以下的代码的原作是opensource的一个叫sniffer.net的,用vb.net写的,这里只是简单的用c#翻译了一下,暂时还只能监控所有数据包,不能监控某一个进程的数据包,代码如下: using System; using System.Text; using System.Net; using System.Net.Sockets; using System.Runtime.InteropServices;
namespace UpdateTester { /**//// <summary> /// Monitor 的摘要说明。 /// </summary> public class Monitor { public delegate void NewPacketEventHandler(Monitor m, Packet p); public event NewPacketEventHandler NewPacket; private Socket m_Monitor; private IPAddress m_Ip; private byte[] m_Buffer = new byte[65535]; private const System.Int32 IOC_VENDOR = 0x18000000; private const int IOC_IN = -2147483648; private const int SIO_RCVALL = IOC_IN ^ IOC_VENDOR ^ 1; private const int SECURITY_BUILTIN_DOMAIN_RID = 0x20; private const int DOMAIN_ALIAS_RID_ADMINS = 0x220;
public System.Net.IPAddress IP { get { return m_Ip; } }
public byte[] Buffer { get { return m_Buffer; } }
public Monitor() { // // TODO: 在此处添加构造函数逻辑 // }
public Monitor(IPAddress IpAddress) { if (!(Environment.OSVersion.Platform == PlatformID.Win32NT) && Environment.OSVersion.Version.Major<5) { throw new NotSupportedException("This program requires Windows 2000, Windows XP or Windows .NET Server!"); } m_Ip = IpAddress; }
public void Start() { if (m_Monitor==null) { try { m_Monitor = new Socket(AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.IP); m_Monitor.Bind(new IPEndPoint(IP, 0)); m_Monitor.IOControl(SIO_RCVALL, BitConverter.GetBytes(1), null); m_Monitor.BeginReceive(m_Buffer, 0, m_Buffer.Length, SocketFlags.None, new AsyncCallback(OnReceive), null); } catch (Exception e) { m_Monitor = null; throw new SocketException(); }
精品推荐