以下是启动流程的方法:
public class Tshark
{
public int _interfaceNumber;
public string _pcapPath;
Process _tsharkProcess;
public int _packetsCount;
public string _packet;
public string _tsharkPath = @"C:\Program Files\Wireshark\tshark.exe";
public delegate void dlgPackProgress(int progress);
public event dlgPackProgress evePacketProgress;
public Tshark(int interfaceNumber, string pcapPath)
{
_interfaceNumber = interfaceNumber;
_pcapPath = pcapPath;
}
public void startTheCapture()
{
try
{
_tsharkProcess = new Process();
_tsharkProcess.StartInfo.FileName = @"C:\Program Files\Wireshark\tshark.exe";
_tsharkProcess.StartInfo.Arguments = string.Format("-i " + _interfaceNumber);
_tsharkProcess.OutputDataReceived += new DataReceivedEventHandler(process_OutputDataReceived);
_tsharkProcess.StartInfo.RedirectStandardOutput = true;
_tsharkProcess.StartInfo.UseShellExecute = false;
_tsharkProcess.StartInfo.CreateNoWindow = true;
_tsharkProcess.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
_tsharkProcess.Start();
StreamReader myStreamReader = _tsharkProcess.StandardOutput;
while (!myStreamReader.EndOfStream)
{
_packet = myStreamReader.ReadLine();
OnPacketProgress(_packetsCount++);
}
_tsharkProcess.WaitForExit();
}
catch (Exception e)
{
}
}
private void OnPacketProgress(int packet)
{
var handler = evePacketProgress;
if (handler != null)
{
handler(packet);
}
}
public void killProcess()
{
foreach (Process prc in System.Diagnostics.Process.GetProcessesByName("tshark"))
{
prc.Kill();
prc.WaitForExit();
}
}
private void process_OutputDataReceived(object sender, DataReceivedEventArgs arg)
{
string srt = arg.Data; //arg.Data contains the output data from the process...
}
}
从主窗体调用方法startTheCapture():
private void btnStartCapture_Click(object sender, EventArgs e)
{
BackgroundWorker bgWorker = new BackgroundWorker();
bgWorker.WorkerReportsProgress = true;
bgWorker.ProgressChanged += new ProgressChangedEventHandler(bgWSniffer_ProgressChanged);
bgWorker.DoWork += new DoWorkEventHandler(
(s3, e3) =>
{
tshark = new Tshark(2, pcapFilePathSniffer);
tshark.startTheCapture();
tshark.evePacketProgress += new Tshark.dlgPackProgress(
(packet) =>
{
bgWorker.ReportProgress(packet, tshark);
});
});
bgWorker.RunWorkerCompleted += new RunWorkerCompletedEventHandler(
(s3, e3) =>
{
});
bgWorker.RunWorkerAsync();
}
现在这也来自主要形式,我写了ProgressChanged,它应该更新我的gui,但我的问题是这不起作用,我无法理解为什么。
private void bgWSniffer_ProgressChanged(object sender, ProgressChangedEventArgs e)
{
tshark = e.UserState as Tshark;
listBoxPacketsSnifferTab.Text += tshark._packet;
lblPacketsReceived2.Text = tshark._packetsCount.ToString("#,##0");
}
答案 0 :(得分:0)
在DoWorkEventHandler中,在连接evePacketProgress事件处理程序之前调用tshark.StartTheCapture()。
startTheCapture方法阻塞,直到wireshark进程退出,因此在OnPacketProgress中将“忽略”在运行时捕获的任何进度事件,因为没有事件订阅者(handler == null)。
将其更改为:
bgWorker.DoWork += new DoWorkEventHandler(
(s3, e3) =>
{
tshark = new Tshark(2, pcapFilePathSniffer);
//hookup event handler before executing method
tshark.evePacketProgress += new Tshark.dlgPackProgress(
(packet) =>
{
bgWorker.ReportProgress(packet, tshark);
});
tshark.startTheCapture();
});