public void Parse(string pcapFileName)
{
using (PcapFileReader pcapReader = new PcapFileReader(pcapFileName)) {
ThreadStart threadStart = new ThreadStart(pcapReader.ThreadStart);
Thread pcapReaderThread = new Thread(threadStart);
//string exePath = System.IO.Path.GetFullPath(System.Windows.Forms.Application.ExecutablePath);
//string executablePath = System.IO.Path.GetFullPath(System.Diagnostics.Process.GetCurrentProcess().MainModule.FileName);
string executablePath = System.IO.Path.GetFullPath(System.Reflection.Assembly.GetEntryAssembly().Location);
PacketParser.PacketHandler packetHandler = new PacketHandler(executablePath, System.Environment.CurrentDirectory, null, true, new Func <DateTime, string>((DateTime dateTime) => { return(dateTime.ToUniversalTime().ToString("u")); }), false);
packetHandler.StartBackgroundThreads();
int readFrames = 0;
foreach (PcapFrame packet in pcapReader.PacketEnumerator())
{
/*
* while (readFrames % (100) == 0 && packetHandler.FramesInQueue > 1000) {
* System.Threading.Thread.Sleep(100);
* }
*/
PacketParser.Frame frame = packetHandler.GetFrame(packet.Timestamp, packet.Data, packet.DataLinkType);
packetHandler.AddFrameToFrameParsingQueue(frame);
readFrames++;
}
}
}
internal LoadingProcess(PcapFileReader pcapReader, CaseFile caseFile)
: this()
{
this.caseFile = caseFile;
this.pcapReader = pcapReader;
this.textLabel.Text = caseFile.Filename;
this.progressBar1.Value = 0;
this.percent = 0;
this.percentLabel.Text = "" + percent + " %";
this.isAborted = false;
}
private static void ParsePCAPFile(String filePath)
{
int percentRead = 0;
using (PcapFileReader pcapReader = new PcapFileReader(filePath)) {
DateTime parsingStartTime = DateTime.Now;
Logger.Log(filePath + " start parsing " + parsingStartTime.ToString(), Logger.EventLogEntryType.Information);
Console.WriteLine("Start parsing " + filePath);
int enqueuedFramesSinceLastWait = 0;
PacketHandler packetHandler = new PacketHandler(EXE_PATH, System.Environment.CurrentDirectory, null, true, new Func <DateTime, string>((DateTime dateTime) => { return(dateTime.ToUniversalTime().ToString("u")); }), false);
packetHandler.StartBackgroundThreads();
foreach (PcapFrame pcapPacket in pcapReader.PacketEnumerator())
{
Frame frame = packetHandler.GetFrame(pcapPacket.Timestamp, pcapPacket.Data, pcapPacket.DataLinkType);
packetHandler.AddFrameToFrameParsingQueue(frame);
enqueuedFramesSinceLastWait++;
int newPercentRead = pcapReader.GetPercentRead(packetHandler.FramesToParseQueuedByteCount);
if (newPercentRead != percentRead)
{
percentRead = newPercentRead;
// output percent
Console.WriteLine("Progress: " + percentRead + "%");
}
}
Logger.Log(enqueuedFramesSinceLastWait + " frames read in " + DateTime.Now.Subtract(parsingStartTime).ToString(), Logger.EventLogEntryType.Information);
while (packetHandler.FramesInQueue > 0) //just to make sure we dont finish too early
{
System.Threading.Thread.Sleep(200);
int newPercentRead = pcapReader.GetPercentRead(packetHandler.FramesToParseQueuedByteCount);
if (newPercentRead != percentRead)
{
percentRead = newPercentRead;
// output percent
Console.WriteLine("Progress: " + percentRead + "%");
}
}
TimeSpan parsingTimeTotal = DateTime.Now.Subtract(parsingStartTime);
Logger.Log(filePath + " parsed in " + parsingTimeTotal.ToString(), Logger.EventLogEntryType.Information);
Console.WriteLine("Finished parsing " + filePath);
}
}
public static void Test_AnalyzeTcpStreamTest_ReadPcap_01(string file)
{
Trace.WriteLine("Test_AnalyzeTcpStreamTest_ReadPcap_01");
Trace.WriteLine("pcap file \"{0}\"", file);
Pib.Pcap.Test.AnalyzeTcpStreamTest tcpAnalyze = new Pib.Pcap.Test.AnalyzeTcpStreamTest();
using (PcapFileReader pcapFileReader = new PcapFileReader(GetPath(file)))
{
PPacketManager ppacketManager = new PPacketManager();
foreach (PcapPacket packet in pcapFileReader)
{
Packet packet2 = new Packet(packet.Data, packet.Timestamp, DataLinkKind.Ethernet);
tcpAnalyze.Add(ppacketManager.CreatePPacket(packet2));
}
}
Trace.WriteLine("{0} packet captured", tcpAnalyze.Packets.Count);
//var q = from p in gPacketList where p.TCPHeader != null orderby p.gGroupNumber, p.PacketNumber select p;
var q = from p in tcpAnalyze.Packets where p.PPacket.Tcp != null orderby p.StreamNumber, p.PPacket.PacketNumber select p;
Trace.WriteLine("{0} packet selectionned", q.Count());
foreach (Pib.Pcap.Test.TcpStreamPacket p in q)
PrintStreamPacket(p);
}
