public static void run_CaptureFile(CaptureDeviceList devices, int i) { Console.Write("-- Please enter the output file name: "); string capFile = Console.ReadLine(); var device = devices[i]; // Register our handler function to the 'packet arrival' event device.OnPacketArrival += new PacketArrivalEventHandler(device_onPacketArrivalFile); // Open the device for capturing int readTimeoutMilliseconds = 1000; if (device is AirPcapDevice) { // NOTE: AirPcap devices cannot disable local capture var airPcap = device as AirPcapDevice; airPcap.Open(SharpPcap.WinPcap.OpenFlags.DataTransferUdp, readTimeoutMilliseconds); } else if (device is WinPcapDevice) { var winPcap = device as WinPcapDevice; winPcap.Open(SharpPcap.WinPcap.OpenFlags.DataTransferUdp | SharpPcap.WinPcap.OpenFlags.NoCaptureLocal, readTimeoutMilliseconds); } else if (device is LibPcapLiveDevice) { var livePcapDevice = device as LibPcapLiveDevice; livePcapDevice.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); } else { throw new System.InvalidOperationException("unknown device type of " + device.GetType().ToString()); } Console.WriteLine(); Console.WriteLine("-- Listening on {0} {1}, writing to {2}, hit 'Enter' to stop...", device.Name, device.Description, capFile); // open the output file captureFileWriter = new CaptureFileWriterDevice(device as LibPcapLiveDevice, capFile); // Start the capturing process device.StartCapture(); // Wait for 'Enter' from the user. Console.ReadLine(); // Stop the capturing process device.StopCapture(); Console.WriteLine("-- Capture stopped."); // Print out the device statistics Console.WriteLine(device.Statistics.ToString()); // Close the pcap device device.Close(); }
public void Start(string captureFileName = null) { _device.OnPacketArrival += DeviceOnPacketArrival; if (!string.IsNullOrEmpty(captureFileName)) { var captureWriter = new CaptureFileWriterDevice(captureFileName); _device.OnPacketArrival += (sender, args) => captureWriter.Write(args.Packet); } if (_mode == Mode.File) { _device.Open(); } else if (_device is NpcapDevice nPCap) { nPCap.Open(OpenFlags.DataTransferUdp | OpenFlags.NoCaptureLocal | OpenFlags.MaxResponsiveness, 1000); } else { _device.Open(DeviceMode.Promiscuous, 1000); } _device.Filter = Filter; _device.StartCapture(); }
private static Action <(KeyValuePair <FlowKey, FlowRecordWithPackets> flow, int)> WriteFlow(string folder) { return((flowIndex) => { var flow = flowIndex.flow; var index = flowIndex.Item2; var path = Path.Combine(folder, index.ToString()) + ".pcap"; var jsonPath = Path.ChangeExtension(path, ".json"); var pcapfile = new CaptureFileWriterDevice(path); foreach (var(packet, time) in flow.Value.PacketList) { pcapfile.Write(new RawCapture(linkLayers, time, packet.Bytes)); } pcapfile.Close(); var process = ExecuteTshark(path, jsonPath); using (var compressedFileStream = File.Create(jsonPath + ".gz")) using (var compressionStream = new GZipStream(compressedFileStream, CompressionMode.Compress)) { process.StandardOutput.BaseStream.CopyTo(compressionStream); } process.WaitForExit(); }); }
public void TestFileCreationAndDeletion() { var wd = new CaptureFileWriterDevice(@"abc.pcap"); wd.Write(new byte[] { 1, 2, 3, 4 }); wd.Close(); System.IO.File.Delete(@"abc.pcap"); }
public override void IterationStarting(uint iterationCount, bool isReproduction) { lock (_lock) { _writer = new CaptureFileWriterDevice(_device, _tempFileName); _numPackets = 0; } }
public void StatisticsUnsupported() { using (var wd = new CaptureFileWriterDevice(filename)) { wd.Open(); Assert.IsNull(wd.Statistics); } }
