Recently I completed my network sniffer for the company that I am currently working with.
I want to know:
1. At first, when loading I get all the devices/hostnames on the computer.
IPHostEntry HostEntry = Dns.GetHostEntry((Dns.GetHostName()));
2. For sniffing the socket to capture the packets has to be a raw socket, with the address family being of type internetwork, and protocol being IP.
mainSocket = new Socket(AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.IP);
3. Bind the socket to the selected IP address.
mainSocket.Bind(new IPEndPoint(IPAddress.Parse(TEXT-OF-YOUR-HOST-ENTRY), 0));
4. Set the socket options.
5. Capture outgoing packets to byte[] array.
mainSocket.IOControl(IOControlCode.ReceiveAll, YOUR-TRUE-BYTES, YOUR-OUTGOING-BYTES);
6. Start receiving the packets asynchronously.
mainSocket.BeginReceive(BYTE-DATA, 0, BYTE-DATA-LENGTH, SocketFlags.None, new AsyncCallback(YOUR-RECEIVE-FUNCTION), null);
7. Analyze/Parse the bytes received. And don't forget to call another to BeginReceive so that we continue to receive the incoming packets.
8. Finally for parsing, you can create your own class or using the already invented classes/dlls to study your captured packages.
Thats all I have.
- I hope this helps for someone trying to start some network sniffer in C#.
- I hope that someone shows me the better ways to do this.
- Also is there any chance to edit the packages I captured before they reach their destination?
Thank you for your time.