public void ReportPacketCapture(Packet packet, DateTime arrivalTime)
{
var ip = (PacketDotNet.IpPacket)packet.Extract(typeof(PacketDotNet.IpPacket));
//IpPacket ip = (IpPacket)packet.Extract(typeof(IpPacket));
TcpPacket tcp = (TcpPacket)packet.Extract(typeof(TcpPacket));
ASCIIEncoding format = new ASCIIEncoding();
string payloadAsText = format.GetString(packet.Bytes);
payloadAsText = payloadAsText.ToLower();
//remove non readable characters
//payloadAsText = Regex.Replace(payloadAsText, @"[^\u0000-\u007F]", string.Empty);
payloadAsText = Regex.Replace(payloadAsText, "[^0-9a-zA-Z]+", string.Empty);
if ((tcp != null) && (payloadAsText.Contains("ftp")))
{
int x = 5;
}
if (payloadAsText.Length > 255)
{
payloadAsText = payloadAsText.Substring(0, 255);
}
if (tcp != null)
{
_sensorEventAgent.LogEvent(_sensorId, ip.DestinationAddress.ToString(), tcp.DestinationPort, ip.SourceAddress.ToString(), tcp.SourcePort,
arrivalTime, payloadAsText);
}
}
