代码语言
.
CSharp
.
JS
Java
Asp.Net
C
MSSQL
PHP
Css
PLSQL
Python
Shell
EBS
ASP
Perl
ObjC
VB.Net
VBS
MYSQL
GO
Delphi
AS
DB2
Domino
Rails
ActionScript
Scala
代码分类
文件
系统
字符串
数据库
网络相关
图形/GUI
多媒体
算法
游戏
Jquery
Extjs
Android
HTML5
菜单
网页交互
WinForm
控件
企业应用
安全与加密
脚本/批处理
开放平台
其它
【
CSharp
】
检测网络流量
作者:
Dezai.CN
/ 发布于
2012/3/1
/
572
原作是opensource的一个叫sniffer.net的,用vb.net写的,这里只是简单的用c#翻译了一下,暂时还只能监控所有数据包,不能监控某一个进程的数据包
<div>using system; using system.text; using system.net; using system.net.sockets; using system.runtime.interopservices; namespace updatetester { /**//// <summary> /// monitor 的摘要说明。 /// </summary> public class monitor { public delegate void newpacketeventhandler(monitor m, packet p); public event newpacketeventhandler newpacket; private socket m_monitor; private ipaddress m_ip; private byte[] m_buffer = new byte[65535]; private const system.int32 ioc_vendor = 0x18000000; private const int ioc_in = -2147483648; private const int sio_rcvall = ioc_in ^ ioc_vendor ^ 1; private const int security_builtin_domain_rid = 0x20; private const int domain_alias_rid_admins = 0x220; public system.net.ipaddress ip { get { return m_ip; } } public byte[] buffer { get { return m_buffer; } } public monitor() { // // todo: 在此处添加构造函数逻辑 // } public monitor(ipaddress ipaddress) { if (!(environment.osversion.platform == platformid.win32nt) && environment.osversion.version.major<5) { throw new notsupportedexception("this program requires windows 2000, windows xp or windows .net server!"); } m_ip = ipaddress; } public void start() { if (m_monitor==null) { try { m_monitor = new socket(addressfamily.internetwork, sockettype.raw, protocoltype.ip); m_monitor.bind(new ipendpoint(ip, 0)); m_monitor.iocontrol(sio_rcvall, bitconverter.getbytes(1), null); m_monitor.beginreceive(m_buffer, 0, m_buffer.length, socketflags.none, new asynccallback(onreceive), null); } catch (exception e) { m_monitor = null; throw new socketexception(); } } } public void stop() { if (m_monitor!=null) { m_monitor.close(); } m_monitor = null; } public void onreceive(system.iasyncresult ar) { try { int received = m_monitor.endreceive(ar); try { if (m_monitor!=null) { byte[] pkt = new byte[received]; array.copy(buffer, 0, pkt, 0, received); onnewpacket(new packet(pkt, datetime.now)); } } catch(exception e) { throw; } m_monitor.beginreceive(buffer, 0, buffer.length, socketflags.none, new asynccallback(onreceive), null); } catch (exception e) { } } protected void onnewpacket(packet p) { newpacket(this, p); } } } using system; using system.text; using system.net; using system.net.sockets; namespace updatetester { public enum precedence { routine = 0, priority = 1, immediate = 2, flash = 3, flashoverride = 4, criticecp = 5, internetworkcontrol = 6, networkcontrol = 7 } public enum delay { normaldelay = 0, lowdelay = 1 } public enum throughput { normalthroughput = 0, highthroughput = 1 } public enum reliability { normalreliability = 0, highreliability = 1 } public enum protocol { ggp = 3, icmp = 1, idp = 22, igmp = 2, ip = 4, nd = 77, pup = 12, tcp = 6, udp = 17, other = -1 } /**//// <summary> /// packet 的摘要说明。 /// </summary> public class packet { private byte[] m_raw; private datetime m_time; private int m_version; private int m_headerlength; private precedence m_precedence; private delay m_delay; private throughput m_throughput; private reliability m_reliability; private int m_totallength; private int m_identification; private int m_timetolive; private protocol m_protocol; private byte[] m_checksum; private string m_sourceaddress; private string m_destinationaddress; private int m_sourceport; private int m_destinationport; public packet() { // // todo: 在此处添加构造函数逻辑 // } // // public packet(byte[] raw):(byte[] raw, datetime time) // { // packet(raw, datetime.now); // } public packet(byte[] raw, datetime time) { if (raw==null) { throw new argumentnullexception(); } if (raw.length<20) { throw new argumentexception(); } this.m_raw = raw; this.m_time = time; this.m_headerlength = (raw[0] & 0xf) * 4; if ((raw[0] & 0xf) < 5) {throw new argumentexception();} this.m_precedence = (precedence)((raw[1] & 0xe0) >> 5); this.m_delay = (delay)((raw[1] & 0x10) >> 4); this.m_throughput = (throughput)((raw[1] & 0x8) >> 3); this.m_reliability = (reliability)((raw[1] & 0x4) >> 2); this.m_totallength = raw[2] * 256 + raw[3]; if ( ! (this.m_totallength == raw.length)) { throw new argumentexception();} // invalid size of packet; this.m_identification = raw[4] * 256 + raw[5]; this.m_timetolive = raw[8]; m_protocol = (protocol)raw[9]; m_checksum = new byte[2]; m_checksum[0] = raw[11]; m_checksum[1] = raw[10]; try { m_sourceaddress = getipaddress(raw, 12); m_destinationaddress = getipaddress(raw, 16); } catch (exception e) { throw; } if (m_protocol == protocol.tcp || m_protocol == protocol.udp) { m_sourceport = raw[m_headerlength] * 256 + raw[m_headerlength + 1]; m_destinationport = raw[m_headerlength + 2] * 256 + raw[m_headerlength + 3]; } else { m_sourceport = -1; m_destinationport = -1; } } public string getipaddress(byte[] barray, int nstart) { byte[] tmp = new byte[4]; if (barray.length > nstart + 2) { tmp[0] = barray[nstart]; tmp[1] = barray[nstart + 1]; tmp[2] = barray[nstart + 2]; tmp[3] = barray[nstart + 3]; } return tmp[0] + "." + tmp[1] + "." + tmp[2] + "." + tmp[3]; } public int totallength { get { return m_totallength; } } public datetime time { get { return this.m_time; } } public protocol protocol { get { return this.m_protocol; } } public string sourceaddress { get { return this.m_sourceaddress; } } public string source { get { if ( m_sourceport != -1 ) { return sourceaddress.tostring() + ":" + m_sourceport.tostring(); } else { return sourceaddress.tostring(); } } } public string destination { get { if (this.m_destinationport != -1) { return destinationaddress.tostring() + ":" + m_destinationport.tostring(); } else { return destinationaddress.tostring(); } } } public string destinationaddress { get { return m_destinationaddress; } } } } 在主程序里 private monitor[] m_packetmonitors; private arraylist m_packets; private system.windows.forms.statusbar statusbar1; private int m_packetssize; 执行方法中 private void startmonitor() { ipaddress[] hosts = dns.resolve(dns.gethostname()).addresslist; if (hosts.length == 0) { throw new notsupportedexception("this computer does not have non-loopback interfaces installed!");} for (int i=0; i<hosts.length; i++) { } m_packetmonitors = new monitor[1]; m_packets = new arraylist(); m_packetmonitors[0] = new monitor(hosts[0]); // 添加代理,每次有新的packet到时都出发下面哪个动作 m_packetmonitors[0].newpacket+=new monitor.newpacketeventhandler(this.onnewpacket); m_packetmonitors[0].start(); } // 这个方法用于把packet显示到一个地方 private void onnewpacket(monitor m, packet p) { m_packets.add(p); m_packetssize += p.totallength; try { txtlog.text += p.time.tostring()+p.protocol.tostring()+p.source.tostring()+p.destination.tostring()+p.totallength.tostring(); } catch (exception e) { messagebox.show(e.message); } statusbar1.text = string.format("intercepted {0} packet(s) [{1} bytes]", m_packets.count, m_packetssize); } </div>
试试其它关键字
网络流量
同语言下
.
文件IO 操作类库
.
Check图片类型[JPEG(.jpg 、.jpeg),TIF,GIF,BMP,PNG,P
.
机器名和IP取得(IPV4 IPV6)
.
Tiff转换Bitmap
.
linqHelper
.
MadieHelper.cs
.
RegHelper.cs
.
如果关闭一个窗体后激活另一个窗体的事件或方法
.
创建日志通用类
.
串口辅助开发类
可能有用的
.
C#实现的html内容截取
.
List 切割成几份 工具类
.
SQL查询 多列合并成一行用逗号隔开
.
一行一行读取txt的内容
.
C#动态修改文件夹名称(FSO实现,不移动文件)
.
c# 移动文件或文件夹
.
c#图片添加水印
.
Java PDF转换成图片并输出给前台展示
.
网站后台修改图片尺寸代码
.
处理大图片在缩略图时的展示
Dezai.CN
贡献的其它代码
(
4037
)
.
多线程Socket服务器模块
.
生成随机密码
.
清除浮动样式
.
弹出窗口居中
.
抓取url的函数
.
使用base HTTP验证
.
div模拟iframe嵌入效果
.
通过header转向的方法
.
Session操作类
.
执行sqlite输入插入操作后获得自动编号的ID
Copyright © 2004 - 2024 dezai.cn. All Rights Reserved
站长博客
粤ICP备13059550号-3