突然间,我不知道我做了什么,我的应用程序开始打印出来了:"是一个IP数据包"。
这是否曾经发生在其他人身上?这是我的OnPacketArrival事件的代码:
#region " Global Variables "
public static bool fTCP = true;
public static bool fIP = true;
public static bool fICMP4 = false;
public static bool fICMP6 = false;
public static bool fIGMP = false;
public static bool fPPPoE = false;
public static bool fWOL = false;
public static bool fUDP = false;
public static bool fARP = false;
public static bool fLLDP = false;
static public string f = "";
static public int intro = 0;
static public bool log = false;
static public string logFileLocation = Environment.CurrentDirectory + "\\packetLog.log";
#endregion
private static void device_OnPacketArrival(object sender, CaptureEventArgs e)
{
try
{
var raw_tcp = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var tcp = TcpPacket.GetEncapsulated(raw_tcp);
var raw_ip = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var ip = IpPacket.GetEncapsulated(raw_ip);
var raw_udp = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var udp = UdpPacket.GetEncapsulated(raw_udp);
var raw_icmpv4 = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var icmpv4 = ICMPv4Packet.GetEncapsulated(raw_icmpv4);
var raw_icmpv6 = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var icmpv6 = ICMPv6Packet.GetEncapsulated(raw_icmpv6);
var raw_pppoe = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var pppoe = PPPoEPacket.GetEncapsulated(raw_pppoe);
var raw_lldp = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var lldp = LLDPPacket.GetEncapsulated(raw_lldp);
var raw_wolp = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var wolp = WakeOnLanPacket.GetEncapsulated(raw_wolp);
var raw_igmp = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var igmp = IGMPv2Packet.GetEncapsulated(raw_igmp);
var raw_arp = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
var arp = ARPPacket.GetEncapsulated(raw_arp);
if (udp != null)
{
string hour_tcp = e.Packet.Timeval.Date.Hour.ToString();
string min_tcp = e.Packet.Timeval.Date.Minute.ToString();
string sec_tcp = e.Packet.Timeval.Date.Second.ToString();
string msec_tcp = e.Packet.Timeval.Date.Millisecond.ToString();
int len_tcp = e.Packet.Data.Length;
Console.WriteLine("hr{0}:{1}:{2}:{3} Length={4} p={5} -> {6} Type={7}", hour_tcp, min_tcp, sec_tcp, msec_tcp, len_tcp, udp.SourcePort, udp.DestinationPort, "UDP/Packet");
}
else
{
string hour = e.Packet.Timeval.Date.Hour.ToString();
string min = e.Packet.Timeval.Date.Minute.ToString();
string sec = e.Packet.Timeval.Date.Second.ToString();
string msec = e.Packet.Timeval.Date.Millisecond.ToString();
int len = e.Packet.Data.Length;
Console.WriteLine("hr{0}:{1}:{2}:{3} Length={4}", hour, min, sec, msec, len);
}
}
catch (Exception ex)
{
Console.WriteLine("The following error occured. Please let me know, ASAP!" + Environment.NewLine + ex.Message);
Console.ReadLine();
}
}
static void Main()
{
try
{
CaptureDeviceList devices = CaptureDeviceList.Instance;
if (devices.Count < 1)
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("No devices were found on this machine! :O");
System.Threading.Thread.Sleep(3750);
return;
}
Console.Clear();
Console.WriteLine("----------------------------------------------------");
Console.WriteLine("The following devices are available on this machine:");
Console.WriteLine("----------------------------------------------------");
Console.WriteLine();
// Print out the available network devices
int i = 0;
foreach (ICaptureDevice dev in devices)
{
Console.WriteLine();
Console.WriteLine(" - {0}) {1}\n", i, dev.ToString());
i++;
}
Console.WriteLine();
Console.Write("Please select a device to monitor . . . ");
i = int.Parse(Console.ReadLine());
// Extract a device from the list
ICaptureDevice device = devices[i];
device.OnPacketArrival += new SharpPcap.PacketArrivalEventHandler(device_OnPacketArrival);
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Initializing . . . ");
System.Threading.Thread.Sleep(3750);
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Would you like to set a filter for the packets that are displayed?");
Console.WriteLine();
Console.Write("Yes or No . . . ");
string yn1 = Console.ReadLine();
if (yn1.ToLower() == "yes")
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Select the filter you would like applied:");
Console.WriteLine();
Console.WriteLine();
Console.WriteLine(" -- 1. TCP");
Console.WriteLine(" -- 2. UDP");
Console.WriteLine(" -- 3. IP");
Console.WriteLine(" -- 4. TCP & IP");
Console.WriteLine(" -- 5. TCP & UDP");
Console.WriteLine(" -- 6. IP & UDP");
Console.WriteLine();
Console.WriteLine();
