Holds the connection information of the TCP session
Connection Class Documentation
示例#1
0
        /// <summary>
        /// 
        /// </summary>
        /// <param name="packet"></param>
        private void DispatcherHandler(PcapDotNet.Packets.Packet packet)
        {
            try
            {
                _packetCount++;
                IpV4Datagram ip = packet.Ethernet.IpV4;
                TcpDatagram tcp = ip.Tcp;

                if (tcp == null)
                {
                    Console.WriteLine("No TCP: " + ip.Source.ToString() + "#" + ip.Destination.ToString());
                    return;
                }

                if (IgnoreLocal == true)
                {
                    if (Networking.IsOnIntranet(System.Net.IPAddress.Parse(ip.Source.ToString())) == true &
                        Networking.IsOnIntranet(System.Net.IPAddress.Parse(ip.Destination.ToString())) == true)
                    {
                        return;
                    }
                }

                Connection connection = new Connection(packet);

                if (_dictionary.ContainsKey(connection) == false)
                {
                    PacketReconstructor packetReconstructor = new PacketReconstructor(_outputPath, _maxSize);

                    var parsers = from p in _parsers where p.Type == ParserType.Packet select p;
                    packetReconstructor.SetPacketParsers(parsers.ToList());
                    _dictionary.Add(connection, packetReconstructor);
                }

                _dictionary[connection].ReassemblePacket(packet);

                if (_timestamp == DateTime.MinValue)
                {
                    _timestamp = packet.Timestamp;
                }

                // Only write the data after the user defined period
                if (packet.Timestamp > _timestamp.AddMinutes(BufferInterval))
                {
                    _timestamp = packet.Timestamp;
                    WriteOldSessions(packet);
                }

                if (_packetCount % 10000 == 0)
                {
                    OnMessage("Processed " + _packetCount + " packets...(" + _dictionary.Count + " sessions)");
                }
            }
            catch (Exception ex)
            {
                OnMessage("Error: " + ex.ToString());
                Console.WriteLine(ex);
            }
        }
示例#2
0
        /// <summary>
        /// 
        /// </summary>
        /// <param name="guid"></param>
        /// <param name="dataSize"></param>
        /// <param name="connection"></param>
        /// <returns></returns>
        private Session CreateNewSession(string guid, 
                                         long dataSize, 
                                         Connection connection)
        {
            Session session = new Session(guid);
            session.DataSize = dataSize;
            session.SourceIp = connection.SourceIpNumeric;
            session.SourcePort = connection.SourcePort;

            try
            {
                Country country = _ls.getCountry(connection.SourceIp);
                if (country != null)
                {
                    session.SourceCountry = country.getCode();
                }
            }
            catch (Exception) { }

            session.DestinationIp = connection.DestinationIpNumeric;
            session.DestinationPort = connection.DestinationPort;

            try
            {
                Country country = _ls.getCountry(connection.DestinationIp);
                if (country != null)
                {
                    session.DestinationCountry = country.getCode();
                }
            }
            catch (Exception) { }

            session.TimestampFirstPacket = _dictionary[connection].TimestampFirstPacket;
            session.TimestampLastPacket = _dictionary[connection].TimestampLastPacket;

            return session;
        }