public static void run_CaptureFile(CaptureDeviceList devices, int i)
{
Console.Write("-- Please enter the output file name: ");
string capFile = Console.ReadLine();
var device = devices[i];
// Register our handler function to the 'packet arrival' event
device.OnPacketArrival +=
new PacketArrivalEventHandler(device_onPacketArrivalFile);
// Open the device for capturing
int readTimeoutMilliseconds = 1000;
if (device is AirPcapDevice)
{
// NOTE: AirPcap devices cannot disable local capture
var airPcap = device as AirPcapDevice;
airPcap.Open(SharpPcap.WinPcap.OpenFlags.DataTransferUdp, readTimeoutMilliseconds);
}
else if (device is WinPcapDevice)
{
var winPcap = device as WinPcapDevice;
winPcap.Open(SharpPcap.WinPcap.OpenFlags.DataTransferUdp | SharpPcap.WinPcap.OpenFlags.NoCaptureLocal, readTimeoutMilliseconds);
}
else if (device is LibPcapLiveDevice)
{
var livePcapDevice = device as LibPcapLiveDevice;
livePcapDevice.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
}
else
{
throw new System.InvalidOperationException("unknown device type of " + device.GetType().ToString());
}
Console.WriteLine();
Console.WriteLine("-- Listening on {0} {1}, writing to {2}, hit 'Enter' to stop...",
device.Name, device.Description,
capFile);
// open the output file
captureFileWriter = new CaptureFileWriterDevice(device as LibPcapLiveDevice, capFile);
// Start the capturing process
device.StartCapture();
// Wait for 'Enter' from the user.
Console.ReadLine();
// Stop the capturing process
device.StopCapture();
Console.WriteLine("-- Capture stopped.");
// Print out the device statistics
Console.WriteLine(device.Statistics.ToString());
// Close the pcap device
device.Close();
}
public void Start(string captureFileName = null)
{
_device.OnPacketArrival += DeviceOnPacketArrival;
if (!string.IsNullOrEmpty(captureFileName))
{
var captureWriter = new CaptureFileWriterDevice(captureFileName);
_device.OnPacketArrival += (sender, args) => captureWriter.Write(args.Packet);
}
if (_mode == Mode.File)
{
_device.Open();
}
else if (_device is NpcapDevice nPCap)
{
nPCap.Open(OpenFlags.DataTransferUdp | OpenFlags.NoCaptureLocal | OpenFlags.MaxResponsiveness, 1000);
}
else
{
_device.Open(DeviceMode.Promiscuous, 1000);
}
_device.Filter = Filter;
_device.StartCapture();
}
private static Action <(KeyValuePair <FlowKey, FlowRecordWithPackets> flow, int)> WriteFlow(string folder)
{
return((flowIndex) =>
{
var flow = flowIndex.flow;
var index = flowIndex.Item2;
var path = Path.Combine(folder, index.ToString()) + ".pcap";
var jsonPath = Path.ChangeExtension(path, ".json");
var pcapfile = new CaptureFileWriterDevice(path);
foreach (var(packet, time) in flow.Value.PacketList)
{
pcapfile.Write(new RawCapture(linkLayers, time, packet.Bytes));
}
pcapfile.Close();
var process = ExecuteTshark(path, jsonPath);
using (var compressedFileStream = File.Create(jsonPath + ".gz"))
using (var compressionStream = new GZipStream(compressedFileStream, CompressionMode.Compress))
{
process.StandardOutput.BaseStream.CopyTo(compressionStream);
}
process.WaitForExit();
});
}
public void TestFileCreationAndDeletion()
{
var wd = new CaptureFileWriterDevice(@"abc.pcap");
wd.Write(new byte[] { 1, 2, 3, 4 });
wd.Close();
System.IO.File.Delete(@"abc.pcap");
}
public override void IterationStarting(uint iterationCount, bool isReproduction)
{
lock (_lock)
{
_writer = new CaptureFileWriterDevice(_device, _tempFileName);
_numPackets = 0;
}
}
public void StatisticsUnsupported()
{
using (var wd = new CaptureFileWriterDevice(filename))
{
wd.Open();
Assert.IsNull(wd.Statistics);
