static void RawBlocks()
{
Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name);
foreach (var block in PcapNg.ReadForward(fileName).Take(5))
{
Console.WriteLine("{0} {1}", block.Length, block.Type);
}
}
static void Snmp()
{
Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name);
var snmp = PcapNg.ReadForward(fileName)
.ParseSnmp()
.Take(5);
foreach (var pdu in snmp)
{
Console.WriteLine(pdu.ToString());
}
}
static void CapturedPackets()
{
Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name);
var packets = PcapNg.ReadForward(fileName)
.Where(b => b.Type == BlockType.EnhancedPacketBlock)
.Cast <EnhancedPacketBlock>()
.Take(5);
foreach (var packet in packets)
{
Console.WriteLine("{0} {1} {2}", packet.TimestampUtc, packet.PacketLen, packet.CapturedLen);
}
}
static void Asn1Encoding()
{
Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name);
var packets = PcapNg.ReadForward(fileName)
.Where(b => b.Type == BlockType.EnhancedPacketBlock)
.Cast <EnhancedPacketBlock>()
.Take(5);
foreach (var packet in packets)
{
int snmpLen = packet.PacketData.Length - 42; // 42 is the size of Ethernet + IP + UDP headers
byte[] datagram = new byte[snmpLen];
Array.Copy(packet.PacketData, 42, datagram, 0, snmpLen);
Console.WriteLine(BasicEncodingReader.ReadAllText(datagram));
}
}
static void UdpPackets()
{
Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name);
var packets = PcapNg.ReadForward(fileName)
.Where(b => b.Type == BlockType.EnhancedPacketBlock)
.Cast <EnhancedPacketBlock>()
.Take(5);
foreach (var packet in packets)
{
int ipLen = packet.PacketData.Length - 14; // 14 is the size of the Ethernet header
byte[] datagram = new byte[ipLen];
Array.Copy(packet.PacketData, 14, datagram, 0, ipLen);
UdpDatagram udp = new UdpDatagram(datagram);
Console.WriteLine(udp.PacketData.ToHexDump());
Console.WriteLine();
}
}
static void UdpPackets()
{
Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name);
var packets = PcapNg.ReadForward(fileName)
.Where(b => b.Type == BlockType.EnhancedPacketBlock)
.Cast <EnhancedPacketBlock>()
.Take(5);
foreach (var packet in packets)
{
int ipLen = packet.PacketData.Length - 14; // 14 is the size of the Ethernet header
var ipPacket = PacketParser.Parse(
DateTimeOffset.UtcNow,
false,
packet.PacketData,
14,
ipLen);
Console.WriteLine(ipPacket.PacketData.Array.ToHexDump());
Console.WriteLine();
}
}
/// <summary>
/// Reads the SNMP packets send over UDP, over IPv4, over Ethernet
/// from capture file, ignoring everything else.
///
/// All SNMP v2c packets are returned. In case SNMP v1 traps are ignored (NYI)
/// </summary>
/// <param name="file">The file in pcap-next-generation (.pacapng) format</param>
/// <returns></returns>
public static IEnumerable <SnmpTrapV2C> ReadPcapNg(string file)
{
return(PcapNg.ReadForward(file).ParseSnmp());
}
