Link to home
Start Free TrialLog in
Avatar of blahb
blahb

asked on

Packet capture with vb .net

Hi,

I'm trying to find a some what simple way to capture and read packets sent on a certain port with visual basic .net, the reading of the packets isn't too important at the moment, the main thing is to capture them. It will be working on a port that is would already in use by a game's server. Can anyone help me out?

Thanks for you time.
Avatar of drichards
drichards
Unfortunately, the game probably won't let you open the port it's using.  If it's all IP traffic, I think you can use raw sockets (use type SOCK_RAW, set the IP_HDRINCL option and bind to port 0) to receive all IP traffic coming into the machine.  Otherwise, you can use something like RawEther .NET (http://www.rawether.net/DotNet/default.htm) or you could use PInvoke with WinPcap (http://winpcap.polito.it/).

If you just want to capture them for viewing, consider Ethereal (www.ethereal.com).  Ethereal lets you apply both capture and view filters so you can look at just the game packets if you want.
Avatar of blahb
blahb

ASKER

Ah i may have put the guestion a little wrong, i just need to be able to monitor and read the incoming packets on the specified ip and port so i can view them. I've seen it done before for the same game, so it can be done =). So basicly it would be a packet sniffer of sorts. I hope you understand what i'm asking, as i'm alittle confused about it all my self.
Avatar of drichards
drichards
Then the easiest thing to do is get Ethereal at http://www.ethereal.com and have at it.  It will capture everything coming into your network adapter, but as I mentioned you can filter at capture time based on TCP or UDP port so only your game packets are captured.  ALternatively, you can capture everything and filter at view time.
Avatar of blahb
blahb

ASKER

Ah, am i wrong in thinking Ethereal is a fully made program it's self? Or components for .net? As i need to do things with the packet data once i've read them. I've done some research and it all seems to be leanding to raw sockets, which you mentioned before to recieve all ip traffic, and from then i could filter through the packets for the ones i need? If so.. do you, or anyone else know(or can write) some example code for doing such a thing?

Thanx again drichards.
Avatar of drichards
drichards
Yes, Ethereal is a sniffer program itself.  Raw sockets can be used if you want to write your own program to look at the game packets (I'm pretty sure anyway - I've only used raw sockets to implement router-like functionality).  As soon as my development computer boots up, I'll post some sample code for you - it's C#, so I'll try to convert to VB.NET for you.
ASKER CERTIFIED SOLUTION
Avatar of drichards
drichards
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of blahb
blahb

ASKER

I see, i'll work through it and see what i can come up with, thanx alot for the code and help, richards. =)
Avatar of drichards
drichards
One note on the code - it only allocates a 1K buffer, so it will exit if a packet is more than 1K.  You can change the buffer size and/or handle the case where the packet is too big and continue capturing.
Avatar of blahb
blahb

ASKER

How would i get the packet data, other than the ip, from the buffer? Or is this even possible?