C# (CSharp) Utils.Tcpdump 예제들

프로그래밍 언어: C# (CSharp)

클래스/타입: Utils.Tcpdump

hotexamples.com에서의 예제들: 2

C# (CSharp) Utils.Tcpdump - 2개의 예제가 발견되었습니다. 이것들은 오픈소스 프로젝트에서 추출된 C# (CSharp)의 Utils.Tcpdump에 대한 실세계 최고 등급의 예제들입니다. 예제들을 평가하여 예제의 품질 향상에 도움을 줄 수 있습니다.

예제 #1

파일 보기

파일: Detail.cshtml.cs 프로젝트: chrisokhamera/IDSUniParser

        public async Task <ActionResult> OnPostPcap(int cid, int sid, string source, string dest, string output)
        {
            SnortContext db = HttpContext.RequestServices.GetService(typeof(SnortContext)) as SnortContext;

            Utils.Tcpdump tcpdump_path = HttpContext.RequestServices.GetService(typeof(Utils.Tcpdump)) as Utils.Tcpdump;
            string        path         = tcpdump_path.path;

            if (StaticData.alerts == null)
            {
                StaticData.alerts = AlertMapper.ResolveAlerts(0, ref StaticData.signatureStrings, db.GetConnection());
            }

            //alerts = SessionExtensions.Get<List<Alert>>(HttpContext.Session,"alert");
            this.cid = cid;
            this.sid = sid;
            alerts.Add(StaticData.alerts.Where(x => x.cid == cid && x.sid == sid).FirstOrDefault());

            targetSec = ((DateTimeOffset)alerts.First().time).ToUnixTimeSeconds();

            long epochTicks = new DateTime(1970, 1, 1).Ticks;

            targetMS = alerts.First().time.Ticks - epochTicks;
            //TimeSpan epochTicks2 = new TimeSpan(new DateTime(1970, 1, 1).Ticks);
            //targetMS = (ulong) (((DateTimeOffset)alerts.First().time).Ticks - epochTicks2.Ticks)/10;

            IEnumerable <string> files;

            try
            {
                files = Directory.EnumerateFiles(path, "tcpdump.log.*");
            }
            catch (Exception)
            {
                return(RedirectToPage("Error", "Issue", new { issue = "Snort packet log folder not found (" + path + "). Change the path in appsettings.json to match the Snort output path." }));
            }

            long   closestTS   = 0;
            string closestFile = "";

            foreach (string f in files)
            {
                //ulong currentTS = Convert.ToUInt64(f.Split('.').Last());
                long currentTSS = Convert.ToInt64(f.Split('.').Last());
                //DateTime currentTS = Convert.ToDateTime(f.Split('.').Last());
                if (currentTSS <= targetSec && currentTSS > closestTS)
                {
                    closestTS   = currentTSS;
                    closestFile = f;
                }
            }
            if (closestFile == "")
            {
                return(RedirectToPage("Error", "Issue", new { issue = "No appropriate packet log found in " + path + ". Please review your Snort output configuration and activate: output log_tcpdump: tcpdump.log" }));
            }
            string dir = Path.Combine(Startup.AppPath, "wwwroot/pcaps/");

            if (!System.IO.File.Exists(dir + sid + "." + cid))
            {
                (new FileInfo(dir + sid + "." + cid)).Directory.Create();
                //CaptureDeviceList devices = CaptureDeviceList.Instance;
                CaptureFileReaderDevice device = new CaptureFileReaderDevice(closestFile);
                captureFileWriter = new CaptureFileWriterDevice(dir + sid + "." + cid);
                captureFileWriter.Open();
                device.OnPacketArrival  += new PacketArrivalEventHandler(this.device_OnPacketArrival);
                device.OnCaptureStopped += new CaptureStoppedEventHandler(this.device_OnCaptureStopped);
                device.Filter            = "host " + source + " and host " + dest;
                device.StartCapture();

                signal = new SemaphoreSlim(0, 1);
                await signal.WaitAsync();
            }
            switch (output)
            {
            case "pcap":
            {
                return(File("/pcaps/" + sid + "." + cid, "application/octet-stream",
                            sid + "." + cid + ".pcap"));
            }

            case "tcpdump":
            {
                string tcpdump = Utils.Bash("tcpdump -r " + dir + sid + "." + cid);
                return(File(new MemoryStream(Encoding.UTF8.GetBytes(tcpdump ?? "tcpdump is not available")), "application/octet-stream",
                            sid + "." + cid + ".txt"));
            }

            default:
            {
                return(File("/pcaps/" + sid + "." + cid, "application/octet-stream",
                            sid + "." + cid + ".pcap"));
            }
            }
        }

