C# 原始套接字监控本地端口接收的数据
visir 2011-04-19 05:42:18 socket = new Socket(AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.IP);
socket.Bind(new IPEndPoint(IPAddress.Parse(IP), 0)); //绑定套接字
socket.SetSocketOption(SocketOptionLevel.IP, SocketOptionName.HeaderIncluded, true);
byte[] IN = new byte[4] { 1, 0, 0, 0 };
byte[] OUT = new byte[4]{ 0, 0, 0, 0 };
//低级别操作模式,接受所有的数据包,这一步是关键,必须把socket设成raw和IP Level才可用SIO_RCVALL
int ret_code = socket.IOControl(IOControlCode.ReceiveAll, IN, OUT);
IAsyncResult ar = socket.BeginReceive(receive_buf_bytes, 0, len_receive_buf, SocketFlags.None, new AsyncCallback(CallReceive), this);
private void CallReceive(IAsyncResult ar)//异步回调
{
int received_bytes;
received_bytes = socket.EndReceive(ar);
Receive(receive_buf_bytes, received_bytes);
if (KeepRunning) Run();
}
unsafe private void Receive(byte[] buf, int len)
{
byte temp_protocol = 0;
。。。。。。
Receive对得到的数据进行解析, 分析出IP头, 如果不是TCP数据就丢弃, 如果是TCP数据, 对TCP数据进行分析, 发现TCP头中的源地址总是本机, 说明原始套接字只监控了本机发送的TCP数据, 而没有监控到本机接收的TCP数据。
求高手