Packet capture with vb .net


I'm trying to find a some what simple way to capture and read packets sent on a certain port with visual basic .net, the reading of the packets isn't too important at the moment, the main thing is to capture them. It will be working on a port that is would already in use by a game's server. Can anyone help me out?

Thanks for you time.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Unfortunately, the game probably won't let you open the port it's using.  If it's all IP traffic, I think you can use raw sockets (use type SOCK_RAW, set the IP_HDRINCL option and bind to port 0) to receive all IP traffic coming into the machine.  Otherwise, you can use something like RawEther .NET ( or you could use PInvoke with WinPcap (

If you just want to capture them for viewing, consider Ethereal (  Ethereal lets you apply both capture and view filters so you can look at just the game packets if you want.
blahbAuthor Commented:
Ah i may have put the guestion a little wrong, i just need to be able to monitor and read the incoming packets on the specified ip and port so i can view them. I've seen it done before for the same game, so it can be done =). So basicly it would be a packet sniffer of sorts. I hope you understand what i'm asking, as i'm alittle confused about it all my self.
Then the easiest thing to do is get Ethereal at and have at it.  It will capture everything coming into your network adapter, but as I mentioned you can filter at capture time based on TCP or UDP port so only your game packets are captured.  ALternatively, you can capture everything and filter at view time.
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

blahbAuthor Commented:
Ah, am i wrong in thinking Ethereal is a fully made program it's self? Or components for .net? As i need to do things with the packet data once i've read them. I've done some research and it all seems to be leanding to raw sockets, which you mentioned before to recieve all ip traffic, and from then i could filter through the packets for the ones i need? If so.. do you, or anyone else know(or can write) some example code for doing such a thing?

Thanx again drichards.
Yes, Ethereal is a sniffer program itself.  Raw sockets can be used if you want to write your own program to look at the game packets (I'm pretty sure anyway - I've only used raw sockets to implement router-like functionality).  As soon as my development computer boots up, I'll post some sample code for you - it's C#, so I'll try to convert to VB.NET for you.
Here's an example.  This was 'Sub Main()' from a VB.NET console app.  It captures packets on the desired adapter (my machine is multi-homed so I need to choose - you can just say OK to first message box) and prints out the source and destination IP's.  You can examine the packets as desired.  You'll need to reference System.Windows.Forms dll to run this.

Sub Main()
        Dim he As System.Net.IPHostEntry = System.Net.Dns.GetHostByName(System.Net.Dns.GetHostName())

        Dim sock As System.Net.Sockets.Socket = New System.Net.Sockets.Socket(System.Net.Sockets.AddressFamily.InterNetwork, System.Net.Sockets.SocketType.Raw, System.Net.Sockets.ProtocolType.IP)
        sock.SetSocketOption(System.Net.Sockets.SocketOptionLevel.IP, System.Net.Sockets.SocketOptionName.HeaderIncluded, 1)

        Dim ep As System.Net.IPEndPoint
        Dim bound As System.Boolean = False
        For Each ipAddr As System.Net.IPAddress In he.AddressList
            ep = New System.Net.IPEndPoint(ipAddr, 0)
            If System.Windows.Forms.MessageBox.Show("Use " + ipAddr.ToString() + "?", "Select Adapter", System.Windows.Forms.MessageBoxButtons.YesNo) = System.Windows.Forms.DialogResult.Yes Then
                bound = True
            End If

        If (bound) Then
            Dim inValue() As Byte = BitConverter.GetBytes(1)
            Dim outValue() As Byte = BitConverter.GetBytes(0)
            Dim SIO_RCVALL As Integer = System.Convert.ToInt32(0 - &H67FFFFFF) '//0x98000001);
                Dim data(1024) As Byte
                sock.IOControl(SIO_RCVALL, inValue, outValue)
                Dim addr As System.Net.IPAddress
                While True
                    Dim bytes As Integer = sock.Receive(data)
                    Dim ipAddr As Long = 0 'System.BitConverter.ToUInt32(data, 12)
                    ipAddr = System.Convert.ToInt64(System.BitConverter.ToUInt32(data, 12))
                    addr = New System.Net.IPAddress(ipAddr)
                    System.Console.Write(addr.ToString() + " / ")
                    ipAddr = System.BitConverter.ToInt32(data, 16)
                    ipAddr = System.Convert.ToInt64(System.BitConverter.ToUInt32(data, 16))
                    addr = New System.Net.IPAddress(ipAddr)
                End While
            Catch ex As System.Exception
                System.Console.WriteLine(ex.Message, "Error")
            End Try
        End If
End Sub

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
blahbAuthor Commented:
I see, i'll work through it and see what i can come up with, thanx alot for the code and help, richards. =)
One note on the code - it only allocates a 1K buffer, so it will exit if a packet is more than 1K.  You can change the buffer size and/or handle the case where the packet is too big and continue capturing.
blahbAuthor Commented:
How would i get the packet data, other than the ip, from the buffer? Or is this even possible?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Visual Basic.NET

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.