public static void Online() { device = WinPcapDeviceList.Instance[1]; device.OnPacketArrival += Device_OnPacketArrival; device.Open(DeviceMode.Normal); captureFileWriter = new CaptureFileWriterDevice("test.pcap"); device.StartCapture(); }
public void TestOpenFromInterface() { using var device = TestHelper.GetPcapDevice(); device.Open(); // valid arguments results in the object being created using var valid = new CaptureFileWriterDevice("somefilename.pcap", System.IO.FileMode.Open); valid.Open(device); }
/// <summary> /// 将缓存队列中的数据包写入cap文件 /// </summary> /// <param name="capFileName"></param> public static void CreatecapFile(string capFileName) { deviceWriteFile = new CaptureFileWriterDevice(capFileName); for (int i = 0; i < queue.Count; i++) { deviceWriteFile.Write(queue[i]); } deviceWriteFile.Close(); }
public static void Open(this CaptureFileWriterDevice device, ICaptureDevice captureDevice) { var configuration = new DeviceConfiguration() { LinkLayerType = captureDevice.LinkType, }; device.Open(configuration); }
public static void Open(this CaptureFileWriterDevice device, LinkLayers linkLayerType = LinkLayers.Ethernet) { var configuration = new DeviceConfiguration() { LinkLayerType = linkLayerType, }; device.Open(configuration); }
public void TestTimestampCreation() { // setting timestamp resolution using var wd = new CaptureFileWriterDevice("simefilename.pcap", System.IO.FileMode.Open); var configuration = new DeviceConfiguration { TimestampResolution = TimestampResolution.Nanosecond }; wd.Open(configuration); }
private void 导出为cap文件ToolStripMenuItem_Click(object sender, EventArgs e) { SaveFileDialog saveFileDialog = new SaveFileDialog(); saveFileDialog.RestoreDirectory = true; if (saveFileDialog.ShowDialog() == DialogResult.OK) { CaptureFileWriterDevice device = new CaptureFileWriterDevice(saveFileDialog.FileName); device.Write(rawCapture); device.Close(); } }
private static void WritePacketWrappers(string path, List <PacketWrapper> parsedPackets) { var writer = new CaptureFileWriterDevice(path, FileMode.CreateNew); writer.Open(); foreach (var p in parsedPackets.SelectMany(pw => pw.GetWriteableCaptures())) { writer.Write(p); } writer.Close(); }
public void TestCreationOptions() { // valid arguments results in the object being created using var valid = new CaptureFileWriterDevice("somefilename.pcap", System.IO.FileMode.Open); valid.Open(linkLayerType: PacketDotNet.LinkLayers.Ethernet); // file mode of append should throw Assert.Throws <InvalidOperationException>(() => { using var wd = new CaptureFileWriterDevice("somefilename.pcap", System.IO.FileMode.Append); wd.Open(linkLayerType: PacketDotNet.LinkLayers.Ethernet); }); }
/// <summary> /// Saves content of each flow to the specified folder. /// </summary> /// <param name="folder"></param> /// <param name="table"></param> private static void SaveFlows(string folder, FlowTable table) { foreach (var(flow, index) in table.Entries.Select((x, i) => (x, i + 1))) { var path = Path.Combine(folder, index.ToString()) + ".pcap"; var pcapfile = new CaptureFileWriterDevice(path); foreach (var(packet, time) in flow.Value.PacketList) { pcapfile.Write(new RawCapture(linkLayers, time, packet.Bytes)); } } }
protected override bool OnOpenPath(FileFormatOption option, string path, bool is_append) { try { pcap_device_ = new CaptureFileWriterDevice( LinkLayers.Ethernet, null, path, (is_append) ? (FileMode.Append) : (FileMode.Create)); return(true); } catch { return(false); } }
