static void RawBlocks() { Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name); foreach (var block in PcapNg.ReadForward(fileName).Take(5)) { Console.WriteLine("{0} {1}", block.Length, block.Type); } }
static void Snmp() { Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name); var snmp = PcapNg.ReadForward(fileName) .ParseSnmp() .Take(5); foreach (var pdu in snmp) { Console.WriteLine(pdu.ToString()); } }
static void CapturedPackets() { Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name); var packets = PcapNg.ReadForward(fileName) .Where(b => b.Type == BlockType.EnhancedPacketBlock) .Cast <EnhancedPacketBlock>() .Take(5); foreach (var packet in packets) { Console.WriteLine("{0} {1} {2}", packet.TimestampUtc, packet.PacketLen, packet.CapturedLen); } }
static void Asn1Encoding() { Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name); var packets = PcapNg.ReadForward(fileName) .Where(b => b.Type == BlockType.EnhancedPacketBlock) .Cast <EnhancedPacketBlock>() .Take(5); foreach (var packet in packets) { int snmpLen = packet.PacketData.Length - 42; // 42 is the size of Ethernet + IP + UDP headers byte[] datagram = new byte[snmpLen]; Array.Copy(packet.PacketData, 42, datagram, 0, snmpLen); Console.WriteLine(BasicEncodingReader.ReadAllText(datagram)); } }
static void UdpPackets() { Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name); var packets = PcapNg.ReadForward(fileName) .Where(b => b.Type == BlockType.EnhancedPacketBlock) .Cast <EnhancedPacketBlock>() .Take(5); foreach (var packet in packets) { int ipLen = packet.PacketData.Length - 14; // 14 is the size of the Ethernet header byte[] datagram = new byte[ipLen]; Array.Copy(packet.PacketData, 14, datagram, 0, ipLen); UdpDatagram udp = new UdpDatagram(datagram); Console.WriteLine(udp.PacketData.ToHexDump()); Console.WriteLine(); } }
static void UdpPackets() { Console.WriteLine("\n======================= {0} =======================\n", MethodInfo.GetCurrentMethod().Name); var packets = PcapNg.ReadForward(fileName) .Where(b => b.Type == BlockType.EnhancedPacketBlock) .Cast <EnhancedPacketBlock>() .Take(5); foreach (var packet in packets) { int ipLen = packet.PacketData.Length - 14; // 14 is the size of the Ethernet header var ipPacket = PacketParser.Parse( DateTimeOffset.UtcNow, false, packet.PacketData, 14, ipLen); Console.WriteLine(ipPacket.PacketData.Array.ToHexDump()); Console.WriteLine(); } }
/// <summary> /// Reads the SNMP packets send over UDP, over IPv4, over Ethernet /// from capture file, ignoring everything else. /// /// All SNMP v2c packets are returned. In case SNMP v1 traps are ignored (NYI) /// </summary> /// <param name="file">The file in pcap-next-generation (.pacapng) format</param> /// <returns></returns> public static IEnumerable <SnmpTrapV2C> ReadPcapNg(string file) { return(PcapNg.ReadForward(file).ParseSnmp()); }