protected void InitializeDriver()
{
FILTER_INFO filterInfo;
driver = NtTdiApi.OpenFilterDriverW(NtTdiApi.NTTDIDR_DRIVER_NAMEW);
if (driver == 0)
{
throw new Exception("Cannot open driver");
}
uint driverVersion = NtTdiApi.GetDriverVersion(driver);
if (driverVersion != NtTdiApi.NTTDIDR_DRIVER_VERSION)
{
throw new Exception("Unsupported driver version");
}
buffer = Marshal.AllocHGlobal(new IntPtr(bufferSize));
if (buffer == IntPtr.Zero)
{
throw new Exception(string.Format("Cannot allocate {0} bytes", bufferSize));
}
NtTdiApi.SetLoggingState(driver, 1);
filterInfo = new FILTER_INFO(1,
NtTdiApi.EVENT_MASK_FULL,
NtTdiApi.FLT_ACTION_LOG,
0,
0x00000000,
0x00000000,
0,
0xFFFF,
PROTOCOL.PROTOCOL_ANY,
0,
0xFFF);
NtTdiApi.RemoveAllFilters(driver);
if (!NtTdiApi.AddStaticFilter(driver, filterInfo))
{
throw new Exception("Cannot set filter");
}
}
/// <summary>
/// Stops the traffic monitoring
/// </summary>
public void PauseListening()
{
listening = false;
ThreadPool.QueueUserWorkItem((a) =>
{
lock (serializer)
{
foreach (var packet in packetBuffer)
{
serializer.SerializePacket(packet);
}
}
});
Marshal.FreeHGlobal(buffer);
NtTdiApi.SetLoggingState(driver, 0);
NtTdiApi.PurgeLog(driver);
NtTdiApi.RemoveAllFilters(driver);
this.DownloadSpeed = 0;
this.UploadSpeed = 0;
}