/// <summary>
/// Start a network capture
/// </summary>
public static void Start()
{
lock (startingLock)
{
try
{
// Retrieve the device list
devices = CaptureDeviceList.Instance;
// If no devices were found print an error
if (devices.Count < 1)
{
var error = "No devices were found on this machine";
TraceLog.TraceFatal(error);
throw new Exception(error);
}
// if capture is started on all devices, nothing to do
var started = true;
foreach (var dev in devices)
{
if (!dev.Started || !string.IsNullOrEmpty(dev.LastError))
{
started = false;
break;
}
}
if (started)
{
return;
}
// Print SharpPcap version
string ver = SharpPcap.Version.VersionString;
TraceLog.TraceInfo(string.Format("Starting collector with version {0}", ver));
foreach (var device in devices)
{
// reset device if already started
if (device.Started)
{
TraceLog.TraceInfo(string.Format("Stopping {0} {1}", device.Name, device.Description));
device.OnPacketArrival -= new PacketArrivalEventHandler(device_OnPacketArrival);
device.StopCapture();
device.Close();
}
// Register our handler function to the 'packet arrival' event
device.OnPacketArrival +=
new PacketArrivalEventHandler(device_OnPacketArrival);
// Open the device for capturing
int readTimeoutMilliseconds = 1000;
device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
TraceLog.TraceInfo(string.Format("Listening on {0} {1}",
device.Name, device.Description));
// DNS only
string filter = "udp dst port 53";
device.Filter = filter;
// Start the capturing process
device.StartCapture();
}
// get the device ID, and store it if it's not in the config file already
deviceId = ConfigClient.Read(ConfigClient.DeviceId);
if (deviceId == null)
{
deviceId = devices[0].MacAddress.ToString();
ConfigClient.Write(ConfigClient.DeviceId, deviceId);
}
}
catch (Exception ex)
{
TraceLog.TraceException("FATAL: Start caught exception", ex);
throw ex;
}
}
}
