private static void device_OnPacketArrival(object sender, CaptureEventArgs e)
{
try
{
var sniff = new SniffedPacket();
var packet = PacketDotNet.Packet.ParsePacket(LinkLayers.Ethernet, e.Packet.Data);
sniff.physical = packet;
sniff.posixTime = e.Packet.Timeval;
if (packet is PacketDotNet.EthernetPacket)
{
var eth = ((PacketDotNet.EthernetPacket)packet);
//Console.WriteLine("Original Eth packet: " + eth.ToString());
sniff.network = eth;
var ip = (PacketDotNet.IpPacket)packet.Extract(typeof(PacketDotNet.IpPacket));
if (ip != null)
{
//Console.WriteLine("Original IP packet: " + ip.ToString());
sniff.transport = ip;
if (sniff.transport.Protocol == IPProtocolType.TCP)
{
var tcp = (PacketDotNet.TcpPacket)packet.Extract(typeof(PacketDotNet.TcpPacket));
if (tcp != null)
{
//Console.WriteLine("Original TCP packet: " + tcp.ToString());
sniff.application.tcp = tcp;
sniff.sessionID = ip.SourceAddress.ToString() + ":" + ip.DestinationAddress.ToString();
}
}
else if (sniff.transport.Protocol == IPProtocolType.UDP)
{//try to capture as UDP?
var udp = (PacketDotNet.UdpPacket)packet.Extract(typeof(PacketDotNet.UdpPacket));
if (udp != null)
{
//Console.WriteLine("Original UDP packet: " + udp.ToString());
sniff.application.udp = udp;
}
}
}
//Console.WriteLine("Manipulated Eth packet: " + eth.ToString());
}
QueueOfSniffedPackets.Enqueue(sniff);
//slow down the reading of the file
System.Threading.Thread.Sleep(2);
//Console.WriteLine("Packet read.");
}catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
private static SniffedPacket ExtractTCPPacket(CaptureEventArgs e)
{
var sniff = new SniffedPacket();
try
{
//Sniff hte Incomming packet
var packet = PacketDotNet.Packet.ParsePacket(LinkLayers.Ethernet, e.Packet.Data);
sniff.physical = packet;
sniff.posixTime = e.Packet.Timeval;
if (packet is PacketDotNet.EthernetPacket)
{
var eth = ((PacketDotNet.EthernetPacket)packet);
sniff.network = eth;
var ip = (PacketDotNet.IpPacket)packet.Extract(typeof(PacketDotNet.IpPacket));
if (ip != null)
{
sniff.transport = ip;
if (sniff.transport.Protocol == IPProtocolType.TCP)
{
var tcp = (PacketDotNet.TcpPacket)packet.Extract(typeof(PacketDotNet.TcpPacket));
if (tcp != null)
{
sniff.application.tcp = tcp;
sniff.sessionID = ip.SourceAddress.ToString() + ":" + ip.DestinationAddress.ToString();
}
}
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
return(sniff);
}