예제 #2

파일 보기

파일: Detail.cshtml.cs 프로젝트: chrisokhamera/IDSUniParser

        public async void extractFromPcap(int cid, int sid)
        {
            string       dir = Path.Combine(Startup.AppPath, "wwwroot/pcaps/");
            SnortContext db  = HttpContext.RequestServices.GetService(typeof(SnortContext)) as SnortContext;

            Utils.Tcpdump tcpdump_path = HttpContext.RequestServices.GetService(typeof(Utils.Tcpdump)) as Utils.Tcpdump;
            string        path         = tcpdump_path.path;

            if (StaticData.alerts == null)
            {
                StaticData.alerts = AlertMapper.ResolveAlerts(0, ref StaticData.signatureStrings, db.GetConnection());
            }

            //alerts = SessionExtensions.Get<List<Alert>>(HttpContext.Session,"alert");
            this.cid = cid;
            this.sid = sid;
            alerts.Add(StaticData.alerts.Where(x => x.cid == cid && x.sid == sid).FirstOrDefault());

            //UTC
            targetSec = ((DateTimeOffset)alerts.First().time).ToUnixTimeSeconds();

            //Local Time
            //TimeSpan epochSecs = new TimeSpan(new DateTime(1970, 1, 1).Second);
            //targetSec = (((DateTimeOffset)alerts.First().time).Second - epochSecs.Seconds);

            if (!System.IO.File.Exists(dir + sid + "." + cid))
            {
                string source = StaticData.alerts.Where(x => x.cid == cid && x.sid == sid).FirstOrDefault().src_ip;
                string dest   = StaticData.alerts.Where(x => x.cid == cid && x.sid == sid).FirstOrDefault().dest_ip;

                long epochTicks = new DateTime(1970, 1, 1).Ticks;
                targetMS = alerts.First().time.Ticks - epochTicks;
                //TimeSpan epochTicks2 = new TimeSpan(new DateTime(1970, 1, 1).Ticks);
                //targetMS = (ulong) (((DateTimeOffset)alerts.First().time).Ticks - epochTicks2.Ticks)/10;

                IEnumerable <string> files;
                try
                {
                    files = Directory.EnumerateFiles(path, "tcpdump.log.*");


                    long   closestTS   = 0;
                    string closestFile = "";

                    foreach (string f in files)
                    {
                        //ulong currentTS = Convert.ToUInt64(f.Split('.').Last());
                        long currentTSS = Convert.ToInt64(f.Split('.').Last());
                        //DateTime currentTS = Convert.ToDateTime(f.Split('.').Last());
                        if (currentTSS <= targetSec && currentTSS > closestTS)
                        {
                            closestTS   = currentTSS;
                            closestFile = f;
                        }
                    }

                    (new FileInfo(dir + sid + "." + cid)).Directory.Create();
                    //CaptureDeviceList devices = CaptureDeviceList.Instance;
                    CaptureFileReaderDevice device = new CaptureFileReaderDevice(closestFile);
                    captureFileWriter = new CaptureFileWriterDevice(dir + sid + "." + cid);
                    captureFileWriter.Open();
                    device.OnPacketArrival  += new PacketArrivalEventHandler(this.device_OnPacketArrival);
                    device.OnCaptureStopped += new CaptureStoppedEventHandler(this.device_OnCaptureStopped);
                    device.Filter            = "host " + source + " and host " + dest;
                    device.StartCapture();

                    signal = new SemaphoreSlim(0, 1);
                    await signal.WaitAsync();
                }
                catch (Exception) {; }
            }
        }