예제 #1
0
 protected abstract string _GetNameForPacket(OPacket packet);
예제 #2
0
        private bool _ParsePacket(RawCapture r, OPacket p)
        {
            Packet packet = PacketDotNet.Packet.ParsePacket(r.LinkLayerType, r.Data);
            IpPacket ip = PacketDotNet.IpPacket.GetEncapsulated(packet);
            if (null == ip)
            {
                return false;
            }
            p.SetSourceIP(ip.SourceAddress.ToString());
            p.SetDestinationIP(ip.DestinationAddress.ToString());
            p.SetLength(r.Data.Length);
            p.SetTimeCollected(r.Timeval.Seconds);
            TcpPacket tcp = PacketDotNet.TcpPacket.GetEncapsulated(packet);
            if (null != tcp)
            {
                p.SetProtocol(tcp.DestinationPort);
                return true;
            }
//            UdpPacket udp = PacketDotNet.UdpPacket.GetEncapsulated(packet);
//            if (null != udp)
//            {
//                p.SetProtocol(udp.DestinationPort);
//                return true;
//            }

            return false;
        }
예제 #3
0
        private void _ThreadProc()
        {
            while (false == _requestStop)
            {
                bool _sleep = false;
                // Get packet from packet queue
                lock (_sync)
                {
                    // If there is no packets
                    if (_capturedPackets.Count <= 0)
                    {
                        _sleep = true;
                    }
                }
                // If there is no packet captured
                if (true == _sleep)
                {
                    Thread.Sleep(100);
                    continue;
                }

                // At this time, we have packets captured
                // We have to handle this packet;
                List<RawCapture> curPacket = null;
                lock(_sync)
                {
                    curPacket = _capturedPackets;
                    _capturedPackets = new List<RawCapture>();
                }
                foreach(RawCapture r in curPacket)
                {
                    // 1. Parse packet
                    OPacket packet = new OPacket();
                    if (false == _ParsePacket(r, packet))
                    {
                        continue;
                    }

                    // 2. Save packet to database
                    lock (_sync)
                    {
                        _db.SavePacket(packet, r.Data);
                    }

                    int nNextNo = lstPackets.Items.Count + 1;
                    ListViewItem item = new ListViewItem(nNextNo.ToString());
                    item.SubItems.Add(packet.GetTimeCollected().ToString());
                    item.SubItems.Add(packet.GetSourceIP());
                    item.SubItems.Add(packet.GetDestinationIP());
                    item.SubItems.Add(ProtocolInfo.instanceOf().ConvertToString(packet.GetProtocol()));
                    item.SubItems.Add(r.Data.Length.ToString());

                    // We need to show captured packet in the UI
                    // but, this code is running in different thread from the UI thread
                    // So, we have to use BeginInvoke to transfer request to UI thread
                    this.Invoke(new Action(delegate ()
                    {
                        lstPackets.Items.Add(item);
                    }
                    ));

                    // Add OPacket object in the list
                    _curPacketList.AddPacket(packet);
                }
                curPacket.Clear();
            }
        }
예제 #4
0
        public bool QueryPackets(ulong startTime, ulong endTime, List<int> protocolList, OCurrentPacketList curPackets)
        {
            if (null == _dbConnection)
            {
                return false;
            }

            // Build Query statement
            string sql = BuildSQLStatement(startTime, endTime, protocolList);
            SQLiteCommand command = new SQLiteCommand(sql, _dbConnection);
            SQLiteDataReader reader = command.ExecuteReader();
            while (reader.Read())
            {
                OPacket pac = new OPacket();
                pac.SetTimeCollected((ulong)(Int64)reader[0]);
                pac.SetSourceIP((string)reader[1]);
                pac.SetDestinationIP((string)reader[2]);
                pac.SetProtocol((int)(Int64)reader[3]);
                pac.SetLength((int)(Int64)reader[4]);
                pac.SetPacketStoredPath((string)reader[5]);

                curPackets.AddPacket(pac);
            }
            return true;
        }
예제 #5
0
        public void SavePacket(OPacket packet, byte[] rawData)
        {
            if (null == _dbConnection)
            {
                return;
            }

            // Save packet data into the file system
            string _path = OArchive.GetArchiveFolder();
            _path += "\\";
            _path += _GetTempName();

            // Save packet data
            if (false == _SavePacketAsFile(_path, rawData))
            {
                return;
            }

            packet.SetPacketStoredPath(_path);

            // Save into the Database
            string sql = "INSERT INTO packets (collected_time, src_ip, dest_ip, dest_port, length, packet_path) values ";
            string sqlValue = "(";
            sqlValue += packet.GetTimeCollected();
            sqlValue += ", ";
            sqlValue += "\"";
            sqlValue += packet.GetSourceIP();
            sqlValue += "\"";
            sqlValue += ", ";
            sqlValue += "\"";
            sqlValue += packet.GetDestinationIP();
            sqlValue += "\"";
            sqlValue += ", ";
            sqlValue += Convert.ToString(packet.GetProtocol());
            sqlValue += ", ";
            sqlValue += "\"";
            sqlValue += Convert.ToString(packet.GetLength());
            sqlValue += "\"";
            sqlValue += ", ";
            sqlValue += "\"";
            sqlValue += packet.GetPacketStoredPath();
            sqlValue += "\"";
            sqlValue += ")";
            sql += sqlValue;
            SQLiteCommand command = new SQLiteCommand(sql, _dbConnection);
            command.ExecuteNonQuery();
        }
예제 #6
0
 public void AddPacket(OPacket packet)
 {
     _list.Add(packet);
 }
 protected override string _GetNameForPacket(OPacket packet)
 {
     string res;
     res = (packet.GetTimeCollected() - _basetime).ToString();
     return res;
 }
 protected override string _GetNameForPacket(OPacket packet)
 {
     string res = ProtocolInfo.instanceOf().ConvertToString(packet.GetProtocol());
     return res;
 }