C#底层技术不弱。
操作系统级的socket嵌套字最底层只能拦截到IP包,要拦截含数据链路层的包,需要网卡的绑定与控制.sniffer和防火墙等软件的原理就是这样。
以下是侦听代码:`
using System;
using System.Net;
using System.Net.Sockets;
using System.Text;
namespace WindowsApplication1
{
public class PacketArrivedEventArgs:System.EventArgs
{
public PacketArrivedEventArgs()
{
}
public uint HeaderLength = 0;
public string Protocol = String.Empty;
public string IPVersion = String.Empty;
public string OriginationAddress = String.Empty;
public string OriginationPort = String.Empty;
public string DestinationAddress = String.Empty;
public string DestinationPort = String.Empty;
public uint PacketLength = 0;
public uint MessageLength = 0;
public byte[] ReceiveBuffer = null;
public byte[] IPHeaderBuffer = null;
public byte[] MessageBuffer = null;
}
/// <summary>
/// MyTryRaw 的摘要说明。
/// </summary>
public class MyTryRaw
{
#region Attributes
private static int len_receive_buf; //得到的数据流的长度
private byte [] receive_buf_bytes = null; //收到的字节
private Socket socket = null; //声明套接字
private const int SIO_RCVALL = unchecked((int)0x98000001);//监听所有的数据包
public static bool isStop = false;
public Socket m_socket
{
get
{
return socket;
}
}
#endregion
#region Events
public delegate void PacketArrivedEventHandler(Object sender, PacketArrivedEventArgs args);
public event PacketArrivedEventHandler PacketArrival;
#endregion