Console.Write("Enter the corresponding number for the filter you wish to activate . . . ");
string p = Console.ReadLine();
if (p == "1")
{
f = "tcp";
}
else if (p == "2")
{
f = "udp";
}
else if (p == "3")
{
f = "ip";
}
else if (p == "4")
{
f = "tcp and ip";
}
else if (p == "5")
{
f = "tcp and udp";
}
else if (p == "6")
{
f = "ip and udp";
}
}
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Would you like to set the capture mode? (If no, default is to" + Environment.NewLine + "capture all traffic.)");
Console.WriteLine();
Console.Write("Please input Yes or No . . . ");
string ynsetcap = Console.ReadLine();
string devmode = "";
int readTimeoutMilliseconds = 1000;
if (ynsetcap == "yes")
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine(" --- 1. Device Mode Promiscuous [a]");
Console.WriteLine(" --- 2. Device Mode Normal [b]");
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Press the corresponding number to set it or the letter for more info.");
Console.Write("Waiting for input . . . ");
devmode = Console.ReadLine();
}
else if (ynsetcap == "no")
{
device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
goto s;
}
if (devmode == "1")
{
device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
}
else if (devmode == "2")
{
device.Open(DeviceMode.Normal, readTimeoutMilliseconds);
}
else if (devmode.ToLower() == "a")
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("The promiscuous Device Mode displays all network traffic. Even traffic" + Environment.NewLine + "that is not intended for the device that is currently being monitored." + Environment.NewLine + "Would you like to set the device to this mode?");
Console.Write("Please input Yes or No . . . ");
string ynsetprom = Console.ReadLine();
if (ynsetprom.ToLower() == "yes")
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Device Mode set to promiscuous!");
device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
System.Threading.Thread.Sleep(3750);
}
else if (ynsetprom.ToLower() == "no")
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Device Mode set to Normal!");
device.Open(DeviceMode.Normal, readTimeoutMilliseconds);
System.Threading.Thread.Sleep(3750);
}
}
else if (devmode.ToLower() == "b")
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("The normal Device Mode displays only network traffic intended" + Environment.NewLine + "for the current device." + Environment.NewLine + Environment.NewLine + "Would you like to set the mode to Normal?");
Console.Write("Please input Yes or No . . . ");
string ynsetnorm = Console.ReadLine();
if (ynsetnorm.ToLower() == "yes")
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Device Mode set to Normal!");
device.Open(DeviceMode.Normal, readTimeoutMilliseconds);
System.Threading.Thread.Sleep(3750);
}
else if (ynsetnorm.ToLower() == "no")
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Device Mode set to Promiscuous!");
device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
System.Threading.Thread.Sleep(3750);
}
}
s:
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine(" --- Listening on {0}, press the 'Enter'" + Environment.NewLine + "key to stop...", device.Description);
if (f.Length > 0)
{
try
{
device.Filter = f;
}
catch (Exception ex)
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("The following error occured: " + ex.Message);
Console.ForegroundColor = ConsoleColor.White;
System.Threading.Thread.Sleep(7500);
}
}
// Start the capturing process
device.StartCapture();
// Wait for 'Enter' from the user.
Console.ReadLine();
// Stop the capturing process
device.StopCapture();
// Close the pcap device
device.Close();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.WriteLine("Capture has stoped and the device stream has been closed." + Environment.NewLine + Environment.NewLine + "Press any key to exit . . .");
Console.ReadLine();
}
catch (Exception ex)
{
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("The following error occured. Please inform me, ASAP!" + Environment.NewLine + ex.Message);
Console.ReadLine();
}
}
以下是输出:http://dl.dropbox.com/u/40671650/wtf.png
对于为什么这样做有任何帮助将不胜感激。
答案 0 :(得分:1)
它来自Packet.Net的IGMPv2Packet解析器:
您的代码:
var igmp = IGMPv2Packet.GetEncapsulated(raw_igmp);
Packet.Net代码:
public static IGMPv2Packet GetEncapsulated(Packet p)
{
if(p is InternetLinkLayerPacket)
{
var payload = InternetLinkLayerPacket.GetInnerPayload((InternetLinkLayerPacket)p);
if(payload is IpPacket)
{
Console.WriteLine("Is an IP packet");
var innerPayload = payload.PayloadPacket;
if(innerPayload is IGMPv2Packet)
{
return (IGMPv2Packet)innerPayload;
}
}
}
return null;
}