PacketDevice selectedDevice = allDevices[deviceIndex - 1];
// Open the device
using (PacketCommunicator communicator =
selectedDevice.Open(65536, // portion of the packet to capture
// 65536 guarantees that the whole packet will be captured on all the link layers
PacketDeviceOpenAttributes.Promiscuous, // promiscuous mode
1000)) // read timeout
{
// Open the dump file
using (PacketDumpFile dumpFile = communicator.OpenDump(args[0]))
{
Console.WriteLine("Listening on " + selectedDevice.Description + "... Press Ctrl+C to stop...");
// start the capture
communicator.ReceivePackets(0, dumpFile.Dump);
}
}
}
public static void Test_DumpPacketsToFile_02()
{
// from project SavingPacketsToADumpFile
_tr.WriteLine("Test_DumpPacketsToFile_02");
string dumpFile = @"dump\dump.pcap";
dumpFile = GetPath(dumpFile);
_tr.WriteLine("dump to file \"{0}\"", dumpFile);
PacketDevice device = SelectDevice();
if (device == null)
return;
__communicator = null;
//_rs.OnAbortExecution += new OnAbortEvent(OnAbortExecution);
_rs.OnAbortExecution = OnAbortExecution;
try
{
// Open the device : device.Open()
// snapshotLength = 65536, portion of the packet to capture 65536 guarantees that the whole packet will be captured on all the link layers
// attributes = PacketDeviceOpenAttributes.Promiscuous, promiscuous mode
// readTimeout = 1000
using (__communicator = device.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000))
{
//if (communicator.DataLink.Kind != DataLinkKind.Ethernet)
//{
// _tr.WriteLine("This program works only on Ethernet networks.");
// return;
//}
// start the capture
//var query = from packet in communicator.ReceivePackets() select packet; // where !packet.IsValid
using (PacketDumpFile dump = __communicator.OpenDump(dumpFile))
{
_tr.WriteLine("Listening on " + device.Description + "...");
// start the capture
__communicator.ReceivePackets(0, dump.Dump);
}
}
}
catch (Exception ex)
{
_tr.WriteLine(ex.Message);
}
finally
{
//_rs.OnAbortExecution -= new OnAbortEvent(OnAbortExecution);
}
}
public static void Test_DumpPacketsToFile_01()
{
// from project CaptureInvalidPackets
_tr.WriteLine("Test_DumpPacketsToFile_01");
string dumpFile = @"dump\dump.pcap";
dumpFile = GetPath(dumpFile);
_tr.WriteLine("dump to file \"{0}\"", dumpFile);
PacketDevice device = SelectDevice();
if (device == null)
{
return;
}
try
{
// Open the device : device.Open()
// snapshotLength = 65536, portion of the packet to capture 65536 guarantees that the whole packet will be captured on all the link layers
// attributes = PacketDeviceOpenAttributes.Promiscuous, promiscuous mode
// readTimeout = 1000
using (PacketCommunicator communicator = device.Open(65536, PacketDeviceOpenAttributes.Promiscuous, 1000))
{
_tr.WriteLine("Listening on " + device.Description + "...");
if (communicator.DataLink.Kind != DataLinkKind.Ethernet)
{
_tr.WriteLine("This program works only on Ethernet networks.");
return;
}
// start the capture
var query = from packet in communicator.ReceivePackets() select packet; // where !packet.IsValid
using (PacketDumpFile dump = communicator.OpenDump(dumpFile))
{
foreach (Packet packet in query)
{
if (packet.Length <= 60 &&
packet.Ethernet.EtherType == EthernetType.IpV4 &&
packet.Ethernet.IpV4.Protocol == IpV4Protocol.Tcp &&
packet.Ethernet.IpV4.Tcp.ControlBits == (TcpControlBits.Synchronize | TcpControlBits.Acknowledgment))
{
_tr.WriteLine("Captured Packet " + packet.Timestamp);
}
_tr.WriteLine("dump packet " + packet.Timestamp);
dump.Dump(packet);
if (_rs.IsExecutionAborted())
{
break;
}
}
}
}
}
catch (Exception ex)
{
_tr.WriteLine(ex.Message);
}
}
