예제 #1
0
        /// <summary>
        /// Reads TShark formatted data files.
        /// </summary>
        /// <param name="sourceFile">The original capture file path.</param>
        /// <param name="schema">The TShark schema.</param>
        /// <param name="dataFile">The TShark data file path.</param>
        /// <param name="callback">Callback that will receive data rows.</param>
        /// <param name="fixups">Fixups object containing any fixups to apply.</param>
        public static void Read(string sourceFile, TSharkDataSchema schema, string dataFile, TSharkDataReaderCallback callback, TSharkFixups fixups)
        {
            XmlReaderSettings xmlReaderSettings = new XmlReaderSettings();
            xmlReaderSettings.ConformanceLevel = ConformanceLevel.Document;
            xmlReaderSettings.IgnoreComments = true;
            xmlReaderSettings.IgnoreProcessingInstructions = true;
            xmlReaderSettings.IgnoreWhitespace = true;
            xmlReaderSettings.ValidationType = ValidationType.None;

            CapFile capFile = new CapFile();
            capFile.Path = sourceFile;

            using (StreamReader dataReader = new StreamReader(dataFile, Encoding.UTF8))
            using (XmlReader xmlReader = XmlReader.Create(dataReader, xmlReaderSettings))
            {
                ParseState state = new ParseState();
                state.Schema = schema;
                state.Document = new XmlDocument();
                state.Reader = xmlReader;
                state.File = capFile;
                state.Callback = callback;
                state.Fixups = fixups;

                int index = 0;

                // read all packets in the file
                while (true)
                {
                    if (!xmlReader.ReadToFollowing("packet"))
                        break;

                    CapPacket capPacket = new CapPacket();
                    capPacket.File = state.File;
                    capPacket.Number = index++;

                    try
                    {
                        state.Packet = capPacket;

                        ReadPacket(state);
                    }
                    catch (Exception ex)
                    {
                        Log.WriteError("Error processing packet.\nIndex: {0}\nError: {1}", index, ex.Message);
                    }
                    finally
                    {
                        state.Packet = null;
                    }
                }
            }
        }
예제 #2
0
파일: DataPump.cs 프로젝트: 5342/C5SIGMA
        /// <summary>
        /// Runs the data pump.
        /// </summary>
        public void Run()
        {
            string protocolsFile = Path.Combine(OutputPath, "TShark.protocols");
            string fieldsFile = Path.Combine(OutputPath, "TShark.fields");
            string valuesFile = Path.Combine(OutputPath, "TShark.values");
            string decodesFile = Path.Combine(OutputPath, "TShark.decodes");

            Log.WriteInfo("Generated schema file paths.\nProtocols: {0}\nFields: {1}\nValues: {2}\nDecodes: {3}", protocolsFile, fieldsFile, valuesFile, decodesFile);

            Log.WriteInfo("Writing protocols file.");
            TSharkInvoker.Invoke(TSharkPath, string.Format("-G protocols {0}", TSharkParams), protocolsFile);

            Log.WriteInfo("Writing fields file.");
            TSharkInvoker.Invoke(TSharkPath, string.Format("-G fields3 {0}", TSharkParams), fieldsFile);

            Log.WriteInfo("Writing values file.");
            TSharkInvoker.Invoke(TSharkPath, string.Format("-G values {0}", TSharkParams), valuesFile);

            Log.WriteInfo("Writing decodes file.");
            TSharkInvoker.Invoke(TSharkPath, string.Format("-G decodes {0}", TSharkParams), decodesFile);

            TSharkDataSchema schema;

            Log.WriteInfo("Reading TShark schema.");
            schema = TSharkSchemaReader.Read(protocolsFile, fieldsFile, valuesFile, decodesFile);

            Log.WriteInfo("Installing fixups.");
            TSharkFixups fixups = new TSharkFixups();
            if (!string.IsNullOrEmpty(FixupsPath))
            {
                fixups.LoadExternalFixups(FixupsPath);
            }

            using (DataWriter writer = CreateDataWriter())
            {
                DataFilter filter = new DataFilter(DataFilterPreset);
                if (!string.IsNullOrEmpty(DataFilterPath))
                {
                    filter.LoadExternalFilter(DataFilterPath);
                }
                writer.Filter = filter;

                TSharkDataReaderCallback callback = writer.WriteRow;

                Log.WriteInfo("Starting data pump.");
                foreach (string file in FileSystemSupport.RecursiveScan(InputPath, null))
                {
                    Log.WriteInfo("Processing: {0}", file);

                    string dataFile = GenerateOutputFile(file);
                    TSharkInvoker.Invoke(TSharkPath, string.Format("-r \"{0}\" -n -T pdml -V {1}", file.Replace("\"", "\\\""), TSharkParams), dataFile);

                    Log.WriteInfo("Reading TShark data file: {0}", dataFile);
                    TSharkDataReader.Read(file, schema, dataFile, callback, fixups);
                }
            }
        }
예제 #3
0
        /// <summary>
        /// Reads TShark formatted data files.
        /// </summary>
        /// <param name="sourceFile">The original capture file path.</param>
        /// <param name="schema">The TShark schema.</param>
        /// <param name="dataFile">The TShark data file path.</param>
        /// <param name="callback">Callback that will receive data rows.</param>
        /// <param name="fixups">Fixups object containing any fixups to apply.</param>
        public static void Read(string sourceFile, TSharkDataSchema schema, string dataFile, TSharkDataReaderCallback callback, TSharkFixups fixups)
        {
            XmlReaderSettings xmlReaderSettings = new XmlReaderSettings();

            xmlReaderSettings.ConformanceLevel             = ConformanceLevel.Document;
            xmlReaderSettings.IgnoreComments               = true;
            xmlReaderSettings.IgnoreProcessingInstructions = true;
            xmlReaderSettings.IgnoreWhitespace             = true;
            xmlReaderSettings.ValidationType               = ValidationType.None;

            CapFile capFile = new CapFile();

            capFile.Path = sourceFile;

            using (StreamReader dataReader = new StreamReader(dataFile, Encoding.UTF8))
                using (XmlReader xmlReader = XmlReader.Create(dataReader, xmlReaderSettings))
                {
                    ParseState state = new ParseState();
                    state.Schema   = schema;
                    state.Document = new XmlDocument();
                    state.Reader   = xmlReader;
                    state.File     = capFile;
                    state.Callback = callback;
                    state.Fixups   = fixups;

                    int index = 0;

                    // read all packets in the file
                    while (true)
                    {
                        if (!xmlReader.ReadToFollowing("packet"))
                        {
                            break;
                        }

                        CapPacket capPacket = new CapPacket();
                        capPacket.File   = state.File;
                        capPacket.Number = index++;

                        try
                        {
                            state.Packet = capPacket;

                            ReadPacket(state);
                        }
                        catch (Exception ex)
                        {
                            Log.WriteError("Error processing packet.\nIndex: {0}\nError: {1}", index, ex.Message);
                        }
                        finally
                        {
                            state.Packet = null;
                        }
                    }
                }
        }