localhost请求数据包无法被sharppcap识别?

时间:2015-03-11 14:15:08

标签: asp.net asp.net-mvc asp.net-mvc-4 pcap sharppcap

我使用mvc 4进行了asp.net程序。我在iis服务器中部署为localhost;我想跟踪HTTP数据包,所以我使用了SharpPcap。

这是完整的代码...... 

 namespace CaseStudy
 {
 class Program
 {
    static void Main(string[] args)
    {
        var parmenter = SharpPcap.CaptureDeviceList.Instance;

        /*If no device exists, print error */
        if (parmenter.Count < 1)
        {
            Console.WriteLine("No device found on this machine");
            return;
        }

        int i = 0;
        Console.WriteLine("Choose Your Devices :");
        Console.WriteLine("----------------------");
        foreach (PcapDevice dev in parmenter)
        {
            /* Device Description */
            Console.WriteLine("{0}] {1} [MAC:{2}]", i, dev.Interface.FriendlyName, dev.Interface.MacAddress);
            i++;
        }
        Console.WriteLine("----------------------");
        //Extract a device from the list
        int deviceIndex = -1;
        do
        {
            Console.WriteLine("Enter Your Choice :");
            deviceIndex = int.Parse(Console.ReadLine());
        } while (!(deviceIndex < parmenter.Count && deviceIndex >= -1));

        ICaptureDevice device = parmenter[deviceIndex];
        //Register our handler function to the 'packet arrival' event
        //device.PcapOnPacketArrival += new SharpPcap.PacketArrivalEventHandler();
        device.OnPacketArrival += new SharpPcap.PacketArrivalEventHandler(device_OnPacketArrival);
        //Open the device for capturing
        //true -- means promiscuous mode
        //1000 -- means a read wait of 1000ms
        device.Open(DeviceMode.Promiscuous, 1000);
        device.Filter = "ip and tcp";
        Console.WriteLine("-- Listenning on {0}, hit 'Enter' to stop...", device.MacAddress);
        //Start the capturing process
        device.StartCapture();
        //Wait for 'Enter' from the user.
        Console.ReadLine();
        //Stop the capturing process
        device.StopCapture();
        //Close the capturing device
        device.Close();
    }
    private static void device_OnPacketArrival(object sender, CaptureEventArgs e)
    {
        DateTime time = e.Packet.Timeval.Date;
        int len = e.Packet.Data.Length;
        byte[] data = e.Packet.Data;
        //var packet = TcpPacket.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
        //Console.WriteLine(e.Packet.LinkLayerType.ToString());
        Packet pack = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
        if (pack is PacketDotNet.EthernetPacket)
        {
            var eth = pack.Extract(typeof(EthernetPacket)) as EthernetPacket;
            if (len > 100)
            {
                Console.WriteLine("ETHERNET/INTERNET/HTTP PACKET");
                //Console.WriteLine(HttpServerUtility.UrlTokenEncode(eth.Bytes));
                Console.WriteLine("{0}-{1}" , eth.DestinationHwAddress, eth.SourceHwAddress);
                //Console.WriteLine(eth.PayloadPacket.PayloadPacket.PrintHex());
                Console.WriteLine(System.Text.Encoding.UTF8.GetString(eth.Bytes));
            }
        }
        if (pack is PacketDotNet.TcpPacket) { 
            var tcp = pack.Extract (typeof(TcpPacket)) as TcpPacket;
            if (len > 100)
            {
                //Console.WriteLine("[{0}:{1}:{2}:{3}][{4}][{5}]",
                    //time.Hour, time.Minute, time.Second, time.Millisecond,
                    //len, Stringfy.RawPacketToHex(data));
                Console.WriteLine("TCP PACKET");
                Console.WriteLine(tcp.PrintHex());
                //Console.WriteLine(arp.SenderHardwareAddress);
            }
        }
        if (pack is PacketDotNet.InternetPacket)
        {
            var inet = pack.Extract(typeof(InternetPacket)) as InternetPacket;
            if (len > 100)
            {
                //Console.WriteLine("[{0}:{1}:{2}:{3}][{4}][{5}]",
                //time.Hour, time.Minute, time.Second, time.Millisecond,
                //len, Stringfy.RawPacketToHex(data));
                Console.WriteLine("INTERNET PACKET");
                Console.WriteLine(inet.PrintHex());
                //Console.WriteLine(arp.SenderHardwareAddress);
            }
        }
        if (pack is PacketDotNet.IpPacket)
        {
            var ip = pack.Extract(typeof(IpPacket)) as IpPacket;
            if (len > 100)
            {
                //Console.WriteLine("[{0}:{1}:{2}:{3}][{4}][{5}]",
                //time.Hour, time.Minute, time.Second, time.Millisecond,
                //len, Stringfy.RawPacketToHex(data));
                Console.WriteLine("IP PACKET");
                Console.WriteLine(ip.PrintHex());
                //Console.WriteLine(arp.SenderHardwareAddress);
              }
          }
      }
  }
}

此代码捕获远程服务器http数据包,如google,stackoverflow,facebook与我的系统进行通信。

但是我想把我的系统跟踪数据包只作为本地主机。

enter image description here

使用enter image description here

任何人都可以提供帮助吗?请...

1 个答案:

答案 0 :(得分:0)

这是不可能的。

为什么呢? SharpPcap使用WinPcap和WinPcap扩展系统驱动程序以捕获数据包。根据{{​​3}},它不可能捕获loopbackdevice aka localhost。这是Windows的限制,而不是WinPcap。

相关问题
最新问题