}
}
public static void Online()
{
device = WinPcapDeviceList.Instance[1];
device.OnPacketArrival += Device_OnPacketArrival;
device.Open(DeviceMode.Normal);
captureFileWriter = new CaptureFileWriterDevice("test.pcap");
device.StartCapture();
}
public void TestOpenFromInterface()
{
using var device = TestHelper.GetPcapDevice();
device.Open();
// valid arguments results in the object being created
using var valid = new CaptureFileWriterDevice("somefilename.pcap", System.IO.FileMode.Open);
valid.Open(device);
}
/// <summary>
/// 将缓存队列中的数据包写入cap文件
/// </summary>
/// <param name="capFileName"></param>
public static void CreatecapFile(string capFileName)
{
deviceWriteFile = new CaptureFileWriterDevice(capFileName);
for (int i = 0; i < queue.Count; i++)
{
deviceWriteFile.Write(queue[i]);
}
deviceWriteFile.Close();
}
public static void Open(this CaptureFileWriterDevice device, ICaptureDevice captureDevice)
{
var configuration = new DeviceConfiguration()
{
LinkLayerType = captureDevice.LinkType,
};
device.Open(configuration);
}
public static void Open(this CaptureFileWriterDevice device, LinkLayers linkLayerType = LinkLayers.Ethernet)
{
var configuration = new DeviceConfiguration()
{
LinkLayerType = linkLayerType,
};
device.Open(configuration);
}
public void TestTimestampCreation()
{
// setting timestamp resolution
using var wd = new CaptureFileWriterDevice("simefilename.pcap", System.IO.FileMode.Open);
var configuration = new DeviceConfiguration
{
TimestampResolution = TimestampResolution.Nanosecond
};
wd.Open(configuration);
}
private void 导出为cap文件ToolStripMenuItem_Click(object sender, EventArgs e)
{
SaveFileDialog saveFileDialog = new SaveFileDialog();
saveFileDialog.RestoreDirectory = true;
if (saveFileDialog.ShowDialog() == DialogResult.OK)
{
CaptureFileWriterDevice device = new CaptureFileWriterDevice(saveFileDialog.FileName);
device.Write(rawCapture);
device.Close();
}
}
private static void WritePacketWrappers(string path, List <PacketWrapper> parsedPackets)
{
var writer = new CaptureFileWriterDevice(path, FileMode.CreateNew);
writer.Open();
foreach (var p in parsedPackets.SelectMany(pw => pw.GetWriteableCaptures()))
{
writer.Write(p);
}
writer.Close();
}
public void TestCreationOptions()
{
// valid arguments results in the object being created
using var valid = new CaptureFileWriterDevice("somefilename.pcap", System.IO.FileMode.Open);
valid.Open(linkLayerType: PacketDotNet.LinkLayers.Ethernet);
// file mode of append should throw
Assert.Throws <InvalidOperationException>(() =>
{
using var wd = new CaptureFileWriterDevice("somefilename.pcap", System.IO.FileMode.Append);
wd.Open(linkLayerType: PacketDotNet.LinkLayers.Ethernet);
});
}
/// <summary>
/// Saves content of each flow to the specified folder.
/// </summary>
/// <param name="folder"></param>
/// <param name="table"></param>
private static void SaveFlows(string folder, FlowTable table)
{
foreach (var(flow, index) in table.Entries.Select((x, i) => (x, i + 1)))
{
var path = Path.Combine(folder, index.ToString()) + ".pcap";
var pcapfile = new CaptureFileWriterDevice(path);
foreach (var(packet, time) in flow.Value.PacketList)
{
pcapfile.Write(new RawCapture(linkLayers, time, packet.Bytes));
}
}
}
protected override bool OnOpenPath(FileFormatOption option, string path, bool is_append)
{
try {
pcap_device_ = new CaptureFileWriterDevice(
LinkLayers.Ethernet,
null,
path,
(is_append) ? (FileMode.Append) : (FileMode.Create));
return(true);
} catch {
return(false);
}
}
//WaveFormat g726Format = new WaveFormat(8000, 32, 1);
//WaveFileWriter wavWriter;
