我使用原始套接字来捕获传入和传出的UDP数据包。我的代码是这样的:
public void Start() {
if (m_Monitor == null) {
try {
m_Monitor = new Socket(AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.IP);
m_Monitor.Bind(new IPEndPoint(IP, 0));
m_Monitor.IOControl(IOControlCode.ReceiveAll, BitConverter.GetBytes((int)1), BitConverter.GetBytes((int)1));
m_Monitor.BeginReceive(m_Buffer, 0, m_Buffer.Length, SocketFlags.None, new AsyncCallback(this.OnReceive), null);
} catch {
m_Monitor = null;
throw new SocketException();
}
}
}
private void OnReceive(IAsyncResult ar) {
try {
int received = m_Monitor.EndReceive(ar);
try {
if (m_Monitor != null) {
byte[] packet = new byte[received];
Array.Copy(Buffer, 0, packet, 0, received);
OnNewPacket(new Packet(packet));
}
} catch
{
} // invalid packet; ignore
m_Monitor.BeginReceive(Buffer, 0, Buffer.Length, SocketFlags.None, new AsyncCallback(this.OnReceive), null);
} catch {
Stop();
}
}
传入是可以的但是我看不到任何传出的数据包而Wireshark可以(我使用数据包播放器来重放我的旧.pcap记录)。防火墙已关闭。 Windows 10 1709.
主要基于http://www.mentalis.org/soft/projects/pmon/
有什么建议吗?感谢。