//WaveFormat g726Format = new WaveFormat(8000, 32, 1); //WaveFileWriter wavWriter; public Call(string callID) { Console.WriteLine("Setup new call: " + callID); // Init collection of sip messages SIPMessages = new List <UdpPacket>(); // Setup capture file captureFileWriter = new CaptureFileWriterDevice("Calls\\" + callID + ".pcap"); // Setup properties this.CallID = callID; // Set call started date/time CallStarted = DateTime.Now; }
public void TestFileCreationAndDeletion() { using (var wd = new CaptureFileWriterDevice(filename)) { wd.Open(); Assert.AreEqual(filename, wd.Name); Assert.IsNotEmpty(wd.Description); var bytes = new byte[] { 1, 2, 3, 4 }; wd.Write(bytes); var p = new RawCapture(PacketDotNet.LinkLayers.Ethernet, new PosixTimeval(), bytes); wd.Write(p); } System.IO.File.Delete(@"abc.pcap"); }
private void button8_Click(object sender, EventArgs e) { //save capture to file in system saveFileDialog1.Title = "save capture file as"; if (saveFileDialog1.ShowDialog() == DialogResult.OK) { captureFileWriter = new CaptureFileWriterDevice(saveFileDialog1.FileName); if (packets.Count > 0) { for (int i = 0; i < packets.Count; i++) { captureFileWriter.Write(packets[i]); } } } }
private MailTrace(IPAddress _SrcIP, IPAddress _DstIP, ushort _SrcPort, ushort _DstPort, bool isSend) { SrcIP = _SrcIP; DstIP = _DstIP; SrcPort = _SrcPort; DstPort = _DstPort; PacketFlagFinCount = 0; MailEnd = false; SubFilePath = FileStoragePath.GetPath_AppMail(); string time = DateTime.Now.TimeOfDay.Hours + "時" + DateTime.Now.TimeOfDay.Minutes + "分" + DateTime.Now.TimeOfDay.Seconds + "." + DateTime.Now.TimeOfDay.Milliseconds + "秒 "; MailType = isSend ? "Send " : "Receive "; PcapFileName = MailType + time + SrcIP + " - " + DstIP + ".pcap"; PcapFileWriter = new CaptureFileWriterDevice(SubFilePath + "\\" + PcapFileName); }
private void toolStripButton5_Click(object sender, EventArgs e) { SaveFileDialog dia = new SaveFileDialog(); dia.Filter = "数据包文件 (*.pcap)|*.pcap"; if (dia.ShowDialog() == System.Windows.Forms.DialogResult.OK) { CaptureFileWriterDevice fileWriter = new CaptureFileWriterDevice(dia.FileName); foreach (Packet packet in softRoute.packets) { fileWriter.Write(packet.Bytes); } fileWriter.Close(); } }
void do分析_Click(object sender, EventArgs e) { var __配置 = new M抓包配置 { 项目 = _当前项目, 录像 = this.in来源_文件.Checked }; _B项目.保存项目映射(_当前项目.称, _当前项目.当前通信设备); H程序配置.设置("当前项目索引", this.in项目.SelectedIndex.ToString()); if (__配置.录像) { var __录像名 = this.in文件.Text.Trim(); if (!File.Exists(__录像名)) { XtraMessageBox.Show("请选择文件!"); return; } var __放映机 = new CaptureFileReaderDevice(__录像名); __配置.网卡 = __放映机; 显示抓包列表窗口(__配置); __放映机.Close(); } else { __配置.网卡 = (ICaptureDevice)this.in网卡.SelectedItem; if (__配置.网卡 == null) { XtraMessageBox.Show("请选择网卡!"); return; } H程序配置.设置("当前网卡索引", this.in网卡.SelectedIndex.ToString()); var __录像目录 = H路径.获取绝对路径("录像\\"); if (!Directory.Exists(__录像目录)) { Directory.CreateDirectory(__录像目录); } var __录像机 = new CaptureFileWriterDevice(Path.Combine(__录像目录, _当前项目.称 + " " + DateTime.Now.ToString("yyyy-MM-dd hh-mm-ss"))); PacketArrivalEventHandler __处理抓包 = (object sender1, CaptureEventArgs e1) => __录像机.Write(e1.Packet); __配置.网卡.OnPacketArrival += __处理抓包; 显示抓包列表窗口(__配置); __配置.网卡.OnPacketArrival -= __处理抓包; __录像机.Close(); } }
private void Sniffing_Proccess() { // Open the device for capturing int readTimeoutMilliseconds = 1000; wifi_device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); // Start the capturing process if (wifi_device.Opened) { if (textBox1.Text != "") { wifi_device.Filter = textBox1.Text; } captureFileWriter = new CaptureFileWriterDevice(wifi_device, Environment.CurrentDirectory + "capture.pcap"); wifi_device.Capture(); } }
public PcapFileWriter(string FileName) { if (IsMaxOpenedFile()) { list[0].Close(); for (int i = 0; i < MaxOpenedFile - 1; i++) { list[i] = list[i + 1]; } Writer = new CaptureFileWriterDevice(FileName); list[MaxOpenedFile - 1] = Writer; } else { Writer = new CaptureFileWriterDevice(FileName); list.Add(Writer); } }
private void savefileCaptureToobar_Click(object sender, RoutedEventArgs e) { new Thread(() => { System.DateTime startTime = TimeZone.CurrentTimeZone.ToLocalTime(new System.DateTime(1970, 1, 1)); // 当地时区 long timeStamp = (long)(DateTime.Now - startTime).TotalMilliseconds; // 相差毫秒数 string filename = @"E:\CapFile\capfile-" + timeStamp.ToString(); //File.Create(filename); captureFileWriterDevice = new CaptureFileWriterDevice(filename); foreach (var p in packets) { captureFileWriterDevice.Write(p); } packets.Clear(); captureFileWriterDevice.Close(); }).Start(); }
private void ButtonSave_Clicked(object sender, System.Windows.RoutedEventArgs e) { if (!GlobalResources.IsMonitoringEngineOn) { string PcapFile = "dump.pcap"; byte[] _packet = null; CaptureFileWriterDevice packetWriter = new CaptureFileWriterDevice(PcapFile); foreach (Packet packet in PacketSnifferResourcesObject.packets) { _packet = packet.Bytes; packetWriter.Write(_packet); } MessageBox.Show("All the Packets Captured are being saved to dump.pcap", "Dump Successful", MessageBoxButton.OK, MessageBoxImage.Information); } else { MessageBox.Show("Please turn off the Monitoring Engine to save the packets", "Warning", MessageBoxButton.OK, MessageBoxImage.Warning); } }
//WaveFormat g726Format = new WaveFormat(8000, 32, 1); //WaveFileWriter wavWriter; public Call(string callID) { Console.WriteLine("Setup new call: " + callID); // Init collection of sip messages SIPMessages = new List <UdpPacket>(); // Setup capture file SIPPacketFilePath = FileStoragePath.GetPath_SIP(); SIPPacketFilePathAndName = SIPPacketFilePath + "\\" + callID + ".pcap"; captureFileWriter = new CaptureFileWriterDevice(SIPPacketFilePathAndName); // Setup properties this.CallID = callID; // Set call started date/time CallStarted = DateTime.Now; isEnd = false; }
// Received pakcets will be push into queue. ( This is a callback function.) private void PushPacketToQueue(object sender, CaptureEventArgs e) { Packet packet; try { packet = PacketDotNet.Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data); if (e.Packet.LinkLayerType != LinkLayers.Ethernet) { return; } // Write the packet to pcap file . FileInfo PcapFile_Total = new FileInfo(AllPcapFileWriter.Name); if (PcapFile_Total.Length < PcapFileMaxSizeOfByte) // 200 MB { AllPcapFileWriter.Write(packet.Bytes); } else { AllPcapFileWriter = new CaptureFileWriterDevice(FileStoragePath.GetPath_TotalPackets() + "\\" + DateTime.Now.ToString("tt hh.mm.ss.pcap")); AllPcapFileWriter.Write(packet.Bytes); } // The Packet is too small , it does not be analyzed . if (packet.Bytes.Length <= 60) { return; } lock (PacketQueueLock) { // push the packet to the queue . PacketQueue.Enqueue(e.Packet); } } catch { return; } }
public void TestInjectable() { using (var wd = new CaptureFileWriterDevice(filename)) { wd.Open(); Assert.AreEqual(filename, wd.Name); Assert.IsNotEmpty(wd.Description); var bytes = new byte[] { 1, 2, 3, 4 }; var injectionDevice = wd as IInjectionDevice; var p = new RawCapture(PacketDotNet.LinkLayers.Ethernet, new PosixTimeval(), bytes); injectionDevice.SendPacket(p); var span = new ReadOnlySpan <byte>(bytes, 0, bytes.Length); injectionDevice.SendPacket(span); } System.IO.File.Delete(@"abc.pcap"); }