public Call(string callID)
{
Console.WriteLine("Setup new call: " + callID);
// Init collection of sip messages
SIPMessages = new List <UdpPacket>();
// Setup capture file
captureFileWriter = new CaptureFileWriterDevice("Calls\\" + callID + ".pcap");
// Setup properties
this.CallID = callID;
// Set call started date/time
CallStarted = DateTime.Now;
}
public void TestFileCreationAndDeletion()
{
using (var wd = new CaptureFileWriterDevice(filename))
{
wd.Open();
Assert.AreEqual(filename, wd.Name);
Assert.IsNotEmpty(wd.Description);
var bytes = new byte[] { 1, 2, 3, 4 };
wd.Write(bytes);
var p = new RawCapture(PacketDotNet.LinkLayers.Ethernet, new PosixTimeval(), bytes);
wd.Write(p);
}
System.IO.File.Delete(@"abc.pcap");
}
private void button8_Click(object sender, EventArgs e)
{
//save capture to file in system
saveFileDialog1.Title = "save capture file as";
if (saveFileDialog1.ShowDialog() == DialogResult.OK)
{
captureFileWriter = new CaptureFileWriterDevice(saveFileDialog1.FileName);
if (packets.Count > 0)
{
for (int i = 0; i < packets.Count; i++)
{
captureFileWriter.Write(packets[i]);
}
}
}
}
private MailTrace(IPAddress _SrcIP, IPAddress _DstIP, ushort _SrcPort, ushort _DstPort, bool isSend)
{
SrcIP = _SrcIP;
DstIP = _DstIP;
SrcPort = _SrcPort;
DstPort = _DstPort;
PacketFlagFinCount = 0;
MailEnd = false;
SubFilePath = FileStoragePath.GetPath_AppMail();
string time = DateTime.Now.TimeOfDay.Hours + "時" + DateTime.Now.TimeOfDay.Minutes + "分" + DateTime.Now.TimeOfDay.Seconds + "." + DateTime.Now.TimeOfDay.Milliseconds + "秒 ";
MailType = isSend ? "Send " : "Receive ";
PcapFileName = MailType + time + SrcIP + " - " + DstIP + ".pcap";
PcapFileWriter = new CaptureFileWriterDevice(SubFilePath + "\\" + PcapFileName);
}
private void toolStripButton5_Click(object sender, EventArgs e)
{
SaveFileDialog dia = new SaveFileDialog();
dia.Filter = "数据包文件 (*.pcap)|*.pcap";
if (dia.ShowDialog() == System.Windows.Forms.DialogResult.OK)
{
CaptureFileWriterDevice fileWriter = new CaptureFileWriterDevice(dia.FileName);
foreach (Packet packet in softRoute.packets)
{
fileWriter.Write(packet.Bytes);
}
fileWriter.Close();
}
}
void do分析_Click(object sender, EventArgs e)
{
var __配置 = new M抓包配置
{
项目 = _当前项目,
录像 = this.in来源_文件.Checked
};
_B项目.保存项目映射(_当前项目.称, _当前项目.当前通信设备);
H程序配置.设置("当前项目索引", this.in项目.SelectedIndex.ToString());
if (__配置.录像)
{
var __录像名 = this.in文件.Text.Trim();
if (!File.Exists(__录像名))
{
XtraMessageBox.Show("请选择文件!");
return;
}
var __放映机 = new CaptureFileReaderDevice(__录像名);
__配置.网卡 = __放映机;
显示抓包列表窗口(__配置);
__放映机.Close();
}
else
{
__配置.网卡 = (ICaptureDevice)this.in网卡.SelectedItem;
if (__配置.网卡 == null)
{
XtraMessageBox.Show("请选择网卡!");
return;
}
H程序配置.设置("当前网卡索引", this.in网卡.SelectedIndex.ToString());
var __录像目录 = H路径.获取绝对路径("录像\\");
if (!Directory.Exists(__录像目录))
{
Directory.CreateDirectory(__录像目录);
}
var __录像机 = new CaptureFileWriterDevice(Path.Combine(__录像目录, _当前项目.称 + " " + DateTime.Now.ToString("yyyy-MM-dd hh-mm-ss")));
PacketArrivalEventHandler __处理抓包 = (object sender1, CaptureEventArgs e1) => __录像机.Write(e1.Packet);
__配置.网卡.OnPacketArrival += __处理抓包;
显示抓包列表窗口(__配置);
__配置.网卡.OnPacketArrival -= __处理抓包;
__录像机.Close();
}
}
private void Sniffing_Proccess()
{
// Open the device for capturing
int readTimeoutMilliseconds = 1000;
wifi_device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
// Start the capturing process
if (wifi_device.Opened)
{
if (textBox1.Text != "")
{
wifi_device.Filter = textBox1.Text;
}
captureFileWriter = new CaptureFileWriterDevice(wifi_device, Environment.CurrentDirectory + "capture.pcap");
wifi_device.Capture();
}
}
public PcapFileWriter(string FileName)
{
if (IsMaxOpenedFile())
{
list[0].Close();
for (int i = 0; i < MaxOpenedFile - 1; i++)
{
list[i] = list[i + 1];
}
Writer = new CaptureFileWriterDevice(FileName);
list[MaxOpenedFile - 1] = Writer;
}
else
{
Writer = new CaptureFileWriterDevice(FileName);
list.Add(Writer);
}
}
private void savefileCaptureToobar_Click(object sender, RoutedEventArgs e)
{
new Thread(() =>
{
System.DateTime startTime = TimeZone.CurrentTimeZone.ToLocalTime(new System.DateTime(1970, 1, 1)); // 当地时区
long timeStamp = (long)(DateTime.Now - startTime).TotalMilliseconds; // 相差毫秒数
string filename = @"E:\CapFile\capfile-" + timeStamp.ToString();
//File.Create(filename);
captureFileWriterDevice = new CaptureFileWriterDevice(filename);
foreach (var p in packets)
{
captureFileWriterDevice.Write(p);
}
packets.Clear();
captureFileWriterDevice.Close();
}).Start();
}
private void ButtonSave_Clicked(object sender, System.Windows.RoutedEventArgs e)
{
if (!GlobalResources.IsMonitoringEngineOn)
{
string PcapFile = "dump.pcap";
byte[] _packet = null;
CaptureFileWriterDevice packetWriter = new CaptureFileWriterDevice(PcapFile);
foreach (Packet packet in PacketSnifferResourcesObject.packets)
{
_packet = packet.Bytes;
packetWriter.Write(_packet);
}
MessageBox.Show("All the Packets Captured are being saved to dump.pcap", "Dump Successful", MessageBoxButton.OK, MessageBoxImage.Information);
}
else
{
MessageBox.Show("Please turn off the Monitoring Engine to save the packets", "Warning", MessageBoxButton.OK, MessageBoxImage.Warning);
}
}
//WaveFormat g726Format = new WaveFormat(8000, 32, 1);
//WaveFileWriter wavWriter;
public Call(string callID)
{
Console.WriteLine("Setup new call: " + callID);
// Init collection of sip messages
SIPMessages = new List <UdpPacket>();
// Setup capture file
SIPPacketFilePath = FileStoragePath.GetPath_SIP();
SIPPacketFilePathAndName = SIPPacketFilePath + "\\" + callID + ".pcap";
captureFileWriter = new CaptureFileWriterDevice(SIPPacketFilePathAndName);
// Setup properties
this.CallID = callID;
// Set call started date/time
CallStarted = DateTime.Now;
isEnd = false;
}
// Received pakcets will be push into queue. ( This is a callback function.)
private void PushPacketToQueue(object sender, CaptureEventArgs e)
{
Packet packet;
try
{
packet = PacketDotNet.Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
if (e.Packet.LinkLayerType != LinkLayers.Ethernet)
{
return;
}
// Write the packet to pcap file .
FileInfo PcapFile_Total = new FileInfo(AllPcapFileWriter.Name);
if (PcapFile_Total.Length < PcapFileMaxSizeOfByte) // 200 MB
{
AllPcapFileWriter.Write(packet.Bytes);
}
else
{
AllPcapFileWriter = new CaptureFileWriterDevice(FileStoragePath.GetPath_TotalPackets() + "\\" + DateTime.Now.ToString("tt hh.mm.ss.pcap"));
AllPcapFileWriter.Write(packet.Bytes);
}
// The Packet is too small , it does not be analyzed .
if (packet.Bytes.Length <= 60)
{
return;
}
lock (PacketQueueLock)
{
// push the packet to the queue .
PacketQueue.Enqueue(e.Packet);
}
}
catch
{
return;
}
}
public void TestInjectable()
{
using (var wd = new CaptureFileWriterDevice(filename))
{
wd.Open();
Assert.AreEqual(filename, wd.Name);
Assert.IsNotEmpty(wd.Description);
var bytes = new byte[] { 1, 2, 3, 4 };
var injectionDevice = wd as IInjectionDevice;
var p = new RawCapture(PacketDotNet.LinkLayers.Ethernet, new PosixTimeval(), bytes);
injectionDevice.SendPacket(p);
var span = new ReadOnlySpan <byte>(bytes, 0, bytes.Length);
injectionDevice.SendPacket(span);
}
System.IO.File.Delete(@"abc.pcap");
}
