/// <summary>
/// Takes care of initializing the Network Monitor API
/// </summary>
/// <returns>true on success</returns>
private static bool InitializeNMAPI()
{
// Initialize the NMAPI
NM_API_CONFIGURATION apiConfig = new NM_API_CONFIGURATION();
apiConfig.Size = (ushort)System.Runtime.InteropServices.Marshal.SizeOf(apiConfig);
ulong errno = NetmonAPI.NmGetApiConfiguration(ref apiConfig);
if (errno != ERROR_SUCCESS)
{
Console.WriteLine("Failed to Get NMAPI Configuration Error Number = " + errno);
return(false);
}
// Set possible configuration values for API Initialization Here
////apiConfig.CaptureEngineCountLimit = 4;
errno = NetmonAPI.NmApiInitialize(ref apiConfig);
if (errno != ERROR_SUCCESS)
{
Console.WriteLine("Failed to Initialize the NMAPI Error Number = " + errno);
return(false);
}
return(true);
}
private uint InitIfRequired()
{
if (_netApiInited)
{
return(0);
}
// Changing the configuration is crucial otherwise NmOpenCaptureEngine fails with error 2147549446 (Not documented? :/ )
// The issue has something to do with the 'threading mode' there are some non helpful mentions of such issue here:
// https://social.microsoft.com/Forums/azure/en-US/a0388a28-dc14-47a3-af21-a68380dcd4ab/network-monitor-fails-running-under-quotlocal-system-accountquot?forum=netmon
NM_API_CONFIGURATION apiConfig = new NM_API_CONFIGURATION();
apiConfig.Size = (ushort)System.Runtime.InteropServices.Marshal.SizeOf(typeof(NM_API_CONFIGURATION));
uint errno = NetmonAPI.NmGetApiConfiguration(ref apiConfig);
if (errno != 0)
{
Console.WriteLine("Failed Initiating NetMon API.NmGetApiConfiguration returned: " + errno);
return(errno);
}
// Edit current configuration and send the new version to the API.
apiConfig.ThreadingMode = 0;
errno = NetmonAPI.NmApiInitialize(ref apiConfig);
if (errno != 0)
{
Console.WriteLine("Failed Initiating NetMon API. NmApiInitialize returned: " + errno);
return(errno);
}
_netApiInited = true;
return(0); // success
}
public void Setup()
{
NM_API_CONFIGURATION apiConfig = new NM_API_CONFIGURATION();
apiConfig.Size = (ushort)System.Runtime.InteropServices.Marshal.SizeOf(typeof(NM_API_CONFIGURATION));
uint status = NetmonAPI.NmGetApiConfiguration(ref apiConfig);
apiConfig.ThreadingMode = 0;
uint errno = NetmonAPI.NmApiInitialize(ref apiConfig);
if (errno != 0)
{
throw new Exception("Error NmApiInitalize. Errno: " + errno);
}
}
private uint ConfigureCaptureEngine(ushort threadingModel)
{
uint errno;
NM_API_CONFIGURATION apiConfig = new NM_API_CONFIGURATION();
apiConfig.Size = (ushort)Marshal.SizeOf(apiConfig);
errno = NetmonAPI.NmGetApiConfiguration(ref apiConfig);
if (errno != 0)
{
throw new Exception(FormatErrMsg("Unable to retrieve configuration.", errno));
}
apiConfig.ThreadingMode = threadingModel; //threading model:
errno = NetmonAPI.NmApiInitialize(ref apiConfig);
if (errno != 0)
{
throw new Exception(FormatErrMsg("Unable to initialize configuration.", errno));
}
// Open a Capture Engine.
return(NetmonAPI.NmOpenCaptureEngine(out this.captureEngineHandle));
}
static void Main(string[] args)
{
// / / Initialize NetworkMonitor API
NM_API_CONFIGURATION apiConfig = new NM_API_CONFIGURATION();
apiConfig.Size = (ushort)(System.Runtime.InteropServices.Marshal.SizeOf(apiConfig));
NetmonAPI.NmGetApiConfiguration(ref apiConfig);
apiConfig.ThreadingMode = 0;
NetmonAPI.NmApiInitialize(ref apiConfig);
IntPtr nplPointer = IntPtr.Zero;
NetmonAPI.NmLoadNplParser(null, NmNplParserLoadingOption.NmAppendRegisteredNplSets, pErrorCallBack, IntPtr.Zero, out nplPointer);
// / / Initialize Frame parser
IntPtr parserConfigPointer;
NetmonAPI.NmCreateFrameParserConfiguration(nplPointer, pErrorCallBack, IntPtr.Zero, out parserConfigPointer);
NetmonAPI.NmConfigConversation(parserConfigPointer, NmConversationConfigOption.None, true);
IntPtr ParserPointer;
NetmonAPI.NmCreateFrameParser(parserConfigPointer, out ParserPointer, NmFrameParserOptimizeOption.ParserOptimizeNone);
// / / Parse capture file
IntPtr captureFileHandle;
NetmonAPI.NmOpenCaptureFile("auto.cap", out captureFileHandle);
uint rawFrameCount;
NetmonAPI.NmGetFrameCount(captureFileHandle, out rawFrameCount);
uint frameNumber = 0;
IntPtr rawFrame;
NetmonAPI.NmGetFrame(captureFileHandle, frameNumber, out rawFrame);
IntPtr parsedFrame;
IntPtr insRawFrame;
NetmonAPI.NmParseFrame(ParserPointer, rawFrame, frameNumber, NmFrameParsingOption.FieldDisplayStringRequired | NmFrameParsingOption.FieldFullNameRequired | NmFrameParsingOption.DataTypeNameRequired, out parsedFrame, out insRawFrame);
uint fieldCount;
NetmonAPI.NmGetFieldCount(parsedFrame, out fieldCount);
uint BUFFER_SIZE = 1024;
char[] name = new char[BUFFER_SIZE * 2];
unsafe
{
fixed(char *pstr = name)
{
NetmonAPI.NmGetFieldName(parsedFrame, 0, NmParsedFieldNames.NamePath, BUFFER_SIZE * 2, pstr);
}
}
String fieldName = new String(name).Replace("\0", String.Empty);
NetmonAPI.NmCloseHandle(captureFileHandle);
}
