/// <summary>
/// Reads TShark formatted data files.
/// </summary>
/// <param name="sourceFile">The original capture file path.</param>
/// <param name="schema">The TShark schema.</param>
/// <param name="dataFile">The TShark data file path.</param>
/// <param name="callback">Callback that will receive data rows.</param>
/// <param name="fixups">Fixups object containing any fixups to apply.</param>
public static void Read(string sourceFile, TSharkDataSchema schema, string dataFile, TSharkDataReaderCallback callback, TSharkFixups fixups)
{
XmlReaderSettings xmlReaderSettings = new XmlReaderSettings();
xmlReaderSettings.ConformanceLevel = ConformanceLevel.Document;
xmlReaderSettings.IgnoreComments = true;
xmlReaderSettings.IgnoreProcessingInstructions = true;
xmlReaderSettings.IgnoreWhitespace = true;
xmlReaderSettings.ValidationType = ValidationType.None;
CapFile capFile = new CapFile();
capFile.Path = sourceFile;
using (StreamReader dataReader = new StreamReader(dataFile, Encoding.UTF8))
using (XmlReader xmlReader = XmlReader.Create(dataReader, xmlReaderSettings))
{
ParseState state = new ParseState();
state.Schema = schema;
state.Document = new XmlDocument();
state.Reader = xmlReader;
state.File = capFile;
state.Callback = callback;
state.Fixups = fixups;
int index = 0;
// read all packets in the file
while (true)
{
if (!xmlReader.ReadToFollowing("packet"))
break;
CapPacket capPacket = new CapPacket();
capPacket.File = state.File;
capPacket.Number = index++;
try
{
state.Packet = capPacket;
ReadPacket(state);
}
catch (Exception ex)
{
Log.WriteError("Error processing packet.\nIndex: {0}\nError: {1}", index, ex.Message);
}
finally
{
state.Packet = null;
}
}
}
}
/// <summary>
/// Runs the data pump.
/// </summary>
public void Run()
{
string protocolsFile = Path.Combine(OutputPath, "TShark.protocols");
string fieldsFile = Path.Combine(OutputPath, "TShark.fields");
string valuesFile = Path.Combine(OutputPath, "TShark.values");
string decodesFile = Path.Combine(OutputPath, "TShark.decodes");
Log.WriteInfo("Generated schema file paths.\nProtocols: {0}\nFields: {1}\nValues: {2}\nDecodes: {3}", protocolsFile, fieldsFile, valuesFile, decodesFile);
Log.WriteInfo("Writing protocols file.");
TSharkInvoker.Invoke(TSharkPath, string.Format("-G protocols {0}", TSharkParams), protocolsFile);
Log.WriteInfo("Writing fields file.");
TSharkInvoker.Invoke(TSharkPath, string.Format("-G fields3 {0}", TSharkParams), fieldsFile);
Log.WriteInfo("Writing values file.");
TSharkInvoker.Invoke(TSharkPath, string.Format("-G values {0}", TSharkParams), valuesFile);
Log.WriteInfo("Writing decodes file.");
TSharkInvoker.Invoke(TSharkPath, string.Format("-G decodes {0}", TSharkParams), decodesFile);
TSharkDataSchema schema;
Log.WriteInfo("Reading TShark schema.");
schema = TSharkSchemaReader.Read(protocolsFile, fieldsFile, valuesFile, decodesFile);
Log.WriteInfo("Installing fixups.");
TSharkFixups fixups = new TSharkFixups();
if (!string.IsNullOrEmpty(FixupsPath))
{
fixups.LoadExternalFixups(FixupsPath);
}
using (DataWriter writer = CreateDataWriter())
{
DataFilter filter = new DataFilter(DataFilterPreset);
if (!string.IsNullOrEmpty(DataFilterPath))
{
filter.LoadExternalFilter(DataFilterPath);
}
writer.Filter = filter;
TSharkDataReaderCallback callback = writer.WriteRow;
Log.WriteInfo("Starting data pump.");
foreach (string file in FileSystemSupport.RecursiveScan(InputPath, null))
{
Log.WriteInfo("Processing: {0}", file);
string dataFile = GenerateOutputFile(file);
TSharkInvoker.Invoke(TSharkPath, string.Format("-r \"{0}\" -n -T pdml -V {1}", file.Replace("\"", "\\\""), TSharkParams), dataFile);
Log.WriteInfo("Reading TShark data file: {0}", dataFile);
TSharkDataReader.Read(file, schema, dataFile, callback, fixups);
}
}
}
/// <summary>
/// Reads TShark formatted data files.
/// </summary>
/// <param name="sourceFile">The original capture file path.</param>
/// <param name="schema">The TShark schema.</param>
/// <param name="dataFile">The TShark data file path.</param>
/// <param name="callback">Callback that will receive data rows.</param>
/// <param name="fixups">Fixups object containing any fixups to apply.</param>
public static void Read(string sourceFile, TSharkDataSchema schema, string dataFile, TSharkDataReaderCallback callback, TSharkFixups fixups)
{
XmlReaderSettings xmlReaderSettings = new XmlReaderSettings();
xmlReaderSettings.ConformanceLevel = ConformanceLevel.Document;
xmlReaderSettings.IgnoreComments = true;
xmlReaderSettings.IgnoreProcessingInstructions = true;
xmlReaderSettings.IgnoreWhitespace = true;
xmlReaderSettings.ValidationType = ValidationType.None;
CapFile capFile = new CapFile();
capFile.Path = sourceFile;
using (StreamReader dataReader = new StreamReader(dataFile, Encoding.UTF8))
using (XmlReader xmlReader = XmlReader.Create(dataReader, xmlReaderSettings))
{
ParseState state = new ParseState();
state.Schema = schema;
state.Document = new XmlDocument();
state.Reader = xmlReader;
state.File = capFile;
state.Callback = callback;
state.Fixups = fixups;
int index = 0;
// read all packets in the file
while (true)
{
if (!xmlReader.ReadToFollowing("packet"))
{
break;
}
CapPacket capPacket = new CapPacket();
capPacket.File = state.File;
capPacket.Number = index++;
try
{
state.Packet = capPacket;
ReadPacket(state);
}
catch (Exception ex)
{
Log.WriteError("Error processing packet.\nIndex: {0}\nError: {1}", index, ex.Message);
}
finally
{
state.Packet = null;
}
}
}
}