示例#1
0
        public void SerializePacket(Packet packet)
        {
            using (FileStream fileStream = new FileStream(packetDatabase, FileMode.Append, FileAccess.Write, FileShare.Write))
            {
                MemoryStream compressedPacketStream = new MemoryStream();
                Packet.CompressPacket(packet, out compressedPacketStream);

                BinaryWriter writer = new BinaryWriter(fileStream);
                writer.Write(compressedPacketStream.Capacity);
                compressedPacketStream.WriteTo(fileStream);

                compressedPacketStream.Close();
                writer.Close();
            }
        }
示例#2
0
        internal static void CompressPacket(Packet packet, out MemoryStream outStream)
        {
            MemoryStream memoryStream = new MemoryStream();
            BinaryFormatter formatter = new BinaryFormatter();
            formatter.Serialize(memoryStream, packet);

            byte[] input = memoryStream.ToArray();
            byte[] output = new byte[input.Length + 1];
            LZF compressor = new LZF();
            int outLength = compressor.Compress(input, input.Length, output, output.Length);
            output = output.Take(outLength).ToArray();
            outStream = new MemoryStream(output);

            memoryStream.Close();
            outStream.Position = 0;
        }
示例#3
0
 static void monitor_PacketReceived(object sender, Packet packet)
 {
     Packet p = packet;
     Console.WriteLine("From {0} to {1}", p.IpHeader.SourceHostName, p.IpHeader.DestinationHostName);
     Console.WriteLine("Protocol: {0}", p.IpHeader.Protocol);
 }
示例#4
0
 protected virtual void OnPacketReceived(Packet p)
 {
     if (PacketReceived != null)
         PacketReceived(p);
 }
示例#5
0
        /// <summary>
        /// Starts capturing the packets
        /// </summary>
        public void StartListening()
        {
            InitializeDriver();

            double downloaded = 0;
            double uploaded = 0;

            //get speed information every second
            Timer t = new Timer(1000);
            t.Elapsed += new ElapsedEventHandler((e, o) =>
            {
                if (downloaded != 0)
                {
                    this.DownloadSpeed = downloaded / 1000;
                    NotifyPropertyChanged("DownloadSpeed");
                    downloaded = 0;
                }

                if (uploaded != 0)
                {
                    this.UploadSpeed = uploaded / 1000;
                    NotifyPropertyChanged("UploadSpeed");
                    uploaded = 0;
                }
            });
            t.Start();

            int i = 0, j = 0, error = 0;
            uint bytesProcessed = 0;
            LOG_INFO logInfo;
            string protocol;

            while (listening)
            {
                uint bytesRead = bufferSize;

                if (NtTdiApi.ReadLogEx(driver, buffer, ref bytesRead))
                {

                    i++;
                    bytesProcessed = 0;

                    for (j = 0; bytesProcessed < bytesRead; j++)
                    {
                        IntPtr currentPtr = new IntPtr(buffer.ToInt32() + bytesProcessed);
                        logInfo = (LOG_INFO)Marshal.PtrToStructure(currentPtr, typeof(LOG_INFO));

                        if(logInfo.m_LocalAddress.m_Ip != 0 && logInfo.m_RemoteAddress.m_Ip != 0)
                        {
                            Packet p = new Packet(logInfo);
                            OnPacketReceived(p);

                            packetBuffer.Add(p);
                            if(packetBuffer.Count == PACKET_BUFFER_SIZE)
                            {
                                var packetsToSave = new Packet[PACKET_BUFFER_SIZE];
                                packetBuffer.CopyTo(packetsToSave);
                                packetBuffer.Clear();

                                ThreadPool.QueueUserWorkItem((a) =>
                                {
                                    lock(serializer)
                                    {
                                        foreach (var packet in packetsToSave)
                                        {
                                            serializer.SerializePacket(packet);
                                        }

                                    }
                                });
                            }

                            totalPackets++;
                            NotifyPropertyChanged("TotalPackets");

                            if (p.PacketDirection == PacketDirection.Downloading)
                            {
                                totalDownloaded += p.Size;
                                downloaded += (ulong)p.Size;
                                NotifyPropertyChanged("TotalDownloaded");
                            }
                            else if (p.PacketDirection ==
                                     PacketDirection.Uploading)
                            {
                                totalUploaded += p.Size;
                                uploaded += (ulong)p.Size;
                                NotifyPropertyChanged("TotalUploaded");
                            }
                        }

                        bytesProcessed += Convert.ToUInt32(Marshal.SizeOf(typeof(LOG_INFO))) + logInfo.m_DataLength;
                    }
                }
                else
                {
                    error = Marshal.GetLastWin32Error();

                    if (error == 122/*ERROR_INSUFFICIENT_BUFFER*/)
                    {
                        bufferSize += 0x1000;
                        buffer = Marshal.ReAllocHGlobal(buffer, new IntPtr(bufferSize));

                        if (buffer == IntPtr.Zero)
                        {
                            throw new Exception(string.Format("Cannot allocate {0} bytes! abort", bufferSize));
                        }
                    }

                    if (NtTdiApi.GetWaitEvent(driver))
                    {
                        NtTdiApi.WaitForData(driver, 0xFFFFFFFF); //INFINITE
                    }
                    else
                    {
                        Thread.Sleep(1000);
                    }
                }

            }
        }
示例#6
0
        /// <summary>
        /// Checks if the packet matches a specified filter
        /// </summary>
        /// <param name="p">the filterign options</param>
        /// <returns>true if the packet matches the filter</returns>
        public bool PacketMatchesFilter(Packet p)
        {
            if(this.Filter.Direction != null
                && this.Filter.Direction != p.PacketDirection)
            {
                return false;
            }

            if(this.Filter.Host != null
                && !p.HostName.Contains(this.Filter.Host))
            {
                return false;
            }

            if(this.Filter.Protocol != null
                && this.Filter.Protocol != p.Protocol)
            {
                return false;
            }

            return